Small Fish, Big Pond

I hate to say it. No, I love it. The Sidekick crash validates everything I’ve been saying about cloud computing. It’s a great business model to allow customers to backup data to but don’t let your business depend on it.

The T-Mobile sidekick held all user data in the cloud. Instead of syncing locally with your personal computer like Windows Mobile, Palm WebOS, or iPhone, the data would sync to the cloud. It seems like an excellent idea since your phone becomes a standalone pocket terminal with the power of the web making up it’s backend processor. It seems like such a good idea that ALL THREE of the above operating services are making progress to offer or transition to that business model.

I’ve been harping on about how I don’t trust giving all my info to somebody else to keep safe. Not only are you putting all your eggs in one basket, you’re letting somebody else hold the basket. You assume that they’ll take better care of it than you would but you have nothing but trust and hope to keep your info safe.

Now all Sidekick users have learned firsthand what happens when you put all your trust into the cloud and the cloud fails you. Not that it couldn’t happen to an individual who syncs their data locally rather than to the cloud. I don’t think there is anybody in the computing world who hasn’t accidentally wiped out a file or database only to realize that it wasn’t backed up. The difference is that when that happens all you can do is blame yourself. In the cloud it’s somebody else’s problem and it’s out of your hands. For some people this is a major selling point of the cloud; I’ve argued in chat rooms with people who say that the whole reason to trust the cloud is that the companies running the cloud are much more careful than we are, and always plan ahead and have an alternative incase something goes wrong.

But just like blind trust in the anything, you’re only going to set yourself up for disappointment.

Already the rumors are flying about who’s to blame (I guess that’s the true benefit of the cloud, when the screw up DOES happen you can blame sue somebody else for your blind trust). People are saying that it’s proof you should have an iPhone rather than a Sidekick, some say it’s the fault of outsourcing to third parties (I work for a telco, outsourcing is par the course and always has been), others are saying it’s proof that anything touched by Microsoft will fail. Some crazies in the comment boards are even saying that this is a foreshadowing of Windows 7 failing on release and the it’ll be the moment that Linux/OSX will finally rise to the top and conquer all other OS’s!

They’re just trying to make others look bad and make their own gadget or fanboy crush seem validated. There’s only one real thing to be learned from this and I’ll say it yet again.
Never put all your trust and critical info in one new technology, no matter how amazing and revolutionary people make it sound, especially cloud computing. It’s great for backups, great for storing a copy you can access remotely. But always be sure that you have your own “backup plan”
for emergencies.

Maybe I got that from my time in the military; putting your trust and effort into a team gives you the ability to move mountains. But before you do that you need to make sure that you have taken care of all your own personal issues.

Make sure you’re squared away personally before you become part of the team.
Make sure your important data is personally backed up before you send it to the cloud.

I agree with Larry Ellison about the misuse of “Cloud Computing” as a buzzword (my older posts here and here).

99% of what people mention as “Cloud Computing” is nothing more than Web 2.0, which is not anything more than crunching normal data and putting it online in a simple website.

Just about anything people claim is “cloud” based already existed on the web long before this buzzword came up. Spotify “Puts music in the cloud”, never mind that they do the same thing that last.fm has done for 6 years, never mind that all last.fm does is stream music to you which RealPlayer has done since the late 90’s, never mind that Realplayer is just using the UDP portion of the TCP protocol that has been around since the 70’s.

So what we have is files stored on remote servers that are sent to a user?
What a novel idea! What do you think webpages are?

Even Web 2.0 was a better buzzword because at least then companies were taking massive user input, crunching the data on their servers and feeding it back to the users, it was a process of making better use of the web, but even then it wasn’t a magic new technology.

The other use of “Cloud Computing” as a term is really just describing “Server Virtualization” at a datacenter, something that has been done for quite a while now. Instead of buying your own server, and renting out rack space at a datacenter, the data center is renting virtual server out to you with virtual storage and virtual processing for you to put your code on. The code and the service you provide to your customers is the same as it’s always been. The only difference is that you don’t own the equipment the code sits on anymore.

It’s like switching from 5×8 workdays to 4×10 workdays. Your company may get some efficiency benefit but it doesn’t change the fact that people working are still working the same job they did before.

Reading through the comments on TechCrunch I realized that most people still don’t know what “Cloud Computing” is. Simply put it’s just crunching some data and putting it online for users to look at (or what people were calling Web2.0 a few years ago).

Now that many people are surfing the net through iPhones and other smartphones they want to do things that are beyond the scope of the tiny piece of handheld software and that heavy lifting is being done on the backend. But it’s nothing new, it’s how Google Maps works, it’s the way search engines work, it’s the way anything that stream audio or video works. It may be more prevalent now but it’s not new.

And it’s not 100% online like most people think, it still relies on your browser and the java and flash (siverlight, air) plugins to do the front end computing for you. The only functions handled on the backend are the simplest database functions and data storage.

Take something like Mint. Financial reports are just basic excel style spreadsheets made pretty for you with some graphs. You can make your own by importing bank data to excel, uploading it to a public access FTP and getting a copy from any remote site you access from. It’s all existing, not to mention old, technology and ideas. It just took Mint to make a business plan to organize it all for you so all you had to do was look at a pretty website. No new “cloud” technology was invented or used in the process, just re-appropriating old technology in a new way.

Hence “Cloud Computing” isn’t a new technology on the internet, just an improved business model serving you the same data that’s always been there.

…Well at least not it’s potential for ripping us off in usage fees. Not every cloud has a silver lining

Cory talks a lot about how payment for a cloud based computing model will work for businesses, I have to admit I kind of overlook this part and skipped directly to the security issues of letting a third party control your vital information, although Cory hits on that as well:

But for the average punter, cloud computing is – to say the least – oversold. Network access remains slower, more expensive, and less reliable than hard drives and CPUs. Your access to the net grows more and more fraught each day, as entertainment companies, spyware creeps, botnet crooks, snooping coppers and shameless bosses arrogate to themselves the right to spy on, tamper with or terminate your access to the net.

It’s pretty similar to some of the posts I’ve made before. Basically why give all your info to a third party company and access it through a potentially unsecure, non-working bottleneck over the internet rather than just handle everything in house on your own equipment?

Jon Stokes’ rebuttal at Ars Technica makes some good points but seems to counter different issues; and does a better job pointing out the problem of the term “Cloud Computing” meaning different things to different people. My ides of the cloud is similar to Doctrow’s where I think Stokes is describing Web 2.0 more than anything else. A lot of the programs he claims are proof of benefits in the cloud are just Web 2.0 programs that can be run in the cloud or in house, not really proving a benefit one way or another.

However Jon’s description of Evernote is a cloud based app but it’s a service that most companies are looking at providing for free. The basic idea is syncing your PIM data to an online source to allow you to sync the data between phones, mobile devices, and home computers over the net. I think apple does this now for $100 a year and Microsoft, Google and others have options for doing for free (albeit it a more kludge like manner). But even remote PIM synchronization can be done in-house through MS Exchange, so we’re not really breaking new ground there either; just giving the public Exchange features without having to run their own Exchange server.

Jon Stokes makes a point to say that cloud computing is going to mean different things to small time customers like me and you, and big giant businesses that can pay for expensive cloud server rentals. While I agree that they’re different I think Jon has it backwards. Big companies have the resources to handle their own datacenters in house and thus cloud computing is less desirable to them. But the ability of cloud services give us public users the ability to use some fancy programs that previously only big companies had the ability to deploy; the only price is the increased exposure to the problems of the net and risks to privacy.

As of this moment Gmail is down. Considering how massive google is it’s hard to think that such a major part of their web presence could be smashed like this again (or maybe not, the more use, the more stress on servers).

A lot of talk is made about the future of computing “in the cloud” where businesses move all their email, apps, and file storage to giant remote server farms where they are overseen by a third party rather than supported in house by your own techs.

Being without gmail we can all get a small sense of how disruptive this can be when the company holding the basket with all of your crashes unexpectedly. Personally I only use my gmail account for non-business critical uses but if I were a fortune 500 company that had moved all company email assets into gmail I’d be losing money hand over fist right now with my employees unable to contact customers and vice-versa.

Of course anything can happen, even with in-house systems. But if you crash your own computer you have nobody to blame but yourself for not having good backups or alternatives. Plus you can still use third party systems as an extra level of backup; unless they just happen to have a massive outage that coincides with yours, ala gmail right now. But if a third party fails then it’s somebody else’s fault and no matter how well prepared you yourself were, you’re crippled by their lack of oversight, or their accident, or their being a massive malware target being a keystone company on the net.

While cloud computing has its uses I believe for business critical applications it should only be used as a backup for your own in house deployments. That way the only time you even need to care about gmail’s uptime is the 1 day of the year your in house systems are down. The chances of both being out at the same time are minuscule. But if you rely on others as your only source of email you’re always at their mercy.

Wow! This is cool stuff!

While I’m not drinking the Cloud computing koolaid that most people are right now I do think it’s great technology; just not as developed for full implementation as most people think it is. In my opinion it has a lot of security and reliability issues to be addressed. Tahoe addresses the reliability issue and even delves a bit into solving the security issue.

I like to look at Cloud computing from the perspective of a big business. Imagine you’re a big corporation and have publically accessible files, and some confidential company secrets you don’t want anybody to see. For the public stuff cloud computing is great, I don’t care if Google gets hacked and people see it. But files lost due to a server crash or datacenter outage at the cloud would be bad. With company secrets, I just don’t trust putting files on another company’s network with the risk maybe half of the cloud’s servers get wiped and it just happens to be the servers with our company data on it.

There needs to be a safe way to ensure data is protected in case of an outage or server damage. And if a disgruntled employee walks out with a server I don’t want my data, or worse my customer’s data, on it.

Tahoe takes the data, encrypts it, and breaks it up distributing it into 10 separate nodes. The recreation of the original data only requires 3 of those nodes to work. The others can be lost, corrupted, or currently offline. Just so long as 3 of the 10 are safe so is the data. When applied to the servers on a cloud you can have those 10 nodes spread across multiple sites to ensure that an outage at one site won’t kill half your data. Plus if one node gets hacked, the data on it isn’t worth anything because it needs at least 2 other nodes for re-combination.

The real beauty comes in when you take the Tahoe software and use it to make your own distributed cloud onsite or among peers across the web.

Tahoe is being used in a number of different ways. A common configuration that is documented at the project’s wiki is described as a “friendnet”, a group of roughly ten nodes that are connected over the Internet and provide shared secure storage capacity with optional filesharing. Another potential usage scenario is installing Tahoe on individual workstations on an office network and using their excess disk capacity as a storage pool. The Tahoe wiki describes that kind of setup as a “hivecache”.Ars

Awesome!

Back to our imaginary corporation, let’s say we’re American Express; we have 10,000 workstations distributed through 8 work sites across the continental US (numbers are made up). Each workstation has a 320GB hard drive that is currently using 100GB (OS and business apps only, employees can’t add their own software or use more than their allotted 1GB of personal storage).

That’s 1.2 Petabytes of unused potential storage on your internal protected network purely from user workstations.

Now we install Tahoe and utilize that excess storage. First off we don’t get the whole 1.2PB, there is obviously a lot of overhead to provide the 7:3 redundant to required ratio. Let’s assume a conservative 1/4 of it is available giving us 300 Terabytes of storage.

The data can be Top Secret or Customer Confidential because it’s encrypted and each workstation only gets a portion of the info. So if you have a malicious employee (remember that most attacks come from within) they can’t recreate and access the database through the data stored on their own computer.

Also many employees may turn off their computer when they go home. So long as 3/10ths of your employees leave their computer on you’re still good to go. And even if the building in Phoenix AZ has a backhoe cut them off from the rest of the world everybody can continue on without interruption.

This is super exciting technology for me; I’ve always kind of dreamed in my head what can be possible combining P2P file distribution tech with encryption like this. I’d really like to see what a full scale deployment of this could do and how much of an improvement it would make on ROI of an organizations equipment and data.

How come I have to a peon at the bottom of the ladder rather than one of the big CIOs that can make something like this happen?