Bob La Quey wrote:
There are many many ways, tried and true, both old and new to send
the occasional secure message without calling attention to oneself.
Surely you know this.
Sure but putting a letter in an envelope or using GPG are very easy. The
other ways tend to be very hard and inconvenient and risky. If I simply
protect everything then it is easier to send secure info when I need to.
Who do you buy your electricity from? Your water? Who provides
your streets? Fire protection? Basic security against physical crimes?
Those are all historically trustworthy organisations run by the
community and regulated by the government. They are not competitively
cut-throat corporations who will do anything to make a buck. I have
never once in my life found my electrical outlets incompatible with my
neighbors whose television I wanted to borrow thus requiring me to
change providers or upgrade. However, I did just approve an expensive
software purchase request here at work because someone sent us files
which we are not currently compatible with.
As web services grow and become more competitive you need not
be singly dependent upon any of them. As it is you are recommending
a policy of being singly dependent upon in house services.
Data is a bit different than electricity. Electricity is a commodity
which I can get from many places. SDGE, solar, a gas powered generator,
batteries, etc. My data is not a commodity. It is unique. If all of my
email is in gmail and they do something which prevents my access I am
screwed.
Hmm .. we could debate that depending on the time frame but
I will let is slide.
I'm thinking within my lifetime. Sure there was the Great Depression
etc. I think we've learned a few things since then.
Software companies are historically untrustworthy.
As were banks not so long ago. Even as recently as a few decades ago
... one finds
"This paper summarizes our analysis of 171 national banks that failed
between 1979 and 1987."
But if they were FDIC insured the government bailed them out and the
public didn't lose their life savings. Software companies have been
untrustworthy my whole life. Banks have been trustworthy my whole life.
And who says you must use only one web service?
Keep a copy of all of my email and my documents in two different web
services? Sounds like a PITA.
It seems we agree that diversification and avoiding a single point
of failure is a good idea. You seem to feel this means "do it yourself."
I am far from convinced. Far too few companies actually have the
competence to do this. They become their own single point of failure.
I don't think it necessarily means "do it yourself". Although I think
the web interface and AJAX make for a crummy user experience (we only
like it so far because it is new and novel) I do think something along
these lines is the future.
I want to see some more safeguards and less dependency on Google's Do No
Evil policy.
I want to see privacy policies written in stone with no "we reserve the
right to change this policy at any time" clauses.
I want to see the service offer an easy way for me to periodically
extract all of my data (ie. regular full backups onto my own media) in a
format which I can then take to another such provider if I want.
I want to see a law on the books which ensures that the above will be
provided and that the authorities will take action against anyone who
does not comply so that I don't have to worry about losing my data.
I would bet on Google as being less likely to fail than the vast
majority of company data systems. My bet is that Google is
vastly more competent than say 90% of the IT departments
of say the Fortune 1000.
I think you are right there.
So do you think it is wrong to say, "A business needs to
determine what it has to add that has value and focus on that."? ;)
No, I don't think it is wrong. I think that is right. But I also think
they should hedge their investments and choose wisely. I am a big fan of
outsourcing certain things depending on the size and capability of the
company to provide those things internally. I am de-outsourcing a number
of things at my current company (including some fairly commodity IT
services) because they are critical yet trivial to provide and the
internal IT staff can do it. I am favoring outsourcing certain other
aspects of operations because it makes economic sense to do so and there
is little risk.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
