The concern increasingly is not even (just) about hackers, state-sponsored or otherwise -- it is also about whether and when actual states use their autocratic power over monopolistic corporations (who have already declared fealty) to subjugate and coerce users (individual users, corporations, orgs, governments) in other countries. Until recently this would have basically meant China and its surveillance software like TikTok. Now it potentially means the Trump regime acting against Canada, Ukraine, Europe.
Excellent piece and great advice!! I have never trusted CSPs or the growing big tech monopolies, nor have I ever had faith in our governments to effectively protect people and institutions from foreign state-sponsored digital terrorists and other similar bad actors. I’m also old enough to remember when technology and internet access started to become mainstream in peoples’ homes back in the mid-late 1990s/early 2000s. Back then, technology was a largely localized tool (on individual computers or local servers) to serve OUR needs and operated entirely at OUR control. Then time went on with the inception of cloud based computing, monopolizing tech consolidations in the sector, the explosion of social media and now AI: where technology rapidly became not just an advanced tool for users, it also became a spy and a weapon for many others, including those that developed such technology. The functional use and purpose of technology today leaves users vulnerable and powerless, unlike the earlier days where users had more control. It’s indeed one of the very reasons why in recent years I made a conscious effort to become less reliant on technology, only using it when I absolutely need to, and even then I’m very minimalistic in its use, including the internet or my phone. I also happily report how much recaptured time I have acquired in my life since my disciplined and minimized approach to technology that continues to baffle every person I encounter these days, but I digress. For those not willing to take the disciplined plunge of technological abstinence as me, I’d recommend readers to do their research about which technological products and services they use or are thinking of using, carefully read their associated terms of service and privacy policies to better understand how that service works and how the service provider safeguards or uses your data, and then carefully decide if your convenience to use those services outweighs those disclosed risks.
But Kevin, I need my phone in order to read Substack! Otherwise, I’m with you and prefer the comfort of a book printed on paper. Not so keen on using Canada Post but, when necessary, it serves my purpose.
Agreed wholly. So many recent innovations are thrust upon consumers who actively don't want them. We just currently have little choice other than to bow down to it or opt out entirely.
I've had some experience working with the national nuclear regulator - policy, communications, nothing technical. One of the strengths of the Candu reactor is multi-layered safety systems. Independent, redundant systems create ultimate protection. A good principle to keep in mind.
The internet is being used well-beyond initial purpose and carries far more than we ever imagined it could. That system is now precarious as is so well explained in this piece, and we've got nothing to back us up if it fails. Think about that - no phones, no radio, absolutely no means to communicate. We all need to be thinking about this given world events. Frankly, even a power outage that goes on long enough will scupper us all.
We need to reconsider things and develop back up plans. Thanks for this reminder!
When designing control and shutdown systems where failure is catastrophic ,then the starting point is defining design basis accidents ,then ensuring you have physical and engineered redundant backup systems. This approach is followed when designing nuclear power generating stations.
This level of rigour has not been applied to this increasingly crucial infrastructure and the eventual wide spread failure,with negative consequences,are certainly going to happen.
I am sure the fine print on the electronic document you signed to get this service absolves the provider of all liability,regardless of negligence. But they will happily take your monthly fee.
It’s not just hackers and the enemy state of the week. Trusting your own government, and politicians with total control agendas who pay bureaucrats, to respect your privacy is like trusting an evil child with matches near a pool of gasoline. And the oligopoly of data storage makes this much easier than the old scattered and therefore resilient data networks.
I used to tell people worried about privacy that it was too expensive to monitor everyone so you were safer because of how scattered the data was. Not any more…
And I respectfully beg to differ on the usefulness of reviewing policies on privacy put out by people wanting your data. These so called policies are IMO primarily feel good weasel words intended to deter you from suing the provider. They amount to little more than lipstick on a pig in a Wild West market where your data is bought and sold wherever there are revenues to be made.
And now into the picture comes AI, with our government in Canada at least, salivating at the ‘potential’ and promising billions in support … of what exactly? I think hackers, even government sponsored ones, learning to manipulate AI based on information we store in the cloud could potentially have devastating, not beneficial, effects on our society.
This scenario underscores the paradox of technological progress—while cloud computing has revolutionized efficiency and accessibility, it has also introduced systemic vulnerabilities that could cripple entire industries in an instant. The concentration of digital infrastructure in the hands of a few corporations is akin to placing the world's financial reserves in a single vault—convenient, but catastrophically risky if breached. True resilience lies in decentralization, redundancy, and strategic autonomy, yet modern businesses and institutions often trade these for short-term cost savings. The lesson here is clear: technological convenience should never come at the expense of control and preparedness.
Microsoft- let’s free you of all those severs you have on site and centrally locate them in our “cloud” and you can create as many VM servers as you want and you can get rid of most of your IT staff
IBM 370- Hold my beer
Thankfully I retired from this rat race 2 yrs ago.
Been doing this since 1980, at least we could break it up with a Usenix conference on expenses or training in California . Farthest I went in the final 13 years was Barrie and I paid my own gas. Good luck in the next 20, I’m packing for 2 weeks of diving in Cuba.🤿
Paying more to have backup internal infrastructure is akin to having insurance. But with an actual capital expenditure that external sales people can point to and tell you that you can save that money.
I worked at Westinghouse Canada back in the day of mainframe computers - here in Hamilton, Ontario there were several IBM mainframes in the city and deals were struck where they would backup each other. I can't recall, but I think the Hamilton Board of Education and Westinghouse had a deal - my memory faulty as it is doesn't matter, the point is that they had a backup. As for myself I use Apple's iCloud - but anything important me is instantly backed up on a USB drive - I use one such that will hold 128 gb - I've had it for a year and so far my most important files have used 1 gb of the 128......
This is an excellent summary of the cloud and its drawbacks. Certainly, from a security perspective the cloud is a much better option if you know how to configure it. But most people truly don’t.
Amen to all this.
The concern increasingly is not even (just) about hackers, state-sponsored or otherwise -- it is also about whether and when actual states use their autocratic power over monopolistic corporations (who have already declared fealty) to subjugate and coerce users (individual users, corporations, orgs, governments) in other countries. Until recently this would have basically meant China and its surveillance software like TikTok. Now it potentially means the Trump regime acting against Canada, Ukraine, Europe.
Excellent piece and great advice!! I have never trusted CSPs or the growing big tech monopolies, nor have I ever had faith in our governments to effectively protect people and institutions from foreign state-sponsored digital terrorists and other similar bad actors. I’m also old enough to remember when technology and internet access started to become mainstream in peoples’ homes back in the mid-late 1990s/early 2000s. Back then, technology was a largely localized tool (on individual computers or local servers) to serve OUR needs and operated entirely at OUR control. Then time went on with the inception of cloud based computing, monopolizing tech consolidations in the sector, the explosion of social media and now AI: where technology rapidly became not just an advanced tool for users, it also became a spy and a weapon for many others, including those that developed such technology. The functional use and purpose of technology today leaves users vulnerable and powerless, unlike the earlier days where users had more control. It’s indeed one of the very reasons why in recent years I made a conscious effort to become less reliant on technology, only using it when I absolutely need to, and even then I’m very minimalistic in its use, including the internet or my phone. I also happily report how much recaptured time I have acquired in my life since my disciplined and minimized approach to technology that continues to baffle every person I encounter these days, but I digress. For those not willing to take the disciplined plunge of technological abstinence as me, I’d recommend readers to do their research about which technological products and services they use or are thinking of using, carefully read their associated terms of service and privacy policies to better understand how that service works and how the service provider safeguards or uses your data, and then carefully decide if your convenience to use those services outweighs those disclosed risks.
This is how much I trust technology today: I'm an Amateur Radio operator.
But Kevin, I need my phone in order to read Substack! Otherwise, I’m with you and prefer the comfort of a book printed on paper. Not so keen on using Canada Post but, when necessary, it serves my purpose.
Cheers.
Agreed wholly. So many recent innovations are thrust upon consumers who actively don't want them. We just currently have little choice other than to bow down to it or opt out entirely.
I've had some experience working with the national nuclear regulator - policy, communications, nothing technical. One of the strengths of the Candu reactor is multi-layered safety systems. Independent, redundant systems create ultimate protection. A good principle to keep in mind.
The internet is being used well-beyond initial purpose and carries far more than we ever imagined it could. That system is now precarious as is so well explained in this piece, and we've got nothing to back us up if it fails. Think about that - no phones, no radio, absolutely no means to communicate. We all need to be thinking about this given world events. Frankly, even a power outage that goes on long enough will scupper us all.
We need to reconsider things and develop back up plans. Thanks for this reminder!
When designing control and shutdown systems where failure is catastrophic ,then the starting point is defining design basis accidents ,then ensuring you have physical and engineered redundant backup systems. This approach is followed when designing nuclear power generating stations.
This level of rigour has not been applied to this increasingly crucial infrastructure and the eventual wide spread failure,with negative consequences,are certainly going to happen.
I am sure the fine print on the electronic document you signed to get this service absolves the provider of all liability,regardless of negligence. But they will happily take your monthly fee.
If overall downtime percentage is lower in the cloud, does it really matter if it is highly synchronized?
It’s not just hackers and the enemy state of the week. Trusting your own government, and politicians with total control agendas who pay bureaucrats, to respect your privacy is like trusting an evil child with matches near a pool of gasoline. And the oligopoly of data storage makes this much easier than the old scattered and therefore resilient data networks.
I used to tell people worried about privacy that it was too expensive to monitor everyone so you were safer because of how scattered the data was. Not any more…
And I respectfully beg to differ on the usefulness of reviewing policies on privacy put out by people wanting your data. These so called policies are IMO primarily feel good weasel words intended to deter you from suing the provider. They amount to little more than lipstick on a pig in a Wild West market where your data is bought and sold wherever there are revenues to be made.
I am glad ALL the Canadian big banks dont use just one CDN like Akamai to front all their operations. Phew!. /s
And now into the picture comes AI, with our government in Canada at least, salivating at the ‘potential’ and promising billions in support … of what exactly? I think hackers, even government sponsored ones, learning to manipulate AI based on information we store in the cloud could potentially have devastating, not beneficial, effects on our society.
Well done.
This scenario underscores the paradox of technological progress—while cloud computing has revolutionized efficiency and accessibility, it has also introduced systemic vulnerabilities that could cripple entire industries in an instant. The concentration of digital infrastructure in the hands of a few corporations is akin to placing the world's financial reserves in a single vault—convenient, but catastrophically risky if breached. True resilience lies in decentralization, redundancy, and strategic autonomy, yet modern businesses and institutions often trade these for short-term cost savings. The lesson here is clear: technological convenience should never come at the expense of control and preparedness.
This is extremely helpful. I work at home but I'm going to make some tweaks to how I do things here because of this advice.
Funny how we’ve come full circle
Microsoft- let’s free you of all those severs you have on site and centrally locate them in our “cloud” and you can create as many VM servers as you want and you can get rid of most of your IT staff
IBM 370- Hold my beer
Thankfully I retired from this rat race 2 yrs ago.
I've got another 15-20 years to go. Pray for me.
Been doing this since 1980, at least we could break it up with a Usenix conference on expenses or training in California . Farthest I went in the final 13 years was Barrie and I paid my own gas. Good luck in the next 20, I’m packing for 2 weeks of diving in Cuba.🤿
Paying more to have backup internal infrastructure is akin to having insurance. But with an actual capital expenditure that external sales people can point to and tell you that you can save that money.
I don’t necessarily disagree,
but March 2 was a Sunday. Not many kids in school then.
I worked at Westinghouse Canada back in the day of mainframe computers - here in Hamilton, Ontario there were several IBM mainframes in the city and deals were struck where they would backup each other. I can't recall, but I think the Hamilton Board of Education and Westinghouse had a deal - my memory faulty as it is doesn't matter, the point is that they had a backup. As for myself I use Apple's iCloud - but anything important me is instantly backed up on a USB drive - I use one such that will hold 128 gb - I've had it for a year and so far my most important files have used 1 gb of the 128......
This is an excellent summary of the cloud and its drawbacks. Certainly, from a security perspective the cloud is a much better option if you know how to configure it. But most people truly don’t.