iCloud Archives - More Zonkyness

One of the cool things about “the cloud” is that there are numerous different companies all offering cloud-based storage of one kind or another. You can even get quite a bit of storage for free, and different solutions offer different cool solutions – such as Dropbox where my phone is configured to automatically send photos up to it. And there are plenty of other solutions out there :-

Box
Google Drive (of course you may already be using Google Docs which means you essentially have storage related to that).
SkyDrive (although for some mysterious reason, Microsoft doesn’t supply a Linux client)
iCloud
Wuala
SpiderOak
Ubuntu One – which despite the name, isn’t just for Ubuntu!
And in a note for myself, there’s also SparkleShare which is essentially a DropBox client to talk to your own servers.

Undoubtedly there are a whole ton more, but I think I’ve gotten the “big names” covered. The best strategy is of course to find the one whose client works with all the platforms you use (phone, PC, laptop, etc.), comes with the most free storage, and the cost of getting more storage is the least (in decreasing order of importance). Of course in the real world, you are likely to end up with more than one – simply because it’s tempting to look at the next “new thing” or because you want more cheap storage, or simply because other people insist you use service X.

Now if you use multiple cloud-storage solutions, you have a bit of a problem – different clients offering different functionality, different amounts of storage available, and remembering what you put on which “cloud-disk”. Plus of course there is the interesting problem of security – different providers provide different levels of privacy and operate in different jurisdictions where different laws apply.

Different Clients

Different clients work in different ways with different features. For instance, for a Linux user :-

The Dropbox client seems to work pretty well, but it doesn’t appear in a list of filesystems (i.e. when you type df) so you can’t instantly see how much space is still available, etc. At least not in the standard way.
Box(.net) lacks a Linux client, so you have to hack something together. Perfectly possible for more geeky users, but even for us there is the danger that a hackish solution may suddenly stop working mysteriously. Or rather that is more likely.
Ubuntu One doesn’t seem to work via a filesystem interface at all.
And that seems to be the same with SpiderOak.

It may be different for Windows users (I’m too lazy to check – if anyone wants to submit details, please go ahead), but I doubt it.

Whilst cloud storage providers may offer additional features to differentiate their product, they are all essentially the same as a removable hard disk, usb memory stick, or some other kind of removable storage. Whilst the additional features are very welcome, why should we have to learn a new way of managing storage just because it is out there in the cloud ?

Privacy

There is a great deal of paranoia about storing private data in the cloud with the assumption that creepy organisations such as Google will do something nasty with the data. Well maybe, but the likelihood of Google being that interested in an individual’s data is a little unlikely. Of course just because the cryptogeeks are a little paranoid does not mean they are completely wrong – there are privacy issues involved.

Firstly, Google could be looking at your data to determine things about you that would be of interest to advertisers – to present targeted adverts at you. Which at best can be a little weird.

Next we like to believe that the laws of our country will protect us from someone picking through our personal data. That someone could be the company supplying the storage, or it could be the government in the country where the storage is hosted. That would probably be fine if the storage was restricted to one location where we could be sure that the government protected us, but where is the storage located?

Much of the time the storage is located in foreign jurisdictions where there is no guarantee that any kind of privacy will be respected – especially if a foreign government takes an interest in your data. Don’t forget the laws of say the USA are not designed to protect citizens of any EU country (or visa-versa). There are of course agreements such as the EU Safe Harbour agreement, but it is possible that it does not offer as much protection as assumed – it is not really intended for private individuals choosing to put their own personal data into foreign jurisdictions.

Probably most of us do not have to worry about this sort of thing (although we can choose to), but some may have to be cautious about this sort of thing. Some of us deal with personal data about third parties – sometimes very personal data – and need to consider whether storing such data in the cloud is being appropriately responsible about the data privacy. For example, a contractor who stores information about their clients should be taking actions to ensure that data is not accidentally leaked (or hacked and published).

The easy answer to this problem is to assume that cloud storage is not safe for sensitive personal data, because there is a simple solution to the problem that still allows the cloud to be used. Use encryption such as TrueCrypt to ensure that even if the cloud leaks your data, it is still encrypted with a method that is not known to the cloud provider.

Store It Twice!

There have been occasions where storage providers have removed access to storage either permanently or temporarily – such as the Megauploads site. Whilst it is perhaps unlikely, it is possible for a cloud service provider to disappear and for the customers to lose their data – even if the cloud provider claims that there is some protection against this sort of thing happening. But it could happen, so it is sensible to ensure that if you store data in the cloud, that you should ensure that you have copies of that data elsewhere.

I have an Android phone that automatically uploads photos to Google; you have an iPhone that automatically uploads photos to Apple’s iCloud service. We both want to send photos to a Facebook gallery for some friends.

To solve this problem, we either have to copy photos manually from Google to Facebook, or make use of some special application to do the work for us. But isn’t this the wrong solution to the problem ?

If the different propriety clouds used an open standard for uploading photos, it would be possible to automatically upload to Google from an iPhone, upload to Apple’s iCloud from an Android phone, or … to some new competitor. Or even for those of us who prefer to do our own thing, to our own servers.

As someone who mixes and matches things, I have “islands of data” in different clouds – some photos are uploaded to Facebook (when I can be bothered), some are in Googleland, and some (the ones I regard as the better ones) are uploaded to my own server. And that is just photos; there are also contacts, notes, documents, drawings, etc. None of this can be easily moved from one island to another – sure I could move it manually, but why would I want to do that ? Computers after all are supposed to be good at automation.

This is all down to the convenience of the cloud providers of course – Google makes it easy to use their services and hard to use others because it’s in their interests to do so, Apple is similarly inclined to keep your imprisoned in their “perfumed prison”. And so on.

But it’s all our data and they should make it easy to move our data around. This not only would be useful for us, but less obviously would actually benefit the cloud providers. After all if I find it tricky moving from one online photo gallery “cloud” to another, I’m less inclined to do so.

Making it easier to move cloud data from one provider to another not only means it is easier for a customer to “escape” one proprietary cloud, but it is also easier for a customer of another cloud to move in. And it would not necessarily be that difficult to do – just produce a standardised API that works across multiple different cloud providers, and let the application developers loose.

To a certain extent this is possible right now – for example, Facebook has an API and Twitter has an API and it is possible to produce code to send status updates to both places. But the equivalent to update a Google Plus status does not seem to be available, and combining status updates in one tool just isn’t there as yet – I have a simple script which sits on top of two other tools (and very nicely pops up a window, a text input box, or takes the status on the command line). But with a standardised API, the code would be much easier to write.