[kbz1960]

OKAY you only lost everything that was on it.

[hornlovah]

snip...If you want to continue believing this is something peculiar to Apple and not just the cost of doing business 'in the cloud' then go for it, you obviously have an axe to grind against Apple in particular but the fact is the phone itself wasn't compromised.

Apple's implementaion of iCloud backup was fundamentaly flawed, and you can't justify it as "the cost of doing business in the cloud." It makes you wonder what the heck they were thinking? Once Apple corrects their password reset policy, iCloud credentials are still stored in the device's keychain unencrypted, so they are there for taking. Steal or hack one device, and "own" all associated devices is just not acceptable.

[SCrid2000]

To all those who don't care about phone security:
https://dl.dropboxusercontent.com/u/...tathought.html

[westcoastit]

Apple's implementaion of iCloud backup was fundamentaly flawed, and you can't justify it as "the cost of doing business in the cloud." It makes you wonder what the heck they were thinking? Once Apple corrects their password reset policy, iCloud credentials are still stored in the device's keychain unencrypted, so they are there for taking. Steal or hack one device, and "own" all associated devices is just not acceptable.

Right, but that wasn't what happened here. What happened here is what you can expect when you have poorly compensated techs working in a call centre with the ability to reset access to private, confidential data -- aka "the cost of doing business in the cloud."

I'm showing my own biases here of course, I don't like the shift to distributed technology in the enterprise because it's fundamentally flawed. That's why I read this story as a damning indictment of cloud technology (and I also hate the term 'cloud') instead of something peculiar to Apple or Amazon. It's what you can expect when you give someone else control over your data.

What happened with the Gizmodo guy isn't all that different than one of my users calling me up and getting me to wipe their BlackBerry, despite me not recognizing the voice and the user not being able to pronounce their own name or give me any details on how or why they needed it done. It's a failing of the service and you can take steps to avoid it but there's always a risk when your data is under someone else's control.

[westcoastit]

To all those who don't care about phone security:
https://dl.dropboxusercontent.com/u/...tathought.html

Kaspersky spots Zeus for BlackBerry ? The Register
You might want to update that.

There have also been malware apps in the past that have harvested contact lists and spammed users, I'm forgetting the name right now but I recall the commotion on CB when people found out about it.

[hornlovah]

I'm showing my own biases here of course, I don't like the shift to distributed technology in the enterprise because it's fundamentally flawed. That's why I read this story as a damning indictment of cloud technology (and I also hate the term 'cloud') instead of something peculiar to Apple or Amazon. It's what you can expect when you give someone else control over your data.

What happened with the Gizmodo guy isn't all that different than one of my users calling me up and getting me to wipe their BlackBerry, despite me not recognizing the voice and the user not being able to pronounce their own name or give me any details on how or why they needed it done. It's a failing of the service and you can take steps to avoid it but there's always a risk when your data is under someone else's control.

Simple two-factor authentication would have stopped the multiple device wipe. A cloud provider can never give up encryption keys they don't possess. Apple's implementation of iCloud is flawed, but it does not mean that all cloud providers require "control over your data," many are happy to provide zero-knowlege storage and retrieval.

[eve6er69]

Having a cloud is convenient I agree but most things are locked on my device that are important since I use a 32GB card.

I am a bit paranoid because in my line of work I see hackers all day. I back up my phone using dm and then transfer the backup to a flash drive secondary backup as well. An extra 30 second step to assure I don't lose my stuff.

Sent from my Bold using Tapatalk

[WES51]

For relatively insignificant material that you would like access to wherever you are and on whatever device you are using the cloud makes sense.

OK, but what insignificant material are we talking about and what amounts?

You can buy 1TB storage for under $100
. Soon the same amount it is going to buy 2TB and so on?

Storing data on the cloud is being marketed as the next step, but in my experience people who fall for cloud storage are usually the same who until recently had aol eMail accounts.

In other words no pro would store anything other than junk on the cloud.

But even if it is junk, why would I want to send my data out in cyberspace where it can be intercepted/captured?

Indeed, there is enough valuable info even in our trash (physical or cyber).

[amazinglygraceless]

OK, but what insignificant material are we talking about and what amounts?

That is really a question that can only be answered by the individual as "significance" is a subjective term.

You can buy 1TB storage for under $100
. Soon the same amount it is going to buy 2TB and so on?

True but how many such devices are portable or as convenient as having to carry no additional media?

Storing data on the cloud is being marketed as the next step, but in my experience people who fall for cloud storage are usually the same who until recently had aol eMail accounts.

In other words no pro would store anything other than junk on the cloud.

Again true and it is pretty much my original argument. I can't speak to the people you have encountered.

even if it is junk, why would I want to send my data out in cyberspace where it can be intercepted/captured?

No one is saying you must or should. Cloud storage is certainly not a one size fits all solution.

Indeed, there is enough valuable info even in our trash (physical or cyber).

Again, no argument except to say that those who understand the gravity of that premise are also proactive enough to mitigate most if not all harm posed by it.

[WES51]

Tons of analysis, but what is your point?

That cloud is more convenient and takes up less space than a tiny little physical storage box?

And what is the expense of that precived advantage of this cloud again?

[hootyhoo]

IMO you are more likely to have your credit card # stolen when you hand your card to the wait staff at a restaurant than you are having it stolen from the cloud.

[hornlovah]

OK, but what insignificant material are we talking about and what amounts?

You can buy 1TB storage for under $100
. Soon the same amount it is going to buy 2TB and so on?

Storing data on the cloud is being marketed as the next step, but in my experience people who fall for cloud storage are usually the same who until recently had aol eMail accounts.

In other words no pro would store anything other than junk on the cloud.

But even if it is junk, why would I want to send my data out in cyberspace where it can be intercepted/captured?

Indeed, there is enough valuable info even in our trash (physical or cyber).

Your experience is very limited, most of the professional people I work with use at least one form of cloud storage daily. It's a matter of carefully researching your providers and taking the necessary steps to secure your data before it is sent to the cloud. Powerful encryption tools are freely available in many countries, and it takes about 2 minutes to set up a TrueCrypt volume that is just not crackable with current technology/computing power (Serpent-Twofish-AES triple cipher cascade, with 6 independent 256-bit keys, and a 61 character pseudo random password). I couldn't care less if someone intercepts these files during transmission or hacks the sever that they are stored on. My data is safe, it's always available, and the cloud fees are minimal.

[Tre Lawrence]

I use the cloud heavily, so it is my responsibility to use it wisely. Thankfully, none of the information shared there is stuff that is not openly available to anyone who wants. Heck, a good portion of our data is linked so people can access it directly.

The ability to access stuff stored from any web-connected portal is priceless, but as AG said, it is not a solution for everyone just yet.

[amazinglygraceless]

Tons of analysis, but what is your point?

That cloud is more convenient and takes up less space than a tiny little physical storage box?

And what is the expense of that precived advantage of this cloud again?

Considering I agreed with most of your points and simply pointed out where I and others differ, your continuing along this strident vein that because cloud storage is useless to you it must be useless period tells me you are not interested in a discussion.

You are interested in being right. You are for your needs. Fortunately the population of the world is not made up of 7 billion yous.

[WES51]

Considering I agreed with most of your points and simply pointed out where I and others differ, your continuing along this strident vein that because cloud storage is useless to you it must be useless period tells me you are not interested in a discussion.

And where do you get that from please? I never said or implied that it was useless. But what I did and DO explicitly imply that it is unsafe.

You are interested in being right. You are for your needs. Fortunately the population of the world is not made up of 7 billion yous.

Oh man, what a great expample. So swimming with the flow is the new cool thing now?

Without having to be right, let me sum it up for you:

If you rely on encryption, you deserve the consequences.

[hornlovah]

And where do you get that from please? I never said or implied that it was useless. But what I did and DO explicitly imply that it is unsafe.
Oh man, what a great expample. So swimming with the flow is the new cool thing now?

Without having to be right, let me sum it up for you:

If you rely on encryption, you deserve the consequences.

Can you articulate an attack, either during transmission or by hacking the cloud storage sever itself, that would compromise an encrypted file like the one I described above? The password itself would be the weakest link, and at 100 trillion guesses per second, it would take 14.06 trillion trillion trillion trillion trillion trillion trillion trillion centuries to exhaust all possibilities. See for yourself: How Big is Your Haystack?

[berry1985]

Personally not a fan of the icloud system. its a good idea but not practical. anything that interfaces with the internet has a chance of being hacked. while firms and companies are learning to make it safer, hackers are learning more and more ways to hack in.

[westcoastit]

Some people also have a duty of care that precludes handing your data (however encrypted) over to a third party. Then there's the whole tangle of international laws and treaties that make giving any American company a little risky, simply from a legally exposed position. PATRIOT Act and privacy laws take a bite out of US cloud business | Ars Technica

For a forum that touts the advantage of BlackBerry's high security it seems a little ironic to see so many defenders of cloud services.

[amazinglygraceless]

For a forum that touts the advantage of BlackBerry's high security it seems a little ironic to see so many defenders of cloud services.

Again, while on balance I agree with part of what you are saying I think you are missing part of what we are saying.

No one is defending cloud service, per se. What we are saying is that used correctly it has it's advantages and the onus for protecting ones data and personal information rest squarely on the user.

Many of of who use cloud storage services fully recognize what should be under our complete and total control and proceed accordingly. While there are a great many who don't I do not think they are represented in this thread, so you are arguing a point (valid as it may be) to people who already get it.

[westcoastit]

Oh, I'm not really arguing I don't think... I use a few difference cloud services in my personal life. I just wanted to clarify why I don't think they're the universal panacea that some people see them as.

Plus as buzzwords go, "the cloud" is grating. It's just a distributed service dammit.

[amazinglygraceless]

Oh, I'm not really arguing I don't think... I use a few difference cloud services in my personal life. I just wanted to clarify why I don't think they're the universal panacea that some people see them as.

Plus as buzzwords go, "the cloud" is grating. It's just a distributed service dammit.

By "arguing" I mean presenting a view not hair on fire ranting and raving

[westcoastit]

By "arguing" I mean presenting a view not hair on fire ranting and raving

It's the internet, I'm so used to every opinion being cranked to 11 that a discussion about minor points barely triggers my argumentative reflex.