The recent visual and virtual reminder of the need for strong student privacy laws

Posted on September 11, 2014
2


I think the internet just exploded. At least, that’s what I’m thinking based on the number of articles I’ve seen come out in the last few days on the latest hacking scandal involving the Apple iCloud storage system involving “private” stolen celebrity photos of their, uhm, privates. You would think the world was coming to an end, that Russia really had started World War III, that North Korea finally nuked the South (or themselves accidentally). These are not the most important hacking stories or concerns by far, certainly not compared to the massive security breaches of Target, Neiman Marcus, Amazon’s cloud service (thatnow defunct inBloom was planning to use to store all student data), defense contractors, and various banking institutions around the world at the hands of Russian mobstersIranian Hacktivists or Chinese “State sponsored” hacking consortiums. Researchers had even discovered as far back as 2011 that it was possible to use Google Search to hack (or access without authority) various clouds throughout the world, so the term “Cloud security” has really always been more of an oxymoronic concept, not a legitimate claim anyone with any IT background should really make – except in assisting the marketing department with lawyerly vetted, non-binding, sales literature.
To me it looks like the media and the public are much less concerned about coverage of those stories than the lack of “coverage” of various celebrities.
For those of you unsure what a “cloud” is let me define it in what may be an overly simplistic way but which will help you understand why cloud computing is both powerful and dangerous. Most of you know what a hard drive is. Most of you know what a local network is. Some of you may know what a “shared” network drive is. A cloud service is simply a shared network drive that everyone in the world has access to from anywhere all the time. Additionally the “clouds” we are talking about from Google, Amazon, Microsoft, store redundant copies of data throughout the world, on actual physical servers throughout the world and often in foreign countries because it’s cost effective to do so. Imagine taking the hard-drive from your computer or memory form your cell phone and making 100 copies of it and shipping it to 100 different countries. You can access your data with your password. So can anyone else who intercepts your password or guesses it, or hacks directly into one of the various servers throughout the world hosting your data or intercepts it enroute (from your phone or computer) like the NSA does by tapping directly into the physical backbone of the internet. Any of those hundreds of thousands of employees might have access to your data too. There are thousands of Edward Snowdens out there, but not all of them are using their access to tell us how vulnerable we really are.
The backbone of the internet is made up of hundreds of underwater fiber-optic cables that stretch for thousands of miles across the ocean. The cables shoot information around the networked world at super-high speeds, up to 19 terabits per second—nearly the speed of light. In fact, light is exactly what’s being transmitted. Fiber-optic cables work by converting electrical signals into waves of light, and then back again at the other end.
It’s pretty nuts when you stop to think about it. The 21st century global economy is being built on strands of glass the size of a garden hose, resting on the ocean floor. And we’ve known for years these cables can be hacked or vulnerable to breaks—if, say, a ship drops anchor in the wrong place, or a natural disaster ruptures the cable.
Google and Yahoo have massive data centers around the globe that are connected via these fiber-optic cables—many of which the companies either own or privately lease to assure (or so they thought) a secure route for their internet traffic. Now it seems the NSA is taking advantage of the inherent weakness in the web’s infrastructure