SoylentNews is people
SoylentNews
from the what-goes-around-comes-around dept.
Hasn't this idea been re-cycled before ? What was old is now new again dept:
Private information would be much more secure if individuals moved away from cloud-based storage towards peer-to-peer systems, where data is stored in a variety of ways and across a variety of sites, argues a University of Cambridge researcher.
In an article published in the Proceedings of the Royal Society A, Professor Jon Crowcroft argues that by parcelling and spreading data across multiple sites, and weaving it together like a tapestry, not only would our information be safer, it would be quicker to access, and could potentially be stored at lower overall cost.
The internet is a vast, decentralised communications system, with minimal administrative or governmental oversight. However, we increasingly access our information through cloud-based services, such as Google Drive, iCloud and Dropbox, which are very large centralised storage and processing systems. Cloud-based services offer convenience to the user, as their data can be accessed from anywhere with an internet connection, but their centralised nature can make them vulnerable to attack, such as when personal photos of mostly young and female celebrities were leaked last summer after their iCloud accounts were hacked.
Storing information on the cloud makes it easily accessible to users, while removing the burden of managing it; and the cloud's highly centralised nature keeps costs low for the companies providing the storage. However, centralised systems can lack resilience, meaning that service can be lost when any one part of the network access path fails.
http://phys.org/news/2015-01-era-cloud.html
[Paper]: http://rspa.royalsocietypublishing.org/content/471/2175/20140862
(Score: 1) by TheRealMike on Tuesday January 27 2015, @05:51PM
I am in the unusual position of having just released a new desktop P2P application. Lighthouse [vinumeris.com] does decentralised crowdfunding using Bitcoin. It talks directly to the Bitcoin P2P network to synchronise its wallet with the block chain and also has a bunch of community run servers for other tasks. I've been writing P2P software for Bitcoin for years now, so I am quite familiar with the challenges. I also worked at Google for quite a few years on big, centralised web services like Maps and Gmail.
The core problem is that whilst p2p and decentralisation solve some problems (no central outages due to a bogus config file push, for instance), they introduce a lot more of their own. I'd say the difficulty of doing a decentralised system is much higher than centralised. Not only is the networking code much more complex but the privacy aspects get harder too. It's not enough to say, it's peer to peer therefore it is private. All P2P does is replace one professionally run server farm with lots of smaller, more amateur servers which may or may not stay online and may or may not be well maintained and may or may not be malicious.
One problem is that we lack good tools. The industry has spent years developing tools and skillsets that are most appropriate for the centralised world. Most obviously, web apps are an inherently non-p2p application model, to the extent that data and code are tightly locked together by the same origin policy and the fact that it's all hosted remotely. You can't just install a competing app and open your local files. It's much, much worse than what we worried about in the 1990's with undocumented file formats. But web apps are also what modern developers know how to build, often to the exclusion of any other kind of app. Companies like Google and Amazon have spent years making good, solid toolchains for making "cloud services" ie. things that run on their servers. Every language and runtime comes with the ability to do HTTPS and JSON out of the box, or it's easy to add. But they never come with P2P networking fabrics ..... heck, there isn't even a widely agreed standard protocol layer for P2P applications like there is on the web.
Then throw in the desire to encrypt everything and what you get is ... complexity out the wazoo. You end up spending all your budget on decentralisation whilst your centralised competitors power ahead with adding features. And given a choice, most people will pick features over some often ideological notion of decentralisation.
That's without even getting into the funding problem! There's not much money in decentralised, peer to peer infrastructure. But build a centralised web service with potential for ads and investors will beat a path to your door.
All told, I think we will see more luck in the near term from just adding more encryption to existing centralised products.
(Score: 2) by Open4D on Wednesday January 28 2015, @04:17PM
I confess that includes me. I'm currently using Google services for lots of things. Considering Last Pass for password storage. Etc..
I tell myself I'll transition away from these services and do things properly one of these days when I'm not busy, but that might not be for a long time.
From your argument I can see that decentralisation might not become the norm for many many years.