Please create an account to participate in the Slashdot moderation system


Forgot your password?
Cloud Privacy

Your Cloud Provider (Probably) Isn't Spying On You 85

jfruh writes "Last week the CEO ServiceNow made a minor splash by claiming that it was awfully easy for a cloud provider to spy on the data they stored for you or discriminate based on pricing. But while that's possible, in many cases it turns out to be simply not practical enough to be beneficial. Even moves like restoring outages for higher-paying customers first turn out to be more trouble than they're worth."
This discussion has been archived. No new comments can be posted.

Your Cloud Provider (Probably) Isn't Spying On You

Comments Filter:
  • by Anonymous Coward on Monday January 28, 2013 @12:06PM (#42715783)

    My concern isn't that the company as a policy is spying on me, it's the fear that a disgruntled employee would start copying all of the data for their own use.

  • Re:encryption (Score:5, Insightful)

    by hawguy ( 1600213 ) on Monday January 28, 2013 @12:07PM (#42715805)

    The solution which is always repeated is to encrypt any sensitive data.

    If you need to actually use your data at some point, the cloud provider could snoop the data from your virtual machine's RAM. And they could probably find the decryption key to your data somewhere in memory too if they looked hard enough.

  • Re:encryption (Score:2, Insightful)

    by Anonymous Coward on Monday January 28, 2013 @12:10PM (#42715833)

    The whole point of cloud computing is the computing part of it. We do not have any practical fully homomorphic encryption system to date. You just can't reasonably perform computation on encrypted data without decrypting it at some stage.

  • Re:encryption (Score:2, Insightful)

    by Anonymous Coward on Monday January 28, 2013 @12:36PM (#42716189)

    Then why would you need a cloud vm in the first place? Then all you need is just a cloud storage.

  • Re:Priorities (Score:4, Insightful)

    by aaaaaaargh! ( 1150173 ) on Monday January 28, 2013 @12:51PM (#42716337)

    Nobody gives a damn about your data, with good statistical confidence.

    I wouldn't be so sure about that. There are tens of thousands of small high-tech companies with trade secrets that the "cloud" providers would like to gain as customers. From source code to email and customer data such companies have all kinds of valuable data. The solution is, of course, not to put any of this data into the cloud except in fully encrypted form for georedundant backups.

Thus spake the master programmer: "When a program is being tested, it is too late to make design changes." -- Geoffrey James, "The Tao of Programming"