Cloud Service Providers Jeopardizes Your Data – Edward Snowden
At the recent OpenStack Summit – 2017, NSA whistleblower Edward Snowden warned on the consequences businesses can face while opting for cloud services from Amazon, Google, and Microsoft.
Today, public cloud is the first-choice for businesses, they save huge dollars for businesses abstaining from building their own IT infrastructure or datacenters. But, sharing and allowing a third-party to control your data can be costly than expected.
At the recent OpenStack Summit – 2017, NSA whistleblower Edward Snowden warned on the consequences businesses can face while opting for cloud services from Amazon, Google, and Microsoft. Snowden through a satellite video link cited that cloud services can be cost-effective and convenient, but it can turn-up to be high price in terms of lack of visibility and control over what those cloud providers are doing on the back end.
Speaking via video link at the OpenStack Summit in Boston, US, Snowden said enterprises are parting with more than just their money when “sinking” investment into some public cloud platforms.
“You could use [Amazon Web Services] EC2 or Google Cloud Engine or whatever. These are fine – they work. But the problem here is they are fundamentally disempowering. You give them money and in exchange you are supposed to be provided with a service,” he said.
“And that exists, but you’re providing them with more than money. You’re also providing them with data and you’re giving up control, giving up influence. You can’t reshape their infrastructure, they’re not going to change things and tailor to your needs,” Snowden continued.
Snowden empathized that people should not use technology mindlessly. For-profit infrastructure like Amazon Web Services or Google Cloud Platform is fine, except those companies tell customers little about what’s happening inside those data centers. Amazon, for example, won’t even let customers tour its data centers.
“You’re giving them your data and giving up control,” he told attendees of the OpenStack Summit 2017 in Boston on Tuesday via a satellite link, ostensibly from Russia where he is in exile.
The use of open-source technologies may be a better option for users than investing in technology they “don’t own, don’t influence, don’t control, or even shape,” Snowden said.
Companies can use OpenStack, which can be downloaded for free, or offered with paid support from Rackspace, Canonical, SUSE, and Red Hat (RHAT), to build their own computing infrastructure which, admittedly, requires a lot of technology expertise which tends to be expensive.
During the course of his appearance, Snowden fielded a number of crowd-sourced questions, with Summit attendees asking about his experience of using open source technologies, prompting him to reveal details about a project he’s working to give users greater control of their mobile location data.
Complicating matters on the public cloud side, is that the same big providers—Amazon, Google, and Microsoft—that run all that industrial infrastructure, are also amassing vast quantities of data about consumers via devices like Amazon Echo, Google Home, and the upcoming Microsoft Invoke. Every time you order a Domino’s pizza, or an Uber car, or conduct a banking transaction using Echo, your data is being collected and used in theory, to provide you with better services.
But, even though that data is anonymized, and users can delete things they don’t want aggregated, the whole notion of a device listening in to you at home makes many people uncomfortable. One technologist with a financial institution that uses AWS, but who is not authorized to speak about it publicly, said he personally would never have an Amazon Echo or Google Home because he doesn’t want those companies collecting his personal data.
The problem for many users is, or should be, trust, said Snowden.
“If you run on Google’s or Amazon’s technology, how do you know when it starts spying on you?” Snowden told the audience. “You have no awareness because it happens at a hidden layer of the software.”
For the record, these companies have said they are careful in how they collect, use, and protect customer data. The problem is whether you believe that.
