well steve that really is quite impressive.

woodsmoke

Hi Steve...

Microsoft Powerpoint? Come on, Steve, really.

Seriously, though, and with all due respect, despite your presentation and confidence in cloud computing, I am not at all convinced that my data is more secure on someone else's hard drive than my own. If Gen. Keith Alexander cannot 100% guarantee the safety of data in the cloud, then how can anyone else? While I agree that going through the hoops get the three different certifications that you talked about might make it harder for those wanting to steal data from gaining access to it, my main concern is the "centralization of data." I can't remember if you used the term in your presentation or not. Point blank, if and when it comes to the point where every PC sold in this country is nothing more (and cannot be more) than a thin client and every ounce of software a user might need or want is maintained in the cloud, where does that leave the consumer? Ultimately, how does it further affect the rights of citizens in our country in relation to the government, who will no doubt find a way to gain access to all of this data under some pretext....like protecting us against "bad guys" and "terrorists."

Regards...

Thank you, kind sir.

I admit it! I am derelict in my duties of transferring my existing voluminous content from Office to non-Office. Guilty!

The term I used was "distributed re-centralization," one that I made up a while ago and have used in many of my cloud talks.

You raise valid points. When considering security in the cloud, the conversation can't be purely technical. But that's where many people start, so that's what I chose to address in the presentation. Cloud providers are technically capable of providing better security than most enterprises, and much better than small businesses. Having worked in enterprise infosec and in cloud security, plus consulting for many small businesses, places me in a position to know this.

Beyond the technical elements, I share your concerns about rights and ownership. If I were asked to give my full cloud security talk, you'd have seen where I explore these ideas in further detail. One crucial element is the pervasive use of encryption. A provider must respond to a subpoena, which is easier to obtain than a search warrant. If Alice has encrypted everything in the cloud, then a court would still have to grant a search warrant to obtain the keys from Alice. (You'll recall that I encouraged attendees to keep keys separate from the encrypted blobs. This is why.)

That said, courts, sadly, seem to be allowing their own powers to protect people from the state to wane. My observation is that the bar to obtaining a search warrant to riff through your house is much higher than the bar to obtaining a search warrant to scour your memory cards. Law enforcement has become greatly skilled at making compelling arguments that information protected by technological means is somehow by default more dangerous than papers in a briefcase or tangible items inside a house. This is a tragic mistake, and affects you regardless of whether your bits are on drives in a cloud provider's data center or on an SSD in your laptop.

Pretty ironic, I agree.

Thank you for sharing your insight.

Regards...

can't wait to watch it @ work.

Awesome presentation, Steve!

I must admit that my views and concerns of "The Cloud" were pretty much what Ardvark71 expressed, until I listened to your presentation.

I used to have my own "cloud", jlkreps.net. It held the web presentation of my wife's genealogy work, and I used it as my off site storage, or "dropbox". But, I never could imagine that I would trust my personal information to storage on that domain even if it was hosted on a Linux server. After viewing your presentation I see that writing a client-server application and then putting it on a WLAN where users in a multitude of cities could run it, like I used to do, isn't really a good example of a Cloud, either. Even though AWS began in 2006 I retired in mid 2008, before "clouds" really became mainstream. A month after I retired Ecualyptus was released. Another area of contention I had with "The Cloud" is that I thought that it would become a commodity which would require the server farm to be planted where hardware and labor costs were the lowest, i.e, China, or some other totalitarian state. It probably will, (or has?) become a commodity. IF I were to use a Cloud the one requirement I would make is that the farm(s) be located in the US or Canada.

However, "The Cloud" isn't that simple domain thing I took it to be. You've taken me to the woodshed, so to speak, and gave me an education.

First off, those opening scenes of flying through the clouds made me homesick. When I flew myself to various locations, that view you showed of flying right at the top edge of the cloud boundary is exactly what I saw setting in the command seat in control of the Centurion 210 and looking out through the windscreen. It is one of my favorite memories about flying. Cutting a puff with the wing and watching the vortex curl around is another.

The idea that buying cloud services offloads installation, maintenance, security and allows sliding scalability to meet present needs, (12.5 cents and hour? That cheap? Really?) is way more than what I thought the Cloud was. My views were shallow.

One of the reasons why I like Kubuntu (Linux) is because it comes preloaded firewall and a set of iptable rules which work pretty well for me. I don't even think about them, nor do I play with them. In affect, I've "offloaded" my security concerns to Kubuntu/Ubuntu developers who added iptables and a set of rules that are automatically installed with the OS. I trust the certifications of the repository to guarantee the safety of the packages I download and install on my PC, and of the Linux kernel that drives it all, so I have off-loaded those concerns as well. If I used a thin client that had an EPROM chip which automatically connected remotely to a Cloud and ran a virtual image of Kubuntu that accessed data on the Cloud(s), and assuming the bandwidth was large enough (60Mb/s comcast?) I probably couldn't tell the difference between what I am running on right now and that thin client linked to a Cloud, except the next time I ran a model of some physical process that involved a lot of computation I could marshal more than just two cores to do the processing. For me to be totally happy, what needs to be developed is a 17" 3D display that can fold or roll up to fit in a pocket, attached to a keyboard that can also fold or roll up and fit into another pocket, and has ports for USB sticks and mic, headset and webcam, even if I had to carry a battery pack on my belt. Then I'd be in Hog Heaven!

Those who work in IT should watch very carefully your presentation around the 57 minute mark, and those who are system admins should do likewise around the 65 minute mark. One could feel the shock in the crowd when they heard what you said at those two times. They blindsided me, but I can see that you are 100% correct. For those reasons I emailed the URL of your presentation to my son.

It appeared to me that at the end of the speech a lot of the audience was still in a state of shock over what they heard 5 and 10 minutes earlier,
I really enjoyed it. Unfortunately, I don't have an extension which gives Chromium the ability to save the stream on my HD.

Wow, Jerry. Thanks much for your very kind comments.

I have some follow-up remarks to what you've written, but some family from Ohio have just stopped by (we're expecting them, but they're early). So I'm going to be offline for a bit. I'll be back tonight.

Now to more thoroughly digest your post and offer some remarks.

The following is not directed at you personally. The one thing I don't like about cloud computing is the widespread misuse of the term. The best definition of cloud computing is one that closely tracks a utility model. Necessary features include on-demand self-service, broad network access, resource pooling, rapid elasticity or expansion, and measured (metered) service. Putting a NAS box on the public side of a router doesn't make it a cloud. If you're still paying for something when it's switched off, then it isn't truly cloud.

Actually, it began to separate from Amazon.com in 2002, with some simple APIs that made it easier for third-party developers to integrate with the retail side. In 2004 the first real AWS service launched, Simple Queue Service (SQS). 2006 is when things really started to become interesting, with the release of Elastic Compute Cloud (EC2) and Simple Storage Service (S3).

Well, the hardware resources that fill up the big players' data centers look pretty commoditized at the low level: scads of x86 servers and oodles of spinning disks. The upper orchestration layers definitely aren't commodities, and indeed that's where cloud providers seek to differentiate themselves. They drive down prices by using cheap equipment, and then keep prices low by innovating at abstraction. And while they spread their data centers all over the planet, it's interesting to note that the biggest providers are all US corporations.

Every time I have a stage, that's one of my goals. Well, not taking people out for a spanking, heh, but providing an opportunity to learn something new.

AWS is composed of a multitude of services. It's the most feature-rich cloud platform available now, although the competition is heating up. AWS is absolutely enterprise-grade. They just don't do a satisfactory job of explaining this.

The prices for EC2 instance types range from $0.02/hr to $2.97/hr, depending on processor/memory/disk combinations and geographic location. The prices for S3 storage range from $0.037/GiB/mo to $0.170/GiB/mo, depending on quantity and location; there are also bandwidth charges. Both favor competitively with the costs of purchasing, staffing, and maintaining on-premise equipment, especially when you factor in the cost of matching AWS's durability and redundancy. However, S3 is not suited as a replacement for your four terabyte NAS at home, and if you do the math, it will appear expensive. CrashPlan, among others, is a better option in this case.

In essence, you've captured some of the utility mindset with this realization. I suspect you hadn't thought about it in these terms before. When we allow updates from Ubuntu (or Microsoft or Oracle or whomever) to install on our PCs, we're trusting that some good reason exists to do so. Occasionally updates break, occasionally they contain regressions -- developers are human and all humans make mistakes. But, mostly, they just work. And I'm happy for that: I'm not a developer, and there's no way I could perform my own testing and maintenance on all the source code that gets compiled into the binaries that run on my PC.

The cloud can be thought of as an extension of this notion. Well-run clouds offload IT organizations of the boring heavy lifting otherwise required to maintain an infrastructure. Developers can concentrate far more on working for the business.

Cluster compute instance type. 88 virtual cores, 60.5 GiB RAM, 3.8 TiB storage, 10-gig nonblocking Ethernet. Rent-a-Cray for $2.40/hr!

TBH, I'm still not quite happy with this portion of the presentation. I need to spend more time developing the ideas. They're there, but delivery could be crisper. Thing is, it's also the most challening portion of the talk to deliver, precisely because I know I've wandered away from the techie bits and into topics that scare a lot of people. So maybe I'll never be completely comfortable with this part, and perhaps that's a good thing. Such discomfort will prevent me from becoming complacent.

Thanks for giving me an hour of your time, Jerry. It means a lot. I'm glad you found the presentation enjoyable and informative.

Interesting subject, and very nice presentation, Steve. I like your style and can tell you really enjoy your subject matter (which is the key to doing a good presentation, as we all know).

Meta-comments ...

You made the comment regarding adaptability -- people must adapt to change. How nice to be nontechnical and not have a "need to know." Those of us who are geeks, ex-geeks, or generally technically oriented now or in the past, have a real challenge in trying to keep up with technology even at the conceptual level. Of course, MOST people could USE a cloud service without giving a s*, but not "us"--we feel we gotta have at least a conversational understanding of it. GG, I'd say you are doing pretty good at "this" age (60+) keeping up.

Your topic and presentation has motivated me to at least try to get informed, and thus I started here:
http://en.wikipedia.org/wiki/Cloud_computing

As for jobs--an issue you addressed in your encouragement to your audience, it would seem there are still plenty of jobs for people, and some jobs will be made much easier (by passing off stuff to the cloud providers). For example, http://en.wikipedia.org/wiki/Cloud_c...ud_engineering.

Interesting. Thanks for bringing this up, Steve.

Ars Technica has an interesting article today that showcases the power and flexibility (and cost effectiveness) of cloud computing: http://arstechnica.com/business/news...r-research.ars

Really impressive stuff!

PS. @Steve - dunno if it's just me, but having watched your presentation, you kind of remind me of a cross between Lance Henriksen and Sting

What I "thought" I knew about the cloud was all wrong, just like the title of your talk claimed. My jlkreps.net "cloud" isn't even a shadow. Not only could I not think about it in those terms, I didn't even know about those terms. What's the old joke: "Not only did he not know, he didn't even suspect."

The pleasure was ALL mine. I really enjoyed your presentation and it was very informative.

Thank you. I've spent a great deal of my career doing public speaking, and one thing I learned early on is that you must love your topic and honor your audience. They are giving me their time. It's my duty to make that valuable.

And the rate of change shows no sign of abating! Even when I try to constrain myself to my primary areas of interest -- cloud security and cloud performance -- I sometimes feel a bit behind. Deep specialization, I think, is the only way that IT types can survive.

I'd encourage everyone in an IT career to spend a couple years working for a major cloud provider.

The pharma companies were one of the first industries to grok how the cloud could advance their own businesses. They remain showcase customers for many cloud providers.

LOL! I take advantage of every opportunity I can to give people something just a bit different and unexpected

Forty two years ago I graduated with major and minor degrees in five areas, and certifications to teach in all five. Over the years, especially in Physics and Math, I maintained a program of regular review to maintain what I had learned, and research, to discover advances in the fields. Within 15 years it was obvious to me that I was having a difficult time keeping up in Physic, Forget the rest, and still maintain my consulting business and earn a living. I reluctantly dropped those habits.

I began using Linux in May of 1998. I devoured everything I could find on it. I configured and compiled all of my kernels to tune them to my PCs, as well as the ethernet, sound and video drivers. I understood Linux at the configuration level and had no difficulty in setting up turnkey systems that were bulletproof. A mere 10 years later, at the time of my retirement, I found it impossible for me to keep up with all of Linux, even being retired. Now I find it impossible to keep up with the changes in KDE I get surprised by new KDE developments so often I feel like a noob. Much of what I had learned no longer applies.

The rate of change is becoming astounding. It's exactly what I noticed about Physics 30 years ago --- the field had become so broad and deep that sometimes there were only a handful of people with whom a researcher could talk to, or to whom they could speak about their research. When one person goes so narrow and deep who in the world is qualified to "peer-review" his work? Things have truly become "magic".

If it weren't for Google (or DuckDuckGo) I'd have no brain at all.

You might be interested in this: "Is Google making us stupid?" Since that publication, he's expanded it into a (rambling, mostly critical) book called The Shallows. Personally, I disagree with Nicholas Carr's assessment that the Internet is negatively affecting how we think. Yes, it's certainly changing how we think, but why assume this change is bad?