SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Cloud Hacking


Cloud Hacking

Author
Message
Steve Jones
Steve Jones
SSC Guru
SSC Guru (224K reputation)SSC Guru (224K reputation)SSC Guru (224K reputation)SSC Guru (224K reputation)SSC Guru (224K reputation)SSC Guru (224K reputation)SSC Guru (224K reputation)SSC Guru (224K reputation)

Group: Administrators
Points: 224543 Visits: 19637
Comments posted to this topic are about the item Cloud Hacking

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
blandry
blandry
Ten Centuries
Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)Ten Centuries (1.4K reputation)

Group: General Forum Members
Points: 1415 Visits: 723
What you are pointing out today, is the axiom that has gotten lost in technology over these last decades, and that is "Just because we can do something, should we do something..."

Just because we can engineer the cloud and make it sound like a great advantage, should we do it? As we are learning, its not such a great idea, and as usual, no one thinks it through - instead, Microsoft and others push the marketing, take your money, and then (and only then) learn why it's not such a great idea.

Imagine how many people today are "hooked" on cell phones and couldn't live without them. In one year (2008-2009) 6,000 Americans lost their lives in traffic deaths involving cell phone use. (Source: NTSB) How many people could YOU see today talking on cell phones while driving? Probably hundreds if you stayed on the road long enough. And consider that it took us eight years to lose 6,000 American lives in a war - and yet in ONE year, this technology killed the same number at home here in the US and you don't see anyone thinking about that and putting away the cell phone while driving.

What has gotten lost is simple: Common Sense. We have bartered that away for "intelligence". Absolutely brilliant people who can invent anything and sell it - without ever thinking about the practical ramifications.

Frankly, I don't blame the criminals and hackers. Granted that their common sense is a bit askew - still, we give them the 'playground' to do their dirty work because WE never think things through and instead, push them out the door to make the almighty buck.

In the end, we get exactly what we deserve for our failure to ask the simple question: "Why?" Sure, we are brilliant and can invent and engineer almost anything, but without asking "Why should we..." we are simply dooming ourselves to exactly what we inevitably get.

There's no such thing as dumb questions, only poorly thought-out answers...
Ron Porter
Ron Porter
SSC Veteran
SSC Veteran (212 reputation)SSC Veteran (212 reputation)SSC Veteran (212 reputation)SSC Veteran (212 reputation)SSC Veteran (212 reputation)SSC Veteran (212 reputation)SSC Veteran (212 reputation)SSC Veteran (212 reputation)

Group: General Forum Members
Points: 212 Visits: 316
Very timely, from my point of view, because I was just discussing with my brother the relationship between technology and unsavory activity.

The first thing we have to remember is that people have been exploiting technology for good and ill since the dawn of man. It doesn't matter whether the stone hammer was first conceived as a tool or a weapon, it was undoubtedly used as both.

The second thing we have to remember is that avoiding a technology because of the potential for misuse also means not being able to exploit that technology for good and useful things. Yes, several thousand deaths per year can be traced to the misuse of cell phones. I wonder, though, how may saved lives can be traced to cell phones, surely not zero! What this tells me is that we have to learn how to manage the use of technologies for greater net benefit.

To the cloud: I'm sure that we can all think of examples where cloud computing and/or storage would be beneficial. Likewise, anybody with a sense of history of even just computers can think of ways to use those same things for nefarious activities.

In my mind, the existence of risk is not a sufficient reason to avoid a technology or activity. We need to have a tolerance for non-zero risk if only because there is no such thing as zero risk. Having identified what risk we can tolerate, we then need to quantify the risk. If that risk is higher than what we can tolerate, then we need to take steps to reduce the risk. In the vast majority of cases, exposure reduction (limited or no involvement) is just one of several ways to reduce the risk. Exposure reduction is also rarely the best way to reduce the risk because it also reduces the potential for gain.

EDIT: I would like to add that we often think of risk only in terms of adopting a technology or engaging in some activity. We also need to consider the risk of not adopting that technology or engaging in that activity. For example, it's obvious that every form of exercise increases the risk of injury compared to not exercising. Except that being fit reduces the risk of injurious falls and the risk of heart attack, etc.
Andrew in WV
Andrew in WV
Mr or Mrs. 500
Mr or Mrs. 500 (569 reputation)Mr or Mrs. 500 (569 reputation)Mr or Mrs. 500 (569 reputation)Mr or Mrs. 500 (569 reputation)Mr or Mrs. 500 (569 reputation)Mr or Mrs. 500 (569 reputation)Mr or Mrs. 500 (569 reputation)Mr or Mrs. 500 (569 reputation)

Group: General Forum Members
Points: 569 Visits: 1376
Now, let's see Microsoft add THIS one to their cloud ad campaign....

--Andrew
Rudy Panigas
Rudy Panigas
Hall of Fame
Hall of Fame (3.8K reputation)Hall of Fame (3.8K reputation)Hall of Fame (3.8K reputation)Hall of Fame (3.8K reputation)Hall of Fame (3.8K reputation)Hall of Fame (3.8K reputation)Hall of Fame (3.8K reputation)Hall of Fame (3.8K reputation)

Group: General Forum Members
Points: 3832 Visits: 1325
I think companies will use cloud computing to off load the security liability. If the data is lost/stolen they can then put the blame on the cloud computing supplier and save themselves from lawsuits.

The same goes for outsourcing IT.

Just my 2 cents worth.

Rudy



TravisDBA
TravisDBA
SSCarpal Tunnel
SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)

Group: General Forum Members
Points: 4514 Visits: 3069
blandry (2/3/2011)
What you are pointing out today, is the axiom that has gotten lost in technology over these last decades, and that is "Just because we can do something, should we do something..."



I have also heard this put another way as well is "Just because we can change something, should we change something..."


My response to that is that in most cases, "Yes, we should, because the path of technology is moving so fast nowadays, it will demand it sooner than you might think anyway..So always be thinking in that direction..." I recently had a senior level IT manager say in a departmental meeting "I don't like changes..." Well, of course I didn't say this but I smiled and thought "Dude, if you don't like change, then you are in the wrong industry... Maybe you need to seriously think about going and selling flowers for a living.." :-D

"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ...:-D"
Ross McMicken
Ross McMicken
SSCommitted
SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)SSCommitted (1.6K reputation)

Group: General Forum Members
Points: 1593 Visits: 2253
Rudy Panigas (2/3/2011)
I think companies will use cloud computing to off load the security liability. If the data is lost/stolen they can then put the blame on the cloud computing supplier and save themselves from lawsuits.

The same goes for outsourcing IT.

Just my 2 cents worth.

Rudy


If the company that loses my data blames the cloud provider, I'm still suing my vendor for being negligent in their choice of provider.

I personally can't see a real use for the cloud for most corporate data that needs any real security. The cloud will be great for outsourcing the data storage and access for things like MSDS databases and other data that isn't proprietary and needs to be accessible to the public.
mar10br0
mar10br0
SSC Veteran
SSC Veteran (270 reputation)SSC Veteran (270 reputation)SSC Veteran (270 reputation)SSC Veteran (270 reputation)SSC Veteran (270 reputation)SSC Veteran (270 reputation)SSC Veteran (270 reputation)SSC Veteran (270 reputation)

Group: General Forum Members
Points: 270 Visits: 351
@Ron Porter: reading the article my thoughts ran exactly as your post (thank you for saving me the time to write it up myself Wink)

@blandry: Please look a bit further than the length of your nose (a Dutch saying, but you probably get the gist of it), as Ron said EVERY idea ever conceived has been used for both good and evil (I believe you can even find ideas conceived for personal gain at the cost of others, then later put to good use by others. I just don't happen to have an example ready out of the top of my head). It doesn't even restrict to humans, opportunism is a universal mechanism of life.
TravisDBA
TravisDBA
SSCarpal Tunnel
SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)SSCarpal Tunnel (4.5K reputation)

Group: General Forum Members
Points: 4514 Visits: 3069
Ross McMicken (2/3/2011)
Rudy Panigas (2/3/2011)
I think companies will use cloud computing to off load the security liability. If the data is lost/stolen they can then put the blame on the cloud computing supplier and save themselves from lawsuits.

The same goes for outsourcing IT.

Just my 2 cents worth.

Rudy


If the company that loses my data blames the cloud provider, I'm still suing my vendor for being negligent in their choice of provider.

I personally can't see a real use for the cloud for most corporate data that needs any real security. The cloud will be great for outsourcing the data storage and access for things like MSDS databases and other data that isn't proprietary and needs to be accessible to the public.



That is a good point Ross, and I never really thought about the lawsuit side of this. It could very well open the flood gates because we have become such a litiginous society anyway.:-D

"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ...:-D"
SQLRNNR
SQLRNNR
SSC Guru
SSC Guru (100K reputation)SSC Guru (100K reputation)SSC Guru (100K reputation)SSC Guru (100K reputation)SSC Guru (100K reputation)SSC Guru (100K reputation)SSC Guru (100K reputation)SSC Guru (100K reputation)

Group: General Forum Members
Points: 100162 Visits: 18616
Security is the biggest concern I would have with the cloud and putting my databases there.



Jason AKA CirqueDeSQLeil
I have given a name to my pain...
MCM SQL Server, MVP


SQL RNNR

Posting Performance Based Questions - Gail Shaw

Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search