Bennett Haselton (born November 20, 1978) is the American founder of Circumventor.com and Peacefire.org, two US-based websites dedicated to combating Internet censorship. Peacefire.org is focused on documenting flaws in commercial Internet blocking programs. Circumventor.com is dedicated to distributing anti-censorship tools to users in countries such as China and Iran, and as of 2011 has over 3 million subscribers through distribution ch
I love that add-on because I keep forgetting I have it installed, then, out of the blue, BAM!, a sentence no longer makes sense but is much more fun: "Hospitals now delivering babies in my butt, film at 11!".
How would a cloud provider assure customers that their data will remain secure if they go bankrupt or just quit the business?
As of now, if a provider tanks, the servers go to the auction house, and in theory, are blanked. However, in reality, there is no assurance of that, and the buyer will get all data stored free and clear. If they wanted to do a multi-terabyte torrent of a failed bank's account and transaction data, they can, and nothing legally could stop them.
There is also the question of how good a job they do with encrypting the data. Who at the cloud company would have the ability to decrypt the data? Are there regular security audits by an outside party who can affirm that the things the cloud company claims are in fact accurate?
It gets even more complicated for enterprise users. What happens when an employee leaves the company? How is access controlled to prevent continued access? What about data that you might possess that you might have received unde
"There is also the question of how good a job they do with encrypting the data."
Most let you manage your own keys. So as long as you have a reasonable key management, it's up to YOU, not the provider.
"Are there regular security audits by an outside party who can affirm that the things the cloud company claims are in fact accurate?"
For the big players, yes. http://aws.amazon.com/complian... [amazon.com]. Also "AWS has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). We undergo annual SOC 1 audits and have been successfully evaluated at the Moderate level for Federal government systems as well as DIACAP Level 2 for DoD systems."
Every one of those compliances requires auditing.
"What happens when an employee leaves the company? How is access controlled to prevent continued access?"
You federate your enterprise IAM with your cloud provider. Most support some form of SAML or OAuth. ADFS (an MS product) supports such things easily. You terminate the employee in your normal system and their IAM account is terminated. Also, you don't give deep credentials to most people but rather wrap them in services. You then stash those credentials in a secret/key server.
"To me, cloud is all smoke and mirrors."
That is because you haven't done the required reading.
If I'm running your OS in a hyper-visor, I can pause the VM and dump the memory. Then I've got your key because the OS loads the key into memory.
Your provider can see your data in the clear. End of Story. Physical hardware is the be's all end's all.
Some things are true across all the big players (I don't know about the government-audited services; I can only imaging there's even more tracking).
If you're running the service, you don't have access to the datacenters, and likely don't even have access to the location of the data centers (the big players all keep exact datacenter locations somewhat secret - they have addresses, but the addresses don't mean much). If you work at the data center, you don't know what any given server is doing. So you don't
PCI compliance is a joke really, I also doubt that AWS does everything that PCI compliance actually says you have to do, because there are contradictory things in there and beside that, do they truly scan all of their data-centres and networks for any 'unauthorised wireless activity', etc.? It's a bunch of smoke and mirrors.
Sure there are parts of the cloud that is free.much of it is via fermium services. If you want enterprise grade cloud services, then it will cost a lotno one thinks it won’t.
I bought about 50 servers from a secured creditor for a tech company that went out of business. Among them where a few servers running mysql, with customer databases intact. The rest included a bunch of web application servers, a git server, etc. In mysql I had about 90 million names, addresses, phone numbers, email addresses, birthdays, user names and passwords ( stored plain text ). No credit card numbers, but enough data to do some bad things with.
I can assure you... no matter what a provider says will h
How would a cloud provider assure customers that their data will remain secure if they go bankrupt or just quit the business?
As of now, if a provider tanks, the servers go to the auction house, and in theory, are blanked. However, in reality, there is no assurance of that, and the buyer will get all data stored free and clear. If they wanted to do a multi-terabyte torrent of a failed bank's account and transaction data, they can, and nothing legally could stop them.
Like, a contract to escrow the cost of the wiping and/or returning of all relevant hardware to the original owner? There are plenty of precedents in contract law to mitigate risk in the case of bankruptcy. Just because you can't think of them doesn't mean they aren't there.
I don't know a single cloud provider that would provide that contract. In other lines of work, there would be a third party escrow company. However, with a cloud provider, since decryption would be needed, the only way to provide any assurance is to have some backend appliances that do encryption and are rented, with a paid deposit that once the rental ceases, all keys are wiped. That way, a bankrupt provider would have all their servers sold, but the encryption appliances would be owned by another party
I don't know a single cloud provider that would provide that contract. In other lines of work, there would be a third party escrow company. However, with a cloud provider, since decryption would be needed, the only way to provide any assurance is to have some backend appliances that do encryption and are rented, with a paid deposit that once the rental ceases, all keys are wiped. That way, a bankrupt provider would have all their servers sold, but the encryption appliances would be owned by another party. Of course, this may not mean much as it might be a fight wresting the leased items from the bankruptcy trustee, but in theory, it helps put at least a layer in place of protection.
However, I don't know any cloud provider who would spend the time and effort to do this, just because the current system of assuring people that "passwords", "encryption", and "firewalls" is good enough.
If you don't care that the data is "gone for good" then a split encryption system is not needed, just a thorough erasure system (which is where an escrowed sum comes into play, to cover the cost of a third party service performing on-site wiping of all hard drives with customer data in the event of bankruptcy). I also do not know of a single cloud provider that does this today, the cost difference at scale of a cloud solution vs a managed hosting solution is not that great, so a company with truly invaluab
Looks like a good read! I am curious if there is any information pertaining to the acceptable use of the cloud in unique IT environments such as healthcare.
The book doesn’t deal with acceptable use per se, as much of acceptable use is determined by the specific user of the cloud.
As I wrote about “almost any security regulation or standard can be met in the cloud. As none of the regulations and standard dictates where the data must specifically reside”.
So if you define what the with acceptable use is and build that into your cloud policy and contract, that would be acceptable.
I have an information for you, that while some spend time architecting, others designerize. You'll have to acclimatizate yourself to how folks vocalizate now. Here, drink a water. (Sigh)
I'm with you on this point, "architecting" is an offence to the English language. In fact/. is highlighting the word as incorrect in the bloody editor.
A search of www.merriam-webster.com returns: the word you've entered isn't in the dictionary. So you are correct, this is not an official English word.
>>Lookif selfie can be a word, why can’t we let architecting in?
Because "selfie" fills a legitimate and objective need, filling a void created by an advancing technology and culture, neatly and succintly describing a "photograph of someone taken by that same someone, intended primarily for social media."
"Architecting" is superfluous, already synonymous with the shorter and more familiar "building" and "designing," and it contains the pompous subtext of equating the skills and efforts of an archi
Until such time that the tech community of the world can and will effectively deal with (i.e. either convince to stop misbehaving or just kill 'em) all the brilliant psychopathic programmers in their mist that create malware and viruses that defraud millions of people, then it is plain madness and criminal negligence to encourage people to entrust their data to some unknown and unmonitored external entity such as the 'cloud'.
Until that time, safe and productive cloud computing is just a fantasy. It's a so
:::entrust their data to some unknown and unmonitored external entity such as the 'cloud'.
Do you really consider Amazon Web Services unknown and unmonitored?
The granularity of what they can report on shows their monitoring capabilities are quite sophisticated.:::Until that time, safe and productive cloud computing is just a fantasy. It's a solution in search of problem. Avoid it.
I think the facts speak for themselves. There are thousands of examples of safe and productive instances of cloud computing,
The main bottleneck of "the cloud" is standards. Unless organizations can easily swap vendors and make their own (optional) backups without hassles, the "cloud" will continue to be a fractured, risky, and messy place.
The problem is that there are no incentives to standardize because service companies don't want the market to become a commodity because commoditization usually eats their profits (at least in the industrialized world) just like it did with PC's. They want you to be locked in to Their Way so th
Mod this up please--this statement right here: "The problem is that there are no incentives to standardize because service companies don't want the market to become a commodity because commoditization usually eats their profits (at least in the industrialized world) just like it did with PC's. They want you to be locked in to Their Way so that you can't leave for competitors." is responsible for most of the competing standards and general "upgrade or die/walled garden" clusterfucks in Tech.
I maintain several cloud based applications. STAY AWAY.
There is no time when "The Cloud" is a good idea. In fact, I'd say it's even worse than "Closed source" software. Because no you not only lose access to the application, you lose access to your data as well. And trust me, the cloud service provider will use that access against you. I have yet to see a contract negotiation with a cloud service provider that didn't eventually devolve into the Cloud threatening to cut off access to the data with no option to export if the user didn't agree to unfavorable terms. This doesn't happen "Sometimes" this happens every time... with multiple vendors. They are very friendly and the rates are cheap at first, but after you've been with them for a few years... Then they start turning the screws. Unless you control "The cloud" yourself, stay very very far away.
the Cloud threatening to cut off access to the data with no option to export if the user didn't agree to unfavorable terms
That's a *very* strong assertion. In fact, it seems like the sort of thing that the courts would stop, hard. It's essentially extortion. It's absolutely the sort of thing that would send customers screaming... and discouraging everyone around them. I find it hard to believe that any reputable cloud service provider would dare risk their business by doing something like that.
That's a *very* strong assertion. In fact, it seems like the sort of thing that the courts would stop, hard. It's essentially extortion. It's absolutely the sort of thing that would send customers screaming... and discouraging everyone around them. I find it hard to believe that any reputable cloud service provider would dare risk their business by doing something like that.
Lost track of number of people who have called in with issues trying to extract data from various providers.
Either they claim they can't do it, provider cut them off and they are screwed or provider feels it necessary to charge a massive fee to extract customers data. Another fine twist is allowing access to data but not in a way it could practically be extracted.
Guessing some of these are cases of you owe us money and we're leveraging whatever we can to force you to pay yet some have specifically mentione
Expecting they would not seek to maximally leverage their position is not a serious option.
Well, as a Googler, I definitely do not expect Google to do anything remotely like this with their cloud offerings. Heck, Google is careful to ensure there are mechanisms for users of their free services to take their data out, and holding someone's data hostage for more money or whatever just runs counter to everything the culture holds important. I don't think Amazon would do it either. Smaller players... I suppose it's possible, but it still seems like bad business on their part.
Will an experienced admin (20+ years *NIX) that's currently using RackSpace (dedicated and cloud) learn anything from this book? It's so hard to tell from this review.
I've been using RackSpace for a few months now and I find that it's not much different than hosting the servers myself except I don't have to deal with things like router/switch configuration and hardware replacements.
:::::Will an experienced admin (20+ years *NIX) that's currently using RackSpace (dedicated and cloud) learn anything from this book? It's so hard to tell from this review.
I think so.:::I've been using RackSpace for a few months now and I find that it's not much different than hosting the servers myself except I don't have to deal with things like router/switch configuration and hardware replacements.
From a hosting and sys admin perspective, it is not a radical difference.
"Most books about cloud computing are either extremely high-level quasi-marketing tomes about the myriad benefits of the cloud without any understanding of how to practically implement the technology under discussion. "
Or....?
You didn't even get your first sentence right, I'm not going to read about the rest of your thoughts.
Listen, I'm a network engineer with over 30 years of experience.
The "cloud" is not a new idea. It's a new buzzword for a very OLD idea. It simply means storing your data on somebody else's servers all under their control.
Its fine for individuals that travel all over the world and don't have access to servers, but if your in a large corporation or a government agency, then you already have servers, already have internet access, and so you have everything you need to establish your own "cloud" at no addition
::::First and foremost, the cloud is not in any way shape or form secure.Any thing you put there is there to share.
It’s as secure as you want to make it.
Many firms that take security seriously use the cloud.:::::Second, it is a buzzword that is used to get gullible suits to think that they can get rid of their IT depatments.
The Cloud Song by Cynthia Sherwood (Sing to the tune of “The Farmer in the Dell”) The puffy, flat, white clouds We call them cumulus Hi-ho-a-cloud-e-oh The puffy, flat, white clouds. The feathery, thin white clouds Are cirrus high in the sky Hi-ho-a-cloud-e-oh The feathery, thin white clouds. The gray and foggy clouds Are stratus low in the sky Hi-ho-a-cloud-e-oh The gray and foggy clouds. The dark and stormy clouds Watch out for nimbus rain Hi-ho-a-cloud-e-oh The dark and stormy clouds.
"The use of Netflix on AWS is well documented. Start here: AWS Case Study: Netflix [amazon.com]"
I was hoping for some diagrams and detailed textual analysis. I read somewhere that Netflix originality went with the 'Cloud' but quality-of-service was so poor, they had to go out and build their own content delivery backend.
All cloud naysayers are by their very definition insane. Ever hear of Amazon? 100% cloud. Over $50B in revenue. What about salesforce.com100% cloud. Over $20B in revenue.
If you don’t believe in the cloudyou are a delusional person.
"I have just one word for you, my boy...plastics."
- from "The Graduate"
Hey, you, get off of my cloud (Score:0)
Re: (Score:0)
I love the Who!
Re: (Score:2)
Re: (Score:0)
now I can't get 99 Luftballons out of my head!!!!
https://www.youtube.com/watch?v=9CnDvtwYn6I
Sorry, corrected link (Score:0)
Hey, you, get off of my cloud (Score:0)
95% of these comments here are from people who know ZERO about the cloud.
just loudmouths and jokes who want to yelp.
WWBHD? (Score:0, Funny)
What would Bennett Haselton do?
Re: (Score:0)
I had to look that one up
http://en.wikipedia.org/wiki/Bennett_Haselton
Bennett Haselton (born November 20, 1978) is the American founder of Circumventor.com and Peacefire.org, two US-based websites dedicated to combating Internet censorship. Peacefire.org is focused on documenting flaws in commercial Internet blocking programs. Circumventor.com is dedicated to distributing anti-censorship tools to users in countries such as China and Iran, and as of 2011 has over 3 million subscribers through distribution ch
Re: (Score:0)
Lurk moar.
Re: (Score:2)
Re: (Score:0)
Lurk moar
A headline that makes my glad to have (Score:0)
the "Cloud to Butt" add-on.
Re: (Score:2)
I love that add-on because I keep forgetting I have it installed, then, out of the blue, BAM!, a sentence no longer makes sense but is much more fun: "Hospitals now delivering babies in my butt, film at 11!".
Re: (Score:0)
u r just a loudmouth...
why don't u add content/value to the conversation.
just stop dragging me down.
One simple question I wish were answered... (Score:4, Interesting)
How would a cloud provider assure customers that their data will remain secure if they go bankrupt or just quit the business?
As of now, if a provider tanks, the servers go to the auction house, and in theory, are blanked. However, in reality, there is no assurance of that, and the buyer will get all data stored free and clear. If they wanted to do a multi-terabyte torrent of a failed bank's account and transaction data, they can, and nothing legally could stop them.
Re: (Score:0)
Any legitimate bank is hosting their own cloud.
Re: (Score:0)
what about illegitimate bank?
Re: (Score:3)
There is also the question of how good a job they do with encrypting the data. Who at the cloud company would have the ability to decrypt the data? Are there regular security audits by an outside party who can affirm that the things the cloud company claims are in fact accurate?
It gets even more complicated for enterprise users. What happens when an employee leaves the company? How is access controlled to prevent continued access? What about data that you might possess that you might have received unde
Re:One simple question I wish were answered... (Score:5, Informative)
"There is also the question of how good a job they do with encrypting the data."
Most let you manage your own keys. So as long as you have a reasonable key management, it's up to YOU, not the provider.
"Are there regular security audits by an outside party who can affirm that the things the cloud company claims are in fact accurate?"
For the big players, yes. http://aws.amazon.com/complian... [amazon.com]. Also "AWS has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). We undergo annual SOC 1 audits and have been successfully evaluated at the Moderate level for Federal government systems as well as DIACAP Level 2 for DoD systems."
Every one of those compliances requires auditing.
"What happens when an employee leaves the company? How is access controlled to prevent continued access?"
You federate your enterprise IAM with your cloud provider. Most support some form of SAML or OAuth. ADFS (an MS product) supports such things easily. You terminate the employee in your normal system and their IAM account is terminated. Also, you don't give deep credentials to most people but rather wrap them in services. You then stash those credentials in a secret/key server.
"To me, cloud is all smoke and mirrors."
That is because you haven't done the required reading.
Re: (Score:0)
"Most let you manage your own keys. So as long as you have a reasonable key management, it's up to YOU, not the provider."
If I'm running your OS in a hyper-visor, I can pause the VM and dump the memory. Then I've got your key because the OS loads the key into memory.
Your provider can see your data in the clear. End of Story. Physical hardware is the be's all end's all.
Re: (Score:3)
If I'm running your OS in a hyper-visor, I can pause the VM and dump the memory. Then I've got your key because the OS loads the key into memory.
Your provider can see your data in the clear. End of Story. Physical hardware is the be's all end's all.
Some things are true across all the big players (I don't know about the government-audited services; I can only imaging there's even more tracking).
If you're running the service, you don't have access to the datacenters, and likely don't even have access to the location of the data centers (the big players all keep exact datacenter locations somewhat secret - they have addresses, but the addresses don't mean much). If you work at the data center, you don't know what any given server is doing. So you don't
Re: (Score:-1)
PCI compliance is a joke really, I also doubt that AWS does everything that PCI compliance actually says you have to do, because there are contradictory things in there and beside that, do they truly scan all of their data-centres and networks for any 'unauthorised wireless activity', etc.? It's a bunch of smoke and mirrors.
Re: (Score:0)
u gots any evidene for your big talk?
the pci board certified 'parts' of amazon.
you take then and build your merchant account from there.
plenty of merchants are pci certified in the amazon cloud.
"the cloud" is not a free service (Score:2)
Most providers of "cloud" services are *not* free. You pay for time, workload, network, storage, etc.
In IaaS (infrastructure as a service) you're basically just renting time/space/bandwidth on someone else's equipment.
Re: (Score:0)
no one ever said the cloud was free.
Re: (Score:0)
Sure there are parts of the cloud that is free.much of it is via fermium services.
If you want enterprise grade cloud services, then it will cost a lotno one thinks it won’t.
Re: (Score:0)
Douglas Adams provided the answer to this in his book "Mostly Harmless", paraphrased like this -
"We won't go bankrupt."
Re: (Score:0)
I bought about 50 servers from a secured creditor for a tech company that went out of business. Among them where a few servers running mysql, with customer databases intact. The rest included a bunch of web application servers, a git server, etc. In mysql I had about 90 million names, addresses, phone numbers, email addresses, birthdays, user names and passwords ( stored plain text ). No credit card numbers, but enough data to do some bad things with.
I can assure you... no matter what a provider says will h
Re: (Score:3)
How would a cloud provider assure customers that their data will remain secure if they go bankrupt or just quit the business?
As of now, if a provider tanks, the servers go to the auction house, and in theory, are blanked. However, in reality, there is no assurance of that, and the buyer will get all data stored free and clear. If they wanted to do a multi-terabyte torrent of a failed bank's account and transaction data, they can, and nothing legally could stop them.
Like, a contract to escrow the cost of the wiping and/or returning of all relevant hardware to the original owner? There are plenty of precedents in contract law to mitigate risk in the case of bankruptcy. Just because you can't think of them doesn't mean they aren't there.
Re: (Score:2)
I don't know a single cloud provider that would provide that contract. In other lines of work, there would be a third party escrow company. However, with a cloud provider, since decryption would be needed, the only way to provide any assurance is to have some backend appliances that do encryption and are rented, with a paid deposit that once the rental ceases, all keys are wiped. That way, a bankrupt provider would have all their servers sold, but the encryption appliances would be owned by another party
Re: (Score:2)
I don't know a single cloud provider that would provide that contract. In other lines of work, there would be a third party escrow company. However, with a cloud provider, since decryption would be needed, the only way to provide any assurance is to have some backend appliances that do encryption and are rented, with a paid deposit that once the rental ceases, all keys are wiped. That way, a bankrupt provider would have all their servers sold, but the encryption appliances would be owned by another party. Of course, this may not mean much as it might be a fight wresting the leased items from the bankruptcy trustee, but in theory, it helps put at least a layer in place of protection.
However, I don't know any cloud provider who would spend the time and effort to do this, just because the current system of assuring people that "passwords", "encryption", and "firewalls" is good enough.
If you don't care that the data is "gone for good" then a split encryption system is not needed, just a thorough erasure system (which is where an escrowed sum comes into play, to cover the cost of a third party service performing on-site wiping of all hard drives with customer data in the event of bankruptcy). I also do not know of a single cloud provider that does this today, the cost difference at scale of a cloud solution vs a managed hosting solution is not that great, so a company with truly invaluab
Re: (Score:2)
That’s a major question and one that every firm needs to address before using the cloud.
There are safeguards you can put in place. You can back-up all cloud data as a start.
There are a lot of articles on the topic. Check this one out as a start: http://spendmatters.com/2013/1... [spendmatters.com]
If you're not using Cloud to Butt (Score:1)
Then you have yet to unlock the full hilarity potential of the internet...
https://chrome.google.com/webs... [google.com]
Re: (Score:0)
Did you install the calvin and hobbes add-on? :)
Sounds like a good read (Score:1)
Re: (Score:2)
The book doesn’t deal with acceptable use per se, as much of acceptable use is determined by the specific user of the cloud.
As I wrote about “almost any security regulation or standard can be met in the cloud. As none of the regulations and standard dictates where the data must specifically reside”.
So if you define what the with acceptable use is and build that into your cloud policy and contract, that would be acceptable.
what happens (Score:-1)
when there is a storm?
Re: (Score:0)
The SANS Internet Storm Center was built just for that - https://isc.sans.edu/
Words (Score:0)
Architecting, "a software", orientate, et al (Score:3)
Re: (Score:2)
Re: (Score:0)
in english...anything can become a word...get off it!
"Architecting" ??? wtf...? (Score:3)
The reviewer does not indicate if the book is written in English, which is relevant because the title clearly is not.
Re: (Score:1)
Re: (Score:2)
A search of www.merriam-webster.com returns: the word you've entered isn't in the dictionary. So you are correct, this is not an official English word.
But its de facto use is seen at:
http://gapp.usc.edu/graduate-p... [usc.edu]
http://aws.amazon.com/training... [amazon.com]
http://www.cs.berkeley.edu/~al... [berkeley.edu]
Lookif selfie can be a word, why can’t we let architecting in?
Re: (Score:3)
>>Lookif selfie can be a word, why can’t we let architecting in?
Because "selfie" fills a legitimate and objective need, filling a void created by an advancing technology and culture, neatly and succintly describing a "photograph of someone taken by that same someone, intended primarily for social media."
"Architecting" is superfluous, already synonymous with the shorter and more familiar "building" and "designing," and it contains the pompous subtext of equating the skills and efforts of an archi
so what (Score:0)
who cares about the grammar....like u word for the university library?
if u r tech...grammar is a has been.
Jennifer Lawrence "knows what the limits" are (Score:0)
So maybe Jennifer Lawrence should write a book, because she "knows what the limits of the cloud are" too!
a solution in search of a problem (Score:2)
Until such time that the tech community of the world can and will effectively deal with (i.e. either convince to stop misbehaving or just kill 'em) all the brilliant psychopathic programmers in their mist that create malware and viruses that defraud millions of people, then it is plain madness and criminal negligence to encourage people to entrust their data to some unknown and unmonitored external entity such as the 'cloud'.
Until that time, safe and productive cloud computing is just a fantasy. It's a so
Re: (Score:2)
:::entrust their data to some unknown and unmonitored external entity such as the 'cloud'.
Do you really consider Amazon Web Services unknown and unmonitored?
The granularity of what they can report on shows their monitoring capabilities are quite sophisticated. :::Until that time, safe and productive cloud computing is just a fantasy. It's a solution in search of problem. Avoid it.
I think the facts speak for themselves. There are thousands of examples of safe and productive instances of cloud computing,
But
Standards Standards Standards (Score:2)
The main bottleneck of "the cloud" is standards. Unless organizations can easily swap vendors and make their own (optional) backups without hassles, the "cloud" will continue to be a fractured, risky, and messy place.
The problem is that there are no incentives to standardize because service companies don't want the market to become a commodity because commoditization usually eats their profits (at least in the industrialized world) just like it did with PC's. They want you to be locked in to Their Way so th
Re: (Score:2)
Re: (Score:2)
Excellent point.
Lack of standardization is one of the biggest problems facing cloud computing.
It’s inevitable a few standards will eventually emerge. But until then, there’s a lot of uncertainty.
Best part, it's free (Score:0)
here https://kickass.to/architecting-the-cloud-design-decisions-for-cloud-computing-service-models-pdf-t8931864.html
Yea no... (Score:5, Interesting)
I maintain several cloud based applications. STAY AWAY.
There is no time when "The Cloud" is a good idea. In fact, I'd say it's even worse than "Closed source" software. Because no you not only lose access to the application, you lose access to your data as well. And trust me, the cloud service provider will use that access against you. I have yet to see a contract negotiation with a cloud service provider that didn't eventually devolve into the Cloud threatening to cut off access to the data with no option to export if the user didn't agree to unfavorable terms. This doesn't happen "Sometimes" this happens every time... with multiple vendors. They are very friendly and the rates are cheap at first, but after you've been with them for a few years... Then they start turning the screws. Unless you control "The cloud" yourself, stay very very far away.
Re: (Score:2)
the Cloud threatening to cut off access to the data with no option to export if the user didn't agree to unfavorable terms
That's a *very* strong assertion. In fact, it seems like the sort of thing that the courts would stop, hard. It's essentially extortion. It's absolutely the sort of thing that would send customers screaming... and discouraging everyone around them. I find it hard to believe that any reputable cloud service provider would dare risk their business by doing something like that.
Re: (Score:2)
That's a *very* strong assertion. In fact, it seems like the sort of thing that the courts would stop, hard. It's essentially extortion. It's absolutely the sort of thing that would send customers screaming... and discouraging everyone around them. I find it hard to believe that any reputable cloud service provider would dare risk their business by doing something like that.
Lost track of number of people who have called in with issues trying to extract data from various providers.
Either they claim they can't do it, provider cut them off and they are screwed or provider feels it necessary to charge a massive fee to extract customers data. Another fine twist is allowing access to data but not in a way it could practically be extracted.
Guessing some of these are cases of you owe us money and we're leveraging whatever we can to force you to pay yet some have specifically mentione
Re: (Score:2)
Expecting they would not seek to maximally leverage their position is not a serious option.
Well, as a Googler, I definitely do not expect Google to do anything remotely like this with their cloud offerings. Heck, Google is careful to ensure there are mechanisms for users of their free services to take their data out, and holding someone's data hostage for more money or whatever just runs counter to everything the culture holds important. I don't think Amazon would do it either. Smaller players... I suppose it's possible, but it still seems like bad business on their part.
Re: (Score:0)
openstack
More details please... (Score:2)
Will an experienced admin (20+ years *NIX) that's currently using RackSpace (dedicated and cloud) learn anything from this book? It's so hard to tell from this review.
I've been using RackSpace for a few months now and I find that it's not much different than hosting the servers myself except I don't have to deal with things like router/switch configuration and hardware replacements.
Re: (Score:2)
:::::Will an experienced admin (20+ years *NIX) that's currently using RackSpace (dedicated and cloud) learn anything from this book? It's so hard to tell from this review.
I think so. :::I've been using RackSpace for a few months now and I find that it's not much different than hosting the servers myself except I don't have to deal with things like router/switch configuration and hardware replacements.
From a hosting and sys admin perspective, it is not a radical difference.
But from a cloud application persp
Either (Score:2)
"Most books about cloud computing are either extremely high-level quasi-marketing tomes about the myriad benefits of the cloud without any understanding of how to practically implement the technology under discussion. "
Or....?
You didn't even get your first sentence right, I'm not going to read about the rest of your thoughts.
Re: (Score:2)
You are correct about my not getting the first sentence right.
With that, don’t let defective sentence stop you from reading a very good book.
Nonsense (Score:0)
Listen, I'm a network engineer with over 30 years of experience.
The "cloud" is not a new idea. It's a new buzzword for a very OLD idea. It simply means storing your data on somebody else's servers all under their control.
Its fine for individuals that travel all over the world and don't have access to servers, but if your in a large corporation or a government agency, then you already have servers, already have internet access, and so you have everything you need to establish your own "cloud" at no addition
Re: (Score:2)
The cloud (Score:2)
Second, it is a buzzword that is used to get gullible suits to think that they can get rid of their IT depatments.
It's not like all this hasn't been proven already.
Re: (Score:2)
::::First and foremost, the cloud is not in any way shape or form secure.Any thing you put there is there to share.
It’s as secure as you want to make it.
Many firms that take security seriously use the cloud. :::::Second, it is a buzzword that is used to get gullible suits to think that they can get rid of their IT depatments.
You do have a good point there.
The Cloud Song (Score:0)
The Cloud Song by Cynthia Sherwood
(Sing to the tune of “The Farmer in the Dell”)
The puffy, flat, white clouds
We call them cumulus
Hi-ho-a-cloud-e-oh
The puffy, flat, white clouds.
The feathery, thin white clouds
Are cirrus
high in the sky
Hi-ho-a-cloud-e-oh
The feathery, thin white clouds.
The gray and foggy clouds
Are stratus
low in the sky
Hi-ho-a-cloud-e-oh
The gray and foggy clouds.
The dark and stormy clouds
Watch out for nimbus
rain
Hi-ho-a-cloud-e-oh
The dark and stormy clouds.
Get this at Super Teacher Wo
The Cloud Song (Score:0)
this is a take off of lucy in the cloud skie with diamonds!
but the beathles didn't have a saas model to write songs...so they just were best!
Pete best!
Naming (Score:2)
Why don't we just call "the cloud" by the name we used for it decades ago?
"Mainframe", that is.
Real world example .. (Score:1)
Re: (Score:2)
The use of Netflix on AWS is well documented.
Start here: http://aws.amazon.com/solution... [amazon.com]
Re: (Score:1)
I was hoping for some diagrams and detailed textual analysis. I read somewhere that Netflix originality went with the 'Cloud' but quality-of-service was so poor, they had to go out and build their own content delivery backend.
Re: (Score:2)
If you start a dialogue with a sales rep at AWS, they have a log of diagrams and detailed technical material they will share.
You can also look around at http://aws.amazon.com/document... [amazon.com], as there is a lot of good technical material there.
All cloud naysayers are by definition insane (Score:0)
All cloud naysayers are by their very definition insane.
Ever hear of Amazon? 100% cloud. Over $50B in revenue.
What about salesforce.com100% cloud. Over $20B in revenue.
If you don’t believe in the cloudyou are a delusional person.