@Peter 39

You don't trust Microsoft? Why, may I ask? Microsoft like to extort money from people, but I can't actually think of any real privacy breaches or personal information landgrabs by them. They’re greedy and lazy, not stupid.

Who would you trust more? Google? The idea is so laughable my sides are hurting. Amazon? Maybe…in all honesty I don’t know much about their track record, but they seem good so far. Who else….Oracle/Sun? They would seem trustworthyish, but just as greedy and lazy as Microsoft.

IBM? HP? Dell? Apple? Sony? Not on my life, methinks. They are greedy AND lack any semblance of anything approaching ethics. If you don’t have ethics, you have a hard time understanding why others might want to keep their data safe.

Microsoft is an evil empire. It’s also the devil we know. Microsoft may try to take all my money…but I can not imagine them selling my data to someone else, nor can I imagine them changing the fundamental structure or formats of their cloud without giving a reasonable amount of warning beforehand. After all, they need to give warning so that their customers can cough up the money to pay for the format change.

With Microsoft I know I will always be able to get my data OFF of their cloud if I need it, and they are the least likely of the bunch to sell my data without telling me. I also suspect they won’t try to “own” my data either.

…but they’ll be bloody expensive.

NOW, will they be RELIABLE to use a cloud service…that’s a whole other ballgame. Personally, I’m not sold on the reliability of ANY cloud service. From a data security standpoint though…I’d trust MS before any of the other contenders.

Who wants whose data?

I might have no respect whatsoever for my uppers here at HP (and 2001-onward at EDS before it), but I would disagree with your characterization of HP, IBM, and Dell (at least the former Perot Systems guys). For Christs' sake between those three alone we run IT for entire divisions of government, military, healthcare, banking, credit card companies - you name it. On any given day you can bet dollars to donuts that your information is passing through at least one system managed by us. We have extremely stringent legal obligations (in the states HIPAA, ITAR, various SEC obligations, just to name a few) requiring us to treat our clients data in an appropriate manner. My guys with government security clearances could go to jail for mishandling data in certain circumstances. That said, we are working hard to trash our old-school professionals (they're expensive after all) with cheap, inexperienced replacements that we pay very poorly (which, IMO, raises the risk of data theft) - but so is everyone else so that's not any sort of differentiator once you get to the big players.

So while Hurd - good riddance - and the rest of the muppets running the show here may be a bunch of slimeballs, the assertion that any reputable IT service provider (both the ones previously mentioned and my friends at ACS/Xerox and CSC) would steal your data or not exercise proper legally mandated controls is ridiculous.

That said, who wants your data... really? Other than the type of information that could be used for fraudulent purposes (credit card numbers, etc) nobody really cares about your correspondence, your spreadsheets, your powerpoints, etc. I remember way back when, talking to a client about an e-mail issue when they got all concerned that I could see their inbox - I had to explain that at their company alone there were 2,500 users that I managed and I had absolutely no time or interest in reading their e-mail. The only companies that really could make use of your crap are... drumroll... the type of companies that have serious data mining capabilities and server ads. Know anyone like that?

Don't get me wrong, the laws around data privacy and protection should be stringent - and content ownership too if that really is an issue. I would tend to say that the biggest issues are data integrity/reliability (will it be there when you need it?), and portability of your data (can you get it back out of the cloud and move it somewhere if you need to?).

At the end of the day, I think we're all going to wind up with a model more or less like the government. The stuff that's trade secret, or highly personal, you're going to wind up keeping under lock and key (where do I sign up for bulletproof encrypted 1 TB thumb drives?) and the rest will either be anonymized/aliased out on the cloud (the stuff maybe I wouldn't like repeated in polite company), or cleaned and sanitized with my name attached.

Also, for the record, ad servicing is what gets you your Yahoo/GMail/Hotmail accounts for free and pays for sites like El Reg too - your trade-off is the cookies on your browser, the ad views and clicks, and in the case of your mail or other free hosted services, you can bet there is an angle there somewhere too. There's no such thing as a free lunch. If the law or your contract with them doesn't bind a company from mining your data to serve ads to you, for example, they're probably already doing it - but be careful what you wish for, if we ban that money making exploitation of the services they're rendering for free you can bet they'll either disappear or we'll have to start paying for them.

/ramble

*where am I, how did I get here, what did I write?

*note to self, turn off the damn laptop after the next all nighter you pull

@AC

The problem is that there is no middle ground. I don't doubt for a second that HP/Dell/IBM/whomever would provide the government, military or fortune 1000 companies with the best in anonymise, encrypted secure and reliable service.

As an individual and sysadmin for an SME, I also have zero double they would sell my soul out from under me. I am small, they are big. They don’t have any incentive to play fair with me: there are no laws to ensure it and in any case the regulators aren’t looking in their direction. If and when laws come about to protect the hoi polloi like myself, it is only AFTER a company has been brutally spanked in public for data loss/theft/selling that I will trust them. Only then will I know the leery eye of the regulator is watching, waiting for them to slip up again.

As for free services…screw ‘em. All of ‘em. I pay mu subscription to Ars Technica. I’d pay my subscription to El Reg as well…if they offered such a service. I would rather pay for the services I use and have my privacy than give Google my soul and have my literature for free. It’s a personal choice. I /like/ my privacy. I don’t think anyone needs to or should know where I am at any given time, what I am doing, thinking, clicking on, searching or what-have-you. Maybe that makes me a luddite, I don’t know.

The problem with the whole cloud thing is the imbalance of power. Even if you had a contract with a cloud service provider (because you pay them,) that contract is A) not going to be weighted in your favour and b) irrelevant anyways because the cloud provider has more lawyers than you have total staff members. The rights of the individual? HA!

Don’t get Government/Large Enterprise service provision mixed up with consumer/SME service provision, sir. They are different worlds. In the consumer/SME segment, corporations like DELL, IBM, HP and more cut every corner they can…and then a few corners they legally can’t.

So give me one good reason I would trust them? I don’t particularly trust Microsoft either, but I certainly trust them more than the alternatives available. The only reason for that is because they have been spanked a few times for anti-competitive and anti-consumer practices. When everyone is watching you…you behave.

@Gamberoni

The key is "without a reasonable amount of warning beforehand." BY this I mean "A few months." They are not going to change the formats behind their cloud overnight such that you walk into work the next day and nothing works. They WILL change the formats to prevent competition, and extort money from you. They WON'T do that in such a way that prevents their customers from adapting in time to extort said money.

As I said; Microsoft is expensive, but I can reasonably trust that they won’t take my data and walk off. I will always be able to get said data, though I will likely have to pay much for the privilege.

@AC

Good intel there. I can't dispute any of it, except to sya that my experience nad my instincts tell me not to trust HP, Dell, IBM or really anyone else to host my stuff in the cloud. You talk about the sprint phone cloning, or exceptional items occurring because of the actions of a few employees that are outside the extant contract. I realise that /most/ actions that might endanger your data are perpetrated by individuals rather than the corporation itself.

…and? Bubba Joe Bob steals my corporate data and sells it to my biggest competitor for two squids and a goat. If this becomes public, or HP/IBM/Dell looses a lawsuit over it then their reputation is on the line. I can sue, but they will ERASE ME FROM EXISTANCE long before that ever gets to court, or anywhere else. David has a contract with Goliath, and Goliath sits at the back of an army of bloodthirsty lawyers carrying shoulder-mounted missile launchers and laughs at the primitive with a sling. David is dead, and has no more lives left. Game over.

You mention the difference between VLANs and firewalls inside the cloud. I won’t debate you for a second that this is an important enterprise distinction. From an SMB standpoint however, it’s really not. I am not exactly worried about other tenants on the cloud hacking my data, since paying off an insider to get at my data is far easier. No matter the technology, the HUMANS involved are the weak links. I have been called paranoid for talking about it before, but in any scenario where the human being involved are essentially untouchable, I get really nervous about dealing with them. In the case of cloud computing, as an SME or consumer…the folks on the other side of the wall are completely inaccessible from either a “run down and taser the bastards” or “send a lawyer at them” standpoint.

This is why my personal domains all go through my personal webserver. It is also why I run my own website, host my own storage and download the media I consume rather than stream it. I am a luddite. I didn’t grow up as part fo the new generation that was raised to “trust in the Google.” I wasn’t raised to believe that corporations like Apple “know what’s best” and “genuinely want what’s best for their customers.” I grew up watching corporations rape and pillage the society I loved until nearly all of the things I held dear about the world were whittled away to the barest shell of their former selves.

In my opinion, people today are willing to sell their privacy, right to choose their elected representatives, and right to hold their various elected representatives accountable for their actions for a pat on the head and a new “limited edition” colour of plastic case for their MP3 player. Given the sheep-like bleating that emerges from individuals and SMEs, the concept of things like class-action suits ever being a threat to a megacorporate is laughable. Depending on the information you propose to put into “the cloud” (and thus in the hands of these untouchable megacorporates,) you are quite literally betting your future (via your personal information) or that of your business on the benevolence of said megacorporate entity.

I just can’t find it within myself to trust any megacorporate. There are those however that I trust significantly less than others.

@Rex Alfie Lee

Which of the megacorporates in IT don't?

Google sells you to advertisers like you where a cheap ten cent whore. They then try the old “if you have nothing to hide, you have nothing to fear” routine.

Apple has such little respect for it's customers it has to wall them into locked gardens whilst charging outrageous prices for faulty and sub-par equipment. Meanwhile, they are trying to sell you like a group of expensive but mindlessly devoted whores so it can cash in on this advertising thing and make themselves into the next Google.

Sony plays the "proprietary format" game even harder than Microsoft...going to far as to install rootkits on you machine via their audio CDs.

Dell sell known bad computers, then RMA them with known bad computers, then deny everything. All the while screwing /millions/ of people over during the Pentium 4 era by accepting bribe money from Intel.

HP sells sub-par equipment to consumers then disclaims any warrantee at the drop of a hat. They also must be selling the sanctified blood of virgins in their ink cartridges because it’s one of the (if not the) most expensive fluids on the planet. Then they spy on everyone, lie to all of their employees right before major cullings and provide such an unbelievably demoralised workforce that their support is beyond abysmal.

IBM has had their middle finger in the air to the entire world. They are famous for viciously using any and every anti-competitive tactic known to man to protect their mainframe monopoly. Right alongside they this have lead the charge to drive down the wages of IT professionals, howling consistently louder than anyone else for the right to export as many jobs as possible to low wage countries whilst importing as many low wage workers to western countries as they can.

This leaves Microsoft, Cisco and Oracle. These companies can rightly be accused of crimes against open source. They are run by soulless, amoral, egotistical greedmongers. They play proprietary games at every turn and have made no bones about the fact their long term business plan involves being “everything IT” and locking you into their homogenised ecosystem. They push out or buy up competition and drive the prices of their products through the roof.

So there we have it; the 800lb gorillas of IT. (Minus some of the Asian corporations like Samsung, etc. who aren’t IT companies per se, but chaebols of which IT is only a small part of their overall business.) Each and every one of these IT goliaths is unabashedly, unreservedly and unrepentantly evil. They would all sell your soul for a bent copper whilst robbing your mother and pillaging your hometown.

The issue at hand wasn’t who was “better” or “more noble” or in some other way “not a gigantic sack of fail.” The question was which corporation, based on past experiences and their business model would I (be most likely to) trust with my data. The answer to this is Microsoft.

The reasons are simple: Microsoft is trying to carve a niche out for themselves; “you own your data, you run your servers, but we can augment them with our cloud architecture if you want.” This is a direct reaction to outfits like Google. It is an attempt to capitalise on the desire for privacy, corporate and personal data ownership that individual and corporations have.

Understand this: I might /possibly/ consider trusting Microsoft with my data only because I fully understand that Microsoft believe they can make a profit securing my data and selling me my privacy. I don’t think that it’s “right,” and I certainly don’t think Microsoft is “good.” I do however think that for so long as they believe that there is money to be made selling privacy to the milled masses, they will be a safer place to store my data than the other contenders.

Which I why I will NEVER, EVER host my data in the cloud. If, of all companies, Microsoft is the best bet for security and privacy of consumer and SME data, then **** THAT NOISE BROTHER.

I’ll build my own servers and host my own data. I may trust Microsoft more than the others to protect my data, but it is still a question of “which scorpion to you believe will let you get farthest across the river before they sting you?”

I don’t trust cloud anything. Not from Google, Apple, HP, Dell, IBM, Sony, Cisco, Oracle, Microsoft or just about anyone else. I *might* be capable of trusting Amazon in the future…but I have to learn a lot more about them first. It’s my data. My location information. My usernames, passwords, files love letters, affairs, plots against Dick Cheney, plans for protests against my government, super-secret patent designs, ideas for a novel/movie, and my next article. It’s my privacy. My /right/ to conduct my affairs without having those affairs snooped on, data mined, sold, “borrowed” by a staff member that “the company disavows all knowledge of” and my further /right/ to conduct those affairs without my government or the rest of the world snooping on all or any of it.

No corporation, regardless of marketing pap, company motto, cult leadership, fancy logo or sales volume has the right to my trust. Trust, especially as regards privacy, must be EARNED. Microsoft have done a lot to lose people’s faith, it’s true. But unlike many, I haven’t ignored the past ten years where they have struggled hard to regain it. They aren’t there yet…but I suspect that one day they will be. They may yet become the beacon of corporate trust, privacy and security.

As I said before: that’d ****ing terrifying.

well siad

When ever Microsoft push out something 'new' I cant help thinking of carpet baggers and snake oil.