Goodbye Privacy. Conventional Security Measures Can Be Neutered By A Careless Programmer

Mike Gualtieri

More and more data is stored online by both consumers and businesses. The convenience of using services such as DropboxBoxGoogle DriveMicrosoft Live Skydrive, and SugarSync is indisputable. But, is it safe? All of the services certainly require a user password to access folders, and some of the services even encrypt the stored files. Dropbox reassures customers, "Other Dropbox users can't see your private files in Dropbox unless you deliberately invite them or put them in your Public folder."

The security measures employed by these file-synching and sharing services are all well and good, but they can be instantly, innocently neutered by a distracted programmer. Goodbye privacy. All your personal files, customer lists, business plans, and top-secret product designs become available for all the world to see. How can this happen even though these services are sophisticated authetication and encryption technologies? The answer: a careless bug introduced in the code.

Below is some Java code I wrote for a fictitious file-sharing service called CloudCabinet to demonstrate how this can happen. Imagine a distracted programmer texting her girlfriend on her iPhone while cutting and pasting Java code. Even non-Java programmers should be able to find the error in the code below.

 

 

Mike Gualtieri
 
 
 
Read more

Amazon’s Cloud Drive Is The First Step To Being A Personal Cloud Ecosystem Player

Frank Gillett

Today, Amazon announced the Amazon Cloud Drive. I think it is the first salvo in a series of steps that will lead Amazon to compete directly for the primary computing platform for individuals, as an online platform, as a device operating system, and as a maker of branded tablets.

Amazon Cloud Drive logo, with puffy arc behind the words

Much of the attention is going to the Amazon Cloud Player, announced at the same time, which enables customers to stream music stored in Cloud Drive – Forrester’s Mark Mulligan blogged about that for Consumer Product Strategists (Amazon Beats Apple and Google to the Locker Room). But the general purpose design of Cloud Drive, combined with the long-term opportunities for personal cloud services, lead to a really interesting set of possibilities and insights into Amazon’s long-term strategy for Vendor Strategists trying to sort out the technologies and players of next-generation personal computing platforms.

Read more