Music in the “Cloud”… Just say No

March 31, 2011 at 17:38 | Posted in Privacy/Security, thoughts | Comments Off on Music in the “Cloud”… Just say No
Tags: , , , ,

Since Amazon’s announcement of their “Cloud” based music service (“Cloud Drive”) the blog-o-sphere has been all a buzz with this hot new idea.

Regular readers of my blog will know that I think “Cloud” services are a trap and only good for the person that is offering the service.

This is no exception. Most of these “Cloud” services are charging something like $10/mo for unlimited streaming. It might sound good on the surface but once you think about it you realize that…

  1. You’ll own nothing
  2. Your ability to stream will depend on connectivity.. Your bill will not (you’ll be charged $10/mo whether you could stream or not.)
  3. It is fairly trivial to set up your home computer to offer this same service for free and with all the music you already or will ever own.
  4. These services will most likely insert advertising into the music either now.. Or in the future once people are hooked.
  5. By connecting to their servers to stream your music these companies will be able to track all kinds of information about you.
    1. what you listen to
    2. where you listen from (device and location)
    3. How often you listen
    4. etc

Considering that with less than two hours work you could have exactly this for free why would anyone opt to pay $10/mo. to own nothing, be tracked and profiled, and advertised to. It is just a bad deal all around and people should just say no.

Note: In a future post (soon) I will detail how to set this up for yourself for next to nothing. Certainly for less then $120/year and your privacy

More ‘Cloud’ fun.

December 18, 2010 at 12:42 | Posted in Tech | Comments Off on More ‘Cloud’ fun.
Tags: , , , ,

I’ve been a little too busy to post regularly. Hopefully I’ll be having more time from on.

Despite all the busy, I have managed to continue to expand my ‘Cloud’ server’s functionality. I have recently added both an HTTP cache (Polipo) and a DNS cache (pdnsd). The latter grew out of my playing around with Steve Gibbson’s wonderful DNS Benchmark. I learned from this that my DNS of choice was not the fastest.

Pdnsd is easy to install and with minimal tweaking I had my DNS responces down to around 1ms. A response time that blew any remote DNS server out of the water.

The caching HTTP proxy, Polipo, was added because after watching the web habbits of mysellf and others in the house I realized that large amounts of time and bandwidth were being wasted pulling the same data over and over. So why not cache it locally and save both the bandwidth and lag.

As I got more familiar with Polipo I decided to use it’s ability to filter content to offlload the job of adblocking from my devices to the proxy (since my servers cpu usage tends to float around 4% there is lots of horse power available for blocking). With a little help from adblock2polipo I soon had a working ‘forbbiden’ file and now all devices in my home are ad and tracker free. This is especially nice for devices like the N800 or other hand held devices where adblocking isn’t always available or slows things to a crawl due to the limited processing power.

So now, thanks to my personal cloud, anyone using my wireless connection can enjoy blazingly fast, ad and tracker free browsing on any device. Also since it is trivial to create an SSH tunnel back to my server when I’m out and about. I can browse securely and ad-free from anywhere.

Google’s Cloud Printing… Just Fricking Insane…

April 18, 2010 at 11:24 | Posted in Privacy/Security, thoughts | 6 Comments
Tags: , , , , ,

O.k. people know I’m no fan of Google. In fact I’ve taken great strides to eek out a Google Free life on-line and off. People also know that I think the whole “Cloud” thing is the biggest pile of marketing crap in years, designed to put a nice spin, “oh! its soft! it’s fluffy! it’s free! it’s like a cloud!” on a huge step backwards to a time when people had to pay through the nose for server time to do any computing. “Cloud” is about stripping away your power and autonomy so that the owners of the “cloud” servers can sell it back to you.

This is exactly the case with Google’s cloud printing. They are going to make your life easier.. Or so they say.. and it’ll only cost you.. oh… all your privacy.

The first thing I’d like to clear up is a lot of people are claiming that this will do away with printer drivers and having to install them. If you read the documentation from Google this is plainly not the case, unless you are talking about an (at this point mythical) cloud aware printer. For “legacy” (a.k.a every printer out there today) printers you will not only need to install the drivers you’ll need to install a “proxy” on your computer to make the printer cloud aware. Oh and then you’ll have to leave the computer with the proxy on it powered up and on-line 24/7 if you want to use the print from anywhere anytime functionality.

Still a good deal you say? All that convenient printing and all you had to do was put a Google proxy on your machine and install printer drivers that you would have had to install anyway. Not so, Say I. You have to consider that now everything you print via this “cloud” is flowing through Google’s servers, and you can be 100% sure they will be scanning them and using what they learn to sell ads aimed directly at you. (Oh, and storing the info for who knows how long.)

As witnessed above I have two major problems with this whole idea and one that hasn’t be talked about yet. This takes a local and generally secure activity, printing, and turns it into an on-line and thus potentially insecure activity. It also is completely unnecessary. There already exists a “print from anywhere” over the Internet technology, and Hey, it doesn’t go through Google’s scan everything servers. It’s called “Internet Printing Protocol” and is supported by CUPS out of the box, and readily available on Microsoft machines too. You could set this up almost as easily and have all the joy of a Internet facing printer (including the security concerns). The ONLY reason Google isn’t promoting this is that it doesn’t send the data through their servers.

The third and as yet unmentioned annoyance about all this is that Google is clearly looking to have this technology “embedded” in printers and routers so people will only see the “print from anything anywhere” and not realize the cost in bandwidth, security, and privacy.

“This current requirement is why we are excited about working with the industry to build native support for cloud print services into their printers. We are also hoping some clever folks in the community will build proxies-in-a-box (like routers with print server abilities) so users get all the benefits of the proxy without needing to leave their PC powered on.”

Poor Chrome OS users are going to be bolted into using Google Cloud Printing.

” Google Chrome OS printing

Google Chrome OS will use Google Cloud Print for all printing. There is no print stack and there are no printer drivers on Google Chrome OS!

When users print from a web app that directly integrates with Google Cloud Print, then that works as described earlier with no involvement from Chrome OS. When users are printing a web page that is not making use of Google Cloud Print (such as a boarding pass, movie tickets, a magazine article, etc.), the app that is printing is the Google Chrome browser on Chrome OS. In this case, Google Chrome on Chrome OS is a native app that uses Google Cloud Print and common print dialog. The content to be printed is uploaded to the Google Cloud Print along with the job ticket information and then sent to the printer. More details are in the design document.”

So to sum up. Google Cloud printing:

  • Bad for autonomy (takes something you can do yourself and make you depend on Google for it).
  • Bad for privacy (sends what would other wise have been local data out to the Internet, scans it, stores it, and sends it back again.)
  • Bad for security (sends local data over the internet.Increases your “attack surface” but having the Google print proxy open to the net.).
  • Ignores IPP that offers many of the same features without Google in the middle.

Just plain BAD.

Get you head out of the clouds

November 12, 2008 at 13:25 | Posted in Privacy/Security, Tech | 6 Comments
Tags: , , , ,

This will be a posting on why I, like and others, think this movement to “cloud computing” is a bad idea.

Privacy

Why, for gods sake, why would people willingly had over their sensitive personal documents to some corporation that can then do with it as it pleases? Scan it for key word, so they can advertise to you better, or to see if you are a threat to their business model, etc. Then there is the fact that all this glorious, wonderful, information will be sitting in one pot begging over zealous governments to go snooping. “Hey Google, this is the NSA. We suspect that terrorists might be using Google Docs. We are invoking the Patriot Act. Please hand over all the files stored in the Google Docs servers.” It can happen. The US government already went fishing for search histories a few years back.

Even if you totally trusted your government and large corporations to be completely hands off with all this data. There remains the fact that this huge pool of data will be a big target for malicious hackers. these individuals must be salivating at the thought of millions of files accessible in one place. Not just for the wealth of information, although that would be enough to get them interested. But imagine the possibilities. hack an account, change the password, and then ransom the data back to the owner. Hack an account, deposit illegal materials, call the cops on the owner of the account. hack business accounts and silently watch what goes on selling the important bits to competitors. Write themselves into someones will, or just be a nuisance and corrupt data is a manner that they find humorous. It is just a bad idea to make all your data network accessible.

Fees

Right now, many of these offerings are free. But I suspect that once enough people are on-board and their precious data is tied up in another companies servers we’ll start to see access fees. The companies that are offering to host the cloud aren’t doing it as a civil service. They are doing it because they perceive some way to monetize either your access or your data. Sure, you might say, well if that start then then I’ll pull my data and run.. But then what was the whole point of this cloud exercise.. other then giving some corporation a peek at your data.

a step back to client/server model

This is a conceptual step backwards. This is going back to the old Server/Client way of doing things, just with a shiny new name. This dis-empowers the individual and empowers the corporation. Which brings us to my next point.

Tenuous benefits

I can see few benefits to this “cloud” concept. I don’t see a Utopia of accessibility in this what I see is a world where my data is locked behind proprietary web applications and interfaces and I’m forced to pay a fee every time I want to edit a document, or a monthly fee so my data doesn’t go in the bit bucket when my account runs out. I see a world where a failure of the electrical grid (black out of 2003), failure of some part of the net, or even a DDOS attack on the hosting companies servers means I can’t get at my data.

Most of all I see no reason for it all. Hard drive storage is insanely cheap right now. I can get a 1TB external USB drive for $200. Laptops are cheap portable and powerful, free Peer-to-Peer technologies exist that make data collaboration easy. If I keep my data on my laptop, or my external drive my privacy concerns are hugely reduced. if I host things on a SVN server accessible through a VPN, my colleagues can collaborate on the documents with ease. And still the data is totally in my control and far less susceptible to power failures, etc.

In short, the “cloud” makes data less accessible, less private, less secure, less reliable, and less cost effective. Why, Why, Why would anyone go this route.. unless they have their head stuck in the clouds.

Create a free website or blog at WordPress.com.
Entries and comments feeds.

%d bloggers like this: