Defending The Kingdom

Of course, investigators would have been equally stymied by limited evidence crimes involving non-twins before DNA analysis was possible, but our expectations are higher now:

Saved by their indistinguishable DNA, identical twins suspected in a massive jewelry heist have been set free. Neither could be exclusively linked to the DNA evidence.

I expect a lot more of this sort of thing in the next couple of years. But that doesn’t mean you should completely shun cloud computing.

Security is not a switch

As always, the decision to use Google Docs or any other cloud service is not made by asking, “Do security dangers exist?” Rather, you should ask, “Is the mix of benefits and security risks for cloud computing more or less attractive than the mix of risks and benefits involved in keeping all of my files on my laptop?”

Keeping all of your files on your own storage media is attractive in several ways. You have complete control over your files, and you can’t lose them or lose control over access rights unless you make a mistake (fail to back-up your files, fail to encrypt your files, fail to prevent someone from stealing your hard disk, etc.).

But some mistakes are pretty tough to prevent. Consider the situation where you are typing on your laptop in a cafe, and someone grabs and dashes with your laptop. Suddenly, you’ve lost all the files you haven’t backed up, and you’ve lost control over everything you haven’t encrypted.

Floating on a cloud

If you had been working on one document among many that is hosted in a cloud, the dasher would probably just get access to whatever he could click on in the time it would take you to change the password to your account. (That seems true as long as the website in question requires the old password to by typed in before a new password can be created.) Not a great position to be in, but cloud computing comes off looking okay, especially if you aren’t the type who encrypts every file stored on his hard drive (and who is?).

The tradeoff is that you have to trust that the cloud computing company is better at backing up your files and preventing unwanted access than you would be. But what happens when their servers get hacked, a disgruntled employee sabotages data, the company gets acquired, or the company goes out of business? Your data in each of those situations is in danger.

It will be interesting to see how cloud computing develops and how popular it becomes. So far, it seems that most people prefer to keep important files on their own computers, but that may change.

The Defending the Kingdom eBook is now just $4. It neatly encapsulates all the best advice found on this site, plus a bit more!

The information on this website will always be free, but I’m betting that many of the 7,000 readers of this site will find it more convenient to get all the best tips in a single book rather than having to search through the 70+ posts in the archive.

However you get your security advice, thanks for reading and making this site a success!

(P.s. Want a free taste of the eBook? Check out the first 5 pages.)

From Wired News blog Threat Level:

Bringing what he sees in the world to ToorCon, infamous security expert Beetle says that the web community — and hackers — are missing the point and mis-estimating the dangers of the web.

The danger lies not in government monitoring, that’s been thoroughly recognized and railed against, Beetle says. It’s what we’re willing to let people do to our stuff so we can get it for free. Google’s autoscrubbing our searches for words to sell us stuff in the future is more dangerous to our privacy and future than pointless government monitoring, he says.

Do people understand the dangers and accept them? Or do they underestimate the dangers, and so never have a chance to work out the costs and benefits?

Merry Christmas, Defending the Kingdom readers!

There are now almost 5,000 of you, which is great. If you are looking for coverage of a specific security topic in 2008, leave a comment - I might just write about it.

Take care,

Ian