User Tag List

First 3456 Last

Results 41 to 50 of 54

  1. #41
    meh Salomé's Avatar
    Join Date
    Sep 2008
    MBTI
    INTP
    Enneagram
    5w4 sx/sp
    Posts
    10,540

    Default

    ^ "virutalising[sic] the whole thing"

    inevitable, I'd have said.
    Quote Originally Posted by Ivy View Post
    Gosh, the world looks so small from up here on my high horse of menstruation.

  2. #42
    Don't pet me. JAVO's Avatar
    Join Date
    Apr 2007
    Posts
    6,047

    Default

    Ignoring the huge risk factor of being connected to the Internet...

    Centralization concentrates resources.
    Concentrated resources increase target value.
    Increased target value increases attack frequency and priority.
    Increased attack frequency and priority increases probability of success.

    All technology-based security has the same weak link: humans.
    Human vulnerabilities are widely-documented and remain constant.
    The risk from human vulnerabilities can be minimized by good design, but it cannot be eliminated.
    There are many people and organizations who specialize in exploiting human vulnerabilities.
    One of them will eventually hit the jackpot.
    One hit will destroy all confidence.

  3. #43
    Senior Member Grayscale's Avatar
    Join Date
    Dec 2007
    MBTI
    istp
    Posts
    1,962

    Default

    Quote Originally Posted by JAVO View Post
    Centralization concentrates resources.
    Concentrated resources increase target value.
    Increased target value increases attack frequency and priority.
    Increased attack frequency and priority increases probability of success.
    value is already centralized in the manner you're suggesting

    anyways, if this were completely true, then we'd all be burying our money because it's more likely someone will try to rob a bank than dig up our own little pile. centralization is not the danger, the real question is whether the value on your plate is bigger than what your security can stomach. at a certain point, there is too much value to possibly secure, and that is why it would never be feasible to have true centralization, but im relatively certain that will never happen as long as we have a capitalist economy.

  4. #44
    Don't pet me. JAVO's Avatar
    Join Date
    Apr 2007
    Posts
    6,047

    Default

    Quote Originally Posted by Grayscale View Post
    value is already centralized in the manner you're suggesting
    Where?

    Quote Originally Posted by Grayscale View Post
    anyways, if this were completely true, then we'd all be burying our money because it's more likely someone will try to rob a bank than dig up our own little pile.
    Yes, but if you buried half your money in your backyard and put the other half in the bank, you couldn't lose more than half of it in a single attack.

    Quote Originally Posted by Grayscale View Post
    centralization is not the danger, the real question is whether the value on your plate is bigger than what your security can stomach.
    Where does the target value come from if not from centralization?

    Quote Originally Posted by Grayscale View Post
    at a certain point, there is too much value to possibly secure,
    Exactly.

    Quote Originally Posted by Grayscale View Post
    and that is why it would never be feasible to have true centralization, but im relatively certain that will never happen as long as we have a capitalist economy.
    I agree. We'd never have a near-monopoly by any one software company here.

  5. #45
    Senior Member ptgatsby's Avatar
    Join Date
    Apr 2007
    MBTI
    ISTP
    Posts
    4,474

    Default

    Quote Originally Posted by JAVO View Post
    Where?
    We operate on similar principles almost all the time - web apps to servers. Document management systems work in similar ways to this. There is a huge amount of value on pushing things from distributed to centralised, as far as information flow goes.

    Yes, but if you buried half your money in your backyard and put the other half in the bank, you couldn't lose more than half of it in a single attack.
    How does this translate to data? Redundancy? That's built into cloud computing, generally. And yet, the backyard concept applies - most people lose their own computers and files, making splitting it stronger in one way and weaker in another.

    Keep in mind that when you talk about data as value, it only works two ways - to keep people out, and to make sure you have access to it. Invariably the two trade off, to some degree, but the push forward is to increase personal access because there isn't a lot of trade off for security. It is always in relative terms - we can lock down data so no one can get it, but people want laptops, we need backups... etc. Others have attack points then, or it just happens by accident.

    The bigger concern is in not being able to gain access. That's the main concern right now, I think. But reliability and so forth have made significant gains. I know I trust my web server more than my local computer network (at home, that is.)

    I agree. We'd never have a near-monopoly by any one software company here.
    Heh, that'd never happen!

    However, chances are in this case you'd have the option of going more local. It depends on how far it goes. Once you start pushing computational power onto farms, then the desktop really will be a thin client, and the monopoly issue would be a big issue (cost by cycle, egad). That is, of course, assuming that the industry doesn't trend towards natural monopolies... too early to tell, but certainly not impossible.

  6. #46
    Senior Member Grayscale's Avatar
    Join Date
    Dec 2007
    MBTI
    istp
    Posts
    1,962

    Default

    Quote Originally Posted by JAVO View Post
    Where?
    most sensitive data is already stored centrally, not client-side. virtualization is actually more secure in the sense that sensitive data can be moved between the virtual client process and the store more efficiently and safely due to the fact that that it is only a virtual move and not being transported over a long distance.

    if you had sensitive company data that you needed to view or modify, you'd unavoidably have to transport that between the datacenter and the client UI, but for everything else, most data can remain centralized with only what's relevant being sent to the client.

    for instance, let's say you need to email some blueprints for a new prototype to a co-worker. instead of pulling that down from the secure, controlled DC environment onto your desktop, you could write an email and click and drag the file to it, without the local client having to put its fingers into the sensitive data, and with only what your I/O being sent over the encrypted connection.

    Quote Originally Posted by JAVO View Post
    Yes, but if you buried half your money in your backyard and put the other half in the bank, you couldn't lose more than half of it in a single attack.
    PT is right about this, there is a balance between safety and usability. we could do away with computers completely and use paper, and it's easy to argue on behalf of safety because advancing technologies usually do pose risks initially... it's much harder to figure out what we stand to lose if we play it safe, though. either way, in the long run, i believe virtualization will actually prove both safer and more usable. the risks are more volatile, but far fewer and less likely... at some point the risk cost-benefit falls in favor of the "bank".


    edit: if you're referring to Microsoft, they are way behind Google... even if they were able to out-run them on the software, they don't have the network resources to support it. anyways, there are a small handful of powerhouses here, and most of them are 5-9s capable or close to it.

  7. #47
    Senior Member Lateralus's Avatar
    Join Date
    May 2007
    MBTI
    ENTJ
    Enneagram
    3w4
    Posts
    6,276

    Default

    Quote Originally Posted by Grayscale View Post
    most sensitive data is already stored centrally, not client-side.
    Not all in one place. It's still relatively decentralized. If all "sensitive" data was stored in one place and a terrorist attack wiped it out... Storing all that data in one place is like putting a big bullseye on that building.
    "We grow up thinking that beliefs are something to be proud of, but they're really nothing but opinions one refuses to reconsider. Beliefs are easy. The stronger your beliefs are, the less open you are to growth and wisdom, because "strength of belief" is only the intensity with which you resist questioning yourself. As soon as you are proud of a belief, as soon as you think it adds something to who you are, then you've made it a part of your ego."

  8. #48
    Senior Member Grayscale's Avatar
    Join Date
    Dec 2007
    MBTI
    istp
    Posts
    1,962

    Default

    Quote Originally Posted by Lateralus View Post
    Not all in one place. It's still relatively decentralized. If all "sensitive" data was stored in one place and a terrorist attack wiped it out... Storing all that data in one place is like putting a big bullseye on that building.
    pardon my vocab, by central i mean in the central locations of the network. im sure youre familiar with the "web" concept of a network, a private company network is no different... most often you will find the hub aggregation points with datacenters a stone-throw away from a few of them.

    most enterprises already consider things like this... much less likely than a terrorist attack is a fire or flood in one of the datacenters.



    some wiki for your reading pleasure-

    High availability - Wikipedia, the free encyclopedia

    also see "relationship with failover"-

    Load balancing (computing) - Wikipedia, the free encyclopedia

  9. #49
    Senior Member ptgatsby's Avatar
    Join Date
    Apr 2007
    MBTI
    ISTP
    Posts
    4,474

    Default

    Quote Originally Posted by Lateralus View Post
    Not all in one place. It's still relatively decentralized. If all "sensitive" data was stored in one place and a terrorist attack wiped it out... Storing all that data in one place is like putting a big bullseye on that building.
    It's important to differentiate between the software and hardware architecture. It's not unusual for data to be stored in multiple data centers in different physical locations, while maintaining a central "virtual" system.

    In that sense, it is a whole lot safer to terrorist attack than having it in one's own building (ie: think of WTC data centers, in this case).

    What it isn't safer from is physical access, which is a fairly major issue. Not because they can't be made safe (some are built as nuclear-war safe), but that "others" will always have physical access to the data. The only way to negate this is to not put any workload on the cloud computers, outside of access. In terms of pure storage, you can easily manage that through client-keys, as document management systems do (ie: the databased holds all file data, but the files themselves require local RSA key schemes to unlock locally). But in that case, the file can't exist on the cloud computers... but... it gets complicated. Quite a few document management systems actually do that, to the point where IT cannot access the data, even with hardware access.

    Again, the trade off happens: more redundancy = more hands have hardware access.

    (edit: fix copy/paste error)

  10. #50
    Senior Member Grayscale's Avatar
    Join Date
    Dec 2007
    MBTI
    istp
    Posts
    1,962

    Default

    Quote Originally Posted by ptgatsby View Post
    Again, the trade off happens: more redundancy = more hands have hardware access.
    there is a problem there, but i think it when exceptions are made and "slices" of the secured virtual environment are allowed to exist outside of the datacenters intended for them.

Similar Threads

  1. [NT] Defining Moments in the making of an NT.
    By ladypinkington in forum The NT Rationale (ENTP, INTP, ENTJ, INTJ)
    Replies: 136
    Last Post: 07-15-2012, 06:42 PM
  2. UFO's in the sky!!
    By Prototype in forum Politics, History, and Current Events
    Replies: 9
    Last Post: 10-14-2010, 03:51 PM
  3. Am I in the right place?
    By cosmicdancer in forum Welcomes and Introductions
    Replies: 21
    Last Post: 05-14-2009, 02:36 AM
  4. [NF] Defining Moments in the life of an NF
    By SolitaryWalker in forum The NF Idyllic (ENFP, INFP, ENFJ, INFJ)
    Replies: 20
    Last Post: 05-01-2009, 10:27 PM
  5. Laughing at television more when others are in the room
    By digesthisickness in forum The Bonfire
    Replies: 30
    Last Post: 07-21-2007, 10:23 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
Single Sign On provided by vBSSO