As more and more of our lives move into the cloud, it's likely that outages and problems will become more crippling despite likely being less frequent. In other words, I have no doubt that the ubiquity and reliability of on-line storage will continue to grow, but with so many more people, devices, and services relying on the Internet, any problems that do crop up will be extremely inconvenient, if not devastating.
For lay-people, it's interesting to see the inner workings of the Internet. While I did know that Amazon had quietly become one of the major players in the storage and hosting business, I didn't know that some of my favorite websites relied so heavily on the company's services. Even companies in direct competition with parts of Amazon (like Netflix) use Amazon's storage services. In the same way it's good to know where your money goes and where your stuff comes from, I think it's important to know where your data comes from and where it goes.
Ultimately, the outage was a relatively benign lesson in the necessity of proper redundancy as well as the need to be flexible when things go south. Both Amazon and the affected companies were fairly forthright and responsive in regards to addressing the problems.
The same can't be said for Sony.
I write this having just finished calling my credit card companies to order new cards, check recent purchase history, and place fraud alerts. Unfortunately, this is a familiar dance, and I know all the steps. Crime is inevitable and I realize the idea of a completely safe system is a fantasy. Still, Sony's performance over the past few days has been both disappointing and worrying. Sony has already failed in providing security; they're now failing to provide transparency.
Six days after it pulled the plug on their entire network, Sony has finally seen fit to admit what many folks suspected: users' personal information has been compromised. As Ben Kuchera put it: "Sony's security has failed in a spectacular fashion, and we're just now finding out about it. In both practical and PR terms, this is a worst-case scenario."
There's very little we can do at this point about the security breach except play defense against potential fraud and start asking questions that might help us in the future. For example: Why did it take Sony so long to come forward with the information? Why hasn't Sony sent a mass email to all of its customers detailing the situation? I know they have my email address. If I weren't on Twitter or reading video game websites, I'd have no idea that my data was stolen.
How does Sony store sensitive information and why was so much of it vulnerable to attack? Are services like Xbox Live and Steam architecturally similar to PSN? In the past, I've complained about how tedious it is to input my billing information every time I want to buy something on WiiWare, but perhaps that extra step was a blessing in disguise?
As far as on-line data is concerned, we've reached the point of no return: our lives will only become more entwined with the Internet in the coming years. If this past week is any indication, we need to be prepared for "the cloud" to take on a more literal meaning; our data might float tranquilly across the Internet most of the time, but when it rains, it pours.
No comments:
Post a Comment