I think the 3 fundamental problems with the Cloud are: 1. We don't control the CODE (service provider-owned apps might be sharing our data), 2. We don't control the INFRASTRUCTURE (admins have access to our data), 3. We don't control the AVAILABILITY (we might get cut off).
-
Show this thread
-
Ad 1. If we could ensure specific code of the cloud/apps services, we could audit them and make sure they e.g. don't let service providers to access our data.
11 replies 8 retweets 66 likesShow this thread -
Replying to @rootkovska
Do we control the hardware, though, and does inspecting the code make much sense if you cannot inspect the hardware? It makes *some* sense, but depends on threat model?
2 replies 1 retweet 6 likes -
-
In the same vein #1 (code) means: the entirety of the service/app, incl. configs, which has been created and is being managed by the service provider. Where service provider (e.g. Fitbit) is usually a different entity than the party controlling/ owning the infra (e.g. AWS).
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.