cloud | cloudsommelier

I recently asked my friends on Facebook and Twitter to help me fill out a survey. I have a secret admission: my intention was not to create or propose a new Netflix / Hulu / iTunes functionality. My intention was to see how many of my friends, who are relatively tech savvy, would reveal their propensity to share personal data
with an online video service. And it turns there are 4 brave souls who would share data! I want to raise
my glass to these 4 brave souls, and yet, part of me thinks they should be more hesitant.

Question 1:

To be fair, 100% of the survey respondents said yes to whether or not they had a Netflix / Hulu / iTunes service. This was satisfying to me, because I would expect no less of my friends. If someone did mark it as a no, I would have lost my mind trying to figure out who is still living in the 20th century. They probably chose not to fill the survey … so the final results here may be biased 🙂

Question 2:

The second question was also a filler question. Most of the people I know watch 30 minutes to an hour off an online video service.

Question 3

The third question is where it gets interesting. Let’s call this functionality S. I want to see this Functionality S in Netflix / Hulu / Movies on iTunes because I always fall asleep watching an episode or a movie before my wife does. And then going back the next day to watch the program means you have to watch the entire program from the start or struggle with streaming it to the exact spot (which I neverget exactly correct). Any small help in getting close to the spot where I fell asleep would help. I admit this is a very trivial problem; however, introducing ease of use in any product has always made it a great sale.

So what did my friends say? Apparently they agreed in majority. 70% of my friends thought it would be beneficial to have this option. 30 % said no, and no one skipped this question. I don’t know how many of the 30% have no partner / husband / wife. That is a piece of data I didn’t want to collect for obvious reasons.

Question 4:

For the next question, however, the tables turned. A large majority (greater than 80%) said no in regards to sharing any information about your partner / husband / wife to enable the Function S with the online service. In fact, some of you (slightly greater than 15%) might have been so turned off by the idea that you skipped this question. There were only 4 individuals who would share this data! Are these 4 brave souls or fools?

Side note: I wonder if anyone noticed that it was on the next page on purpose, to make sure there is little bias on the previous item from this question.

Thoughts:

I completely agree with the notion that sharing private details with an online video service can be difficult. However, I have to ask myself, most of the avenues where I asked the question are social media-based online services (cloud based services). These are online services where we are already exchanging this information. And with data mining and big data tools, being able to predict some of the semi-private information about your family has become easier. We all tag our spouses and partners on Facebook and Google+ pictures. Most of us exchange our family and partner’s geo data in our pictures and tweets as well. So what’s the harm in providing the partners’ basic information to an online video service?

The question becomes, are these 4 people actually smart to trade off functionality and ease of use for exchanging data that is already available? Or have they just given up the privacy and acknowledge that in this day and age it is not possible to maintain? And for the rest of us, why are we exchanging private data with sites like Facebook and Google+ but not others?

Results

By the way, I don’t get to see the personal information of any of the respondents.

Credits:

I produced the graphs using Tableaupublic.com. For a deeper dive of the results, you can view it at https://public.tableausoftware.com/views/Onlinevideoinfosharingsurvey_0/Dashboard1?:embed=y&:showTabs=y&:display_count=yes.

This is an anonymous post from a friend who has been involved in the tech industry for the past 7 – 8 years. While we are not always aligned in our views, he brings some unique insights that are worth sharing to get a diverse perspective on the issues.

Are you the reason why the cloud isn’t ready for the masses?

“I’m not an expert on cloud storage or security, but I do know enough to be dangerous. One thing I do know for sure is that the cloud isn’t ready for the majority of people to store their personal content. My parent, my siblings, my wife and my brother-in-law are all smart and intelligent but they are all exposing themselves to significant risk by using the cloud.

What bothers me a lot about this is that there are many of vendors that oversell the benefits of cloud storage and side-step some of the risks. They put the burden on the consumer to figure it out themselves. They even opt users in to using the cloud by default or make it confusing to turn the cloud sync functionality off. I’m looking at you, Apple.

“How do I turn the damn cloud off”

You need not look further than Jennifer Lawrence or other data breaches to see the impact of such an issue. Forget the millions of cases that never make it to the front page.

The biggest problem that we currently face is in dealing with passwords. The concept of user name/passwords is over 20 years old. As such, the weakest link isn’t the cloud but the user. Phishing can make it very easy for a user to give up their password. Even in cases where phishing isn’t involved, many users will use the SAME password on websites that they really should not trust. If Uber can have loose controls over who accesses your data, I guarantee you that other websites have weak controls as well. Who in those companies has seen your password? Do you even know?

What’s really scary is that you can be careful and provide unique passwords to each website, but accidentally type in the wrong password once and lose all the security you depended on. This is because some websites might be logging your password. Facebook’s founder took advantage of such an approach when he was in college. I used to accidentally do this all the time.

There are ways to alleviate this issue, but NO ONE wants to use them unless forced. One-time passwords (OTP) are a good example. Phones are a great way to actually verify the user. They allow a user to control who has access, because the minute they lose their phone they know that they are no longer secure. Setting up an OTP on your phone is what major cloud service providers recommend, but few know about it or use it. It also needs to be simpler AND available for use on ALL sites that you trust.

1Password-like solutions are also another great option. There is a chance your one local password could be compromised, but it is significantly lower risk than manually entering in the same password across websites (possible over the unsecure internet).

There are so many vectors for attack and many papers have been written about them, but OTP and 1Password-like solutions alleviate a lot of them with regards to protecting access.

For full disclosure, as I said before, I know enough to be dangerous. As such, I put a lot of sensitive data such as health related receipts in the cloud because I have given it significant thought and found it untenable to keep hundreds of receipts in my basement. I also use a VPN over insecure WiFi and encrypt files – but I think that’s a little extreme for most.

The reason why I wrote this blog post is because a lot of cloud vendors make ease of use a priority over security, because they need to show their VCs growth. But, they need to make our security our priority and innovate beyond the password. The assets they keep in their storage are, in many ways, more important than those kept by a bank. Once they are leaked, there’s no way for a government body like the FDA to make the consumer whole again.”