In an interview this morning Richard and I provided some insight into Cloud security for BBC Radio Guernsey listeners. This post reiterates most of what was said, starting with the questions from the presenter Jenny Kendall-Tobias:
I read an article saying thousands of Snapchat videos and images have been leaked (even worse considering they’re meant to disappear after 10 seconds).
And I guess the question is, should we be worried? Should we continue uploading our images etc. to the cloud? Why is this happening? What’s going to be done?
The answer to those questions is basically yes we should all be worried, but let’s not panic too much.
Whilst most cloud services, such as Facebook, Twitter and Snapchat are generally secure, we have to realise that at the end of the day we are entrusting a little (or a lot) of our personal information to them.
A further problem is that everyone has come to expect to find an app (for free or really cheap) to achieve something on their device, especially one that ties into a service that they already use like Facebook, or Snapchat, and offers an extra function or feature for that service.
The problem here being that the app is not necessarily endorsed by the service provider, and almost certainly doesn’t adhere to their security policies. Yet many of us seem happy to divulge our credentials to these applications, and assume (perhaps naively) that they will be careful with them.
SnapChat is a prime example, they haven’t been hacked in order for the latest raft of nude images to be revealed, yet the images are there on the internet. Snapchat say that the leak is down to 3rd party apps, passing data through unsecured servers, and this is most likely the reason for the leak.
I doubt will be the last time that we have finger pointing between service providers and 3rd party app developers.
Cloud computing, services, and storage have huge benefits because they’re cheap and accessible.
But we all have to be careful with our personal data, and our passwords.
We all have to think about our digital data more like our physical possessions. We’d all be wary about letting someone we barely know look after our car, or our mobile phone, or even give them the keys to our house… so we have to think about the internet and Cloud computing in similar terms.
I recall last year one security blogger said:
“Cloud computing takes on a whole different perspective if you replace the word ‘Cloud’ with ‘somebody else’s computer’ ….”
o I store my photos …. on somebody else’s computer.
o I store my bank details… on somebody else’s computer.
o I store my potentially bestselling novel … on somebody else’s computer.
It makes you think more about the security implications when you look at that way.
And, going back to the original question of SnapChat, and the recent issues; when it comes to posting any kind of picture, be it intimate or not, no matter how long we want or expect it to stay in the cloud, we ultimately have very little control over it once it is “on the internet” or “in the cloud”.
The Moral is …. If you wouldn’t print it on a poster and stick it up in your front window for your neighbours and everyone else to see…. don’t post, email, upload or send the image over the internet to begin with.
If you are listening to the broadcast on demand, and only want to hear this segment, skip to about 1h 41 minutes… Sorry again Jenny….