Archive

Posts Tagged ‘Privacy’

It’s all about trust

02/04/2011 Leave a comment

We use computers for a lot of things today. In various forms from the desktop to the “Smartphone“.

At work, at home, for business, for pleasure, for education, for communication.

Never before has there been a single object that centered so much of our daily activity around it, intruded in to so many aspects of our life.

Yet, how many people ever stop to think: “Can I trust my computer?”

How many people even consider such a question as making sense? You trust (or don’t trust) people, but things?

Trouble is, we need to be able to trust our computers, not just to work and do what we need of them, but also to keep our secrets from strangers and protect our wealth from theft.

Most people, be they “simple” users who barely understand how to use their computer, or greatest of hackers who know precisely how everything works and how to make it do anything they want, trust their computers implicitly, to varying degrees.

But a computer is a collection of black boxes of two kinds: hardware and software.

They are “black boxes” for two reasons:

1. The people who produce them do their best to hide from us users what they do and how they work.

2. Majority of users don’t posses the knowledge to understand their workings even if they were revealed to them.

Number two is a matter for separate discussion, but as for reason number one: It can and should be avoided!

And this is why I use Free Software and open hardware whenever possible.

This way I can be as certain as possible that my computer (tablet / smartphone / thingamajig) does exactly what it promises and is under my control and not someone else’s.

The skeptics among you will probably say: “You couldn’t possibly read and evaluate every single line of code of every application you use, let alone go over schematics of your hardware.”

And that is true. But, I don’t need to. It is enough for me to know that my phone’s bootloader is not locked or encrypted which means I can update or replace my phone’s OS at any time.

It is enough for me to know that I do not have any “Treacherous computing” features in my PC which could lock me out of my own data at any moment.

Most important, I know my OS and its developers do not, and never will treat me as a thief.

I know this, because the code (and some of the specs) are out in the open. Because they are constantly inspected by thousands of eyes, and  because, people and companies that are involved in making these products are interested in making money by providing solutions, rather then just trying to extract it as best they can by providing a product which they continue to control even after you supposedly purchased it.

And, of course, I do not have to rely on this knowledge blindly. When true need arises, I can go and expect the source, or consult people I trust to look in to the guts of the thing and tell me if it’s safe and reliable.

Now, before you recommend that I put on a tin foil hat, consider this growing list of examples where people’s computers betrayed them, at the whim of their true masters:

And this list can, and probably will keep growing as long as people use closed, proprietery software running on locked devices.

As seen from the last example, even if a large part of your system is Free, as in the case of Android, a single crucial application like the Android Market which is not Free, can take your freedom away.

And next time, it may not be about a book or a feature for geeks, or some music CDs. It may be your life’s work that goes missing, a crucial report for work or school, precious family films or photographs that can not be recreated.

I am glad I found out about about free software before I suffered any such loss.

Free Software is not just about price or ideology or a way for developers to get their hands on some code. It’s about your freedom and security!

I trust the software I use, do you?

Trusted Computing from lafkon on Vimeo.

Advertisements
Categories: Rants Tags: , ,

Welcome back to the 70’s!

08/12/2010 Leave a comment

Google has finally started a pilot program for netbooks (mini-laptops) running the long awaited (by some) Chrome OS.

Sadly, there aren’t many details about the hardware itself, and the only 3 things we know for sure are:

  1. It has 12 inch screen
  2. It has WiFi n and 3G connectivity
  3. It weighs nearly 2kg! (3.8 pounds which is 1.72kg to be precise)

But there is more to this than just another netbook that strides the border between mini and regular laptops.

Google hails it’s Chrome OS as a new paradigm in computing where “your browser is your OS”. To quote the introduction page: “It runs web-based applications, not legacy PC software.”

To me, this statement is funny, in fact, it appears to be an oxymoron.

I was born in to the PC era. My first computer was 100MHz Pentium 586, and though it still had a turbo button by some archaic standards it might as well have been a “super computer”.

In fact, it was top of the line for home PCs at the time it was purchased.

Technology moved on quickly, so today, you are unlikely to find a smartphone which has a processor slower than 500MHz.

This was the promise of the “Age of the PC”: That any one can get his own computer powerful enough to do whatever the user needed on its own.

Play games, listen to music, watch movies, edit documents – you did not need to rely on anyone.

Most people who are not geeks probably do not know this today, but back before the personal computers hit mass market during the mid 80’s things were very different.

In the 70’s and early 80’s computers were still huge and so expansive that only large organizations such as universities and corporations could own them. To use a computer back then one would use a “terminal” – a dumb screen with a keyboard that connected to the actual computer over some sort of network.

Though several people could use the computer from different terminals at the same time, each user would still get very limited (even by standards of that time) resources allocated to his account.

Each user got certain amount of storage space for his files, certain amount of memory for his programs to use and certain amount of “cpu time” to run his programs.

For nontechnical people reading this (if there are any) think of this as the limits on your email accounts: you can only send attachments of certain size, and you can only keep so much mail in your inbox before it becomes full.

Now imagine that your computer is not really yours: other people are using it, and you have to wait for them to leave enough free resources for you to be able to use it.

This is why personal computers where such a big deal for many people – they could finally use a computer and do what they wanted or needed without “standing in line” or “asking permission” from anyone.

And now, this is the “future” Google is promising us with Chrome OS.

Return from the personal computer to the mainframe and dumb terminal architecture of the 70’s.

Of course, there are are advantages to the “cloud” approach:

  • Doesn’t matter where you are: since all of your data and programs you need are “in the cloud” (on some remote Internet server) it does not matter if you have your laptop with you or if you are at your desktop. You can access them from any suitable device as long as it has an Internet connection.
  • No maintenance – forget installing software of dealing with viruses: since your computer does virtually nothing except receive and send information to and from the net there’s nothing to do but turn it on.
  • Your data is safer – some people will argue that huge corporation like Google or Amazon has better backup facilities than the average computer user, and that their servers are better protected against hackers than your home PC, so you should trust them with all your precious files.

But looking at these supposed benefits, you can see that each of them hides several very real dangers:

  • If you can access your files from anywhere, so can anyone who happens to get their hands on your username and password. You may not care if someone gets the photos of your cat, but what about some naughty pictures from your bedroom or your company’s latest financial strategy document?
  • No control. When all your data and all the programs you use to manipulate this data are on someone else’s server they are under their control. What if the company you are relying on to provide your cloud computing account suddenly goes out of business? What if they decide not to provide service to your country due to export restrictions, or what if they just lock your account because of a clerical error or because someone decided you violated some terms of use?
    Even worse: what if they suddenly change account settings and expose documents you wanted to remain private? This has happed to Facebook users and with Google Buzz.
    And what about the applications you use? If they are in the cloud your choice is limited to what your cloud provider gives you. If your provider decides your can only use brand X of document editor, than you will be forced to use only that brand, and if the provider suddenly decides to switch to brand Y? Go with it or change providers (good luck moving all your data and keeping it intact).
  • Putting all your eggs in one basket. Yes, huge server farms that big corporations own are usually very sturdy. They have UPS, backups, dedicated technicians and all kinds of other goodies, but in the end, even they fail. Yes, even the mighty Google has outages. Also, the bigger the server (or farm) the more attractive target it is for hackers. And that means it will get hit much more and with much bigger force than some Jon Doe’s personal computer.
    If something happens to your PC and it stops working you can usually use your laptop, or your work computer or, in worst case scenario barrow your friends computer to finish whatever you need to finish urgently. But with all computing done in the cloud, once the cloud goes down, all computers go down.

To me personally, the lack of control and privacy that comes with cloud computing makes it completely unacceptable as an absolute replacement for the desktop.

There are uses of the cloud that are acceptable to me, and which I believe are unavoidable for an average person:

I trust my personal mail to gmail, because I do not know how to setup and run properly configured email server. Even if I did, I am not sure I would have the time to do a good enough job to keep it properly secure and not fall in to some spammers hands.

I also use Google docs and Picasa for images and documents I need to make publicly available. Since there is no privacy concern here, I don’t mind surrendering them.

And of course, I use worldpress.com for this blog, because I am certainly not about to setup my own installation of world press.

But all these uses are very far from the future Google and some others are planning for us.

With storage devices getting ridiculously huge in capacity and ever smaller in physical size (did you know you can get 32GB of storage on microSD the size of your thumbnail?), and the rest of computer hardware still becoming more powerful and cheaper at the same time, while Internet bandwidth continuing to be limited and expansive (in certain countries much more than in others) I hope most people will think twice before embracing this “futuristic” idea from way back in the 1970’s

Categories: Rants Tags: , , , ,