People on the Cloud: What Next?
Cloud computing is almost ubiquitous now. It is virtually everywhere, and you have no idea of how many online services you use that are hosted on cloud networks. Cloud computing is hard to define for the layman. Most people really don’t understand what a computer does because they come in all sizes, are used for all purposes, and perform many special functions that may only be required of certain special types of computers. You have kitchen appliances with computer chips in them, automobiles, television sets, wristwatches, cell phones (not just smart phones), and sometimes even indoor or outdoor lighting.
The list of things that use computer technology increases almost daily, and that means the list of computers we use also increases. A cloud network doesn’t just tie many different pieces of equipment together; it gives them ways of cooperating with each other to manage specialized tasks. A cloud network also acts like a huge super computer, creating an opaque platform that allows individual components to fail without bringing down the entire system.
Pros and Cons of Cloud Computing
Although there have been some spectacular cloud failures over the years the technology is very sound and whereas a single hard drive could once take down an entire company’s business operations for hours or days now most business applications can be run on cloud networks where multiple concurrent hard drive failures will hardly matter. That is the advantage of the cloud over the kinds of computers that have powered our government, business, and personal computing tools since the 1940s.
But there are disadvantages to the cloud way of life, too. One of those disadvantages is that the entire cloud system shares security measures. Any bad boys who get into the system may be able to exploit internal protocols to create havoc across all the connected machines. That is, supposedly, how the US and Israeli governments brought down all the centrifuges at an Iranian nuclear processing plant. Networked machines, once connected, trust each other implicitly.
On large networks the administrators know to set up firewalls that restrict access to certain resources, but even in these situations hackers can sometimes find vulnerabilities to exploit. A traditional network functions differently from a cloud network in several ways. The chief difference for consumers may be that the cloud automatically allocates resources from pools of equipment without people having to tell it to do so. This is called “scalability” and it is driving some of the biggest controversies of the modern Internet.
Controversial Uses of Cloud Technology
Have you heard about “Net Neutrality”? Chances are that you believe this has something to do with your personal access to the Internet – that Net Neutrality is somehow intended to give you equal access speeds with everyone else on the Internet. Nothing could be farther from the truth. Net Neutrality is about the capabilities of service vendors and who pays for the resources that they use.
Netflix is the poster child for Net Neutrality. They want to use cloud technology to scale up their services so that they can stream movies, television shows, and other types of media (not yet invented) to anyone, anywhere, without having to worry about whose network resources their content travels over. And they want to do this for free.
But nothing on the Internet is free. Someone has to pay for all the fiber-optic cables that run between data centers and the rest of the Internet. That someone is almost always the end-user, the customer of Internet Service Providers like Comcast, Time Warner, AT&T, and even dial-up providers (yes, some still exist). The deal offered by Net Neutrality advocates is that your access bill should be increased regardless of whether you use the streaming services coming from companies like Netflix. That is not fair to consumers by any measure.
The problem for Internet Service Providers is that they have to guarantee delivery of content to their paying customers. They have no financial incentive to disrupt the flow of that content unless the customers are hurting other customers. But the days of ISPs throttling your access are almost done. Only a small percentage of residential users have to worry about that any more because the ISPs have built additional capacity into their networks.
The problem, however, is that as companies like Netflix scale up their services (delivering more content to more users) the ISPs cannot deliver all that content at the same time. Now they need to build yet more infrastructure. The ISPs want Netflix and other high-volume companies to pay for the additional fiber-optic cable, switching resources, storage devices, data centers, etc. The cost of all this construction can be passed on to Netflix’ customers, saving you and me some money every month if we’re not among those customers.
The way Net Neutrality is structured now, every soft drink you buy would include a fee subsidizing the wino’s alcohol habit down the street. Every loaf of bread you buy would subsidize the caviar that some rich guy on the other side of town is eating. That is the world of Net Neutrality that you and millions of consumers have been taught through propaganda to want.
Net Neutrality Neither Helps Small Business Nor Spurs Innovation
Small companies will not be helped by Net Neutrality because they don’t need all the resources that the big companies do. Until your small startup is using those kinds of resources it doesn’t enter into the Net Neutrality equation. But what Net Neutrality advocates point out is that someone can launch a startup, create a service that becomes really popular, and then scale it up before there is a way to make money to pay for the service.
That is what happens now, without Net Neutrality. Who pays for all the resources? Investors who pile millions of dollars into these companies. Their investments are spent on hiring developers and paying for expensive cloud hosting accounts. The cloud services manage the flow of information out to the Internet and they are heavily invested in the fight for Net Neutrality. They want all consumers everywhere to pay for the cost of building out the Internet so that they can offer cheap cloud hosting (for competitive reasons as well as for profitability).
What no one wants to point to yet is that inevitably cloud computing and Net Neutrality will collide in a huge way. Some of the cloud providers will go out of business or be acquired by other cloud providers. That will, in the end, be the only way to keep scaling up resources because we cannot build the infrastructure fast enough to stay ahead of demand for capacity. And as new companies load up the cloud networks with yet more data to send to consumers for free, the Internet Service Providers have to figure out how to get all that content “to the last mile” (delivered to your home).
True innovation would help solve these problems, not create them. Net Neutrality stifles innovation because it removes some of the challenges that starry-eyed engineers and serial entrepreneurs would otherwise normally have to overcome. And some people feel this is okay, but if the Net Neutrality advocates win then sooner or later people will start demanding regulation over the cloud networks because they will for all intents and purposes become public utilities.
Meanwhile, Cloud Security Is Becoming a Greater Issue
All year long we have heard story after story about major companies being hacked. Just this week JP Morgan announced that malware running on one of its employees’ personal computers managed to get past all their security measures. These measures included use of a Virtual Private Network (VPN) that was supposed to encrypt all traffic between the user and the corporate network. Encrypted Internet connections are supposed to make the Net a safer place. So security experts have been telling us for years.
And yet using HTTPS and other encryption protocols neither prevents hacking nor theft of corporate data (and personal information from millions of consumers). You have to ask how many times a year the average consumer will have to change their debit and credit cards because of all these security break-ins. How the malware got onto the employee’s computer is really a moot point because now virtually any USB-capable device can easily be infected with undetectable malware.
What happened at JP Morgan this year will become more commonplace because there are currently no provisions to counteract this USB exploit that has been uploaded to the Internet by security researchers who want the USB device manufacturers to fix their broken technology. To be sure, within six months to a year we should see new USB devices coming to the market that block this exploit but experts say there is no way to fix all the USB devices (memory sticks, keywords, mouses, computers, printers, etc.) that are already installed across the globe.
How to Fix the USB Security Exploit
Well, there might be one quick (if expensive) way to do this. USB manufacturers can upload software to their Websites that allow consumers to download new firmware to their USB devices. If the USB firmware that is now exploitable can infect other USB devices then that means the firmware CAN be updated.
Short of that, some opportunistic USB engineer may come up with a device that you put on the USB cables to filter any possible malware coming from one device to another. I am sure someone will create a “USB condom” soon. I hope they come up with a better name for that. In the long run, security experts say, the manufacturers need to encode their USB products in a way that prevents the firmware from being updated by unauthorized applications.
Meanwhile, every cloud network on the planet is now at risk. Anyone who walks into one of these data centers with an infected smart phone, smart watch, tablet, laptop, memory stick, printer, or computer could cause an entire data center to become a hub for malware.
Along with USB technology wireless routers are also full of security flaws. Your router can be seized by someone sitting in a vehicle outside your home or office building.
What is worse is that the Chameleon wifi virus is now out in the wild and spreading from wireless router to wireless router; this virus is undetectable and there is no defense against it (except to upgrade router technology).
Any commercial or private data center that uses wireless routers needs to replace them as soon as more secure models because available. And we now know how long it would take them to replace their routers, because in mid-August 2014 the Internet ran out of routing pathways. Most data centers were using obsolete routers that could only handle 500,000 pathways for their customer information requests. That means the routers had to start “forgetting” seldom-used pathways, leading to delays in delivery of information across the world. It took 2-3 weeks for all the data centers to replace those old routers.
With these new exploits in the wild it is reasonable to guess that all the data center routers will have to be replaced again soon, perhaps two times, unless manufacturers can handle all known exploits.
Meanwhile, Consumers Use the Cloud Everyday
If you take pictures and video on your smart phone or tablet you are almost certainly storing them on a cloud somewhere, rather than downloading them to permanent storage you keep at home or work. Permanent storage can be your computer, an external hard drive, or a memory stick. After all, today’s smart phones and tablets are USB-capable and they can communicate with a vast array of devices that probably populate every room in your home or office. Even most modern cards now have USB ports that you can plug mp3 players (or memory sticks) and smart phones into.
If malware can get into the cloud it can also come out of the cloud. In fact, malware comes out of the cloud all the time. Today I administer around 200 Websites. I regularly have to block malicious crawlers coming from major cloud service providers (including Amazon, AT&T, Cloudflare, and others) that are trying to infect those Websites. A lot of malware that consumers inadvertently download from the Internet comes from innocent-looking Websites, browser plugins/extensions, smart phone applications, and any kind of software you can download and install on some Internet-capable device.
So the clouds are already infected. It is only a matter of time before the malware becomes smart enough to figure out that it is inside a cloud data center and starts looking for vulnerabilities that are not protected by all the external-facing security measures. For all we know this is already happening.
And when the malware starts turning cloud data centers into zombies the Internet will enter a new era of security wars unlike anything we have seen before. System engineers may have to figure out how to develop superclouds that interconnect multiple data centers so that fallback procedures can be carried out across the globe. Google already has figured out ways to transfer data securely between its data centers in order to protect terrorist operations (I mean, user privacy) around the globe. Inter-data-center peering technology is already in place; it just needs to evolve to handle major outages. Maybe cloud networking will handle that concern; maybe we’ll have to invest some sort of Galaxy system software that helps data centers work together smoothly and clean each other when they become infected.
