Yottabytes: Storage and Disaster Recovery

March 27, 2016  4:48 PM

Open Source Database Raises Health Data Privacy Concerns

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Database, health, privacy, Security

It sounds like a noble cause: A company, Ambry Genetics, is making a database of information it’s collected about 10,000 people with breast and ovarian cancer freely available, in the hopes that other researchers can use it to help develop preventions and cures for such diseases. But while the company no doubt has great intentions, release of medical data like this can create health data privacy concerns.

“The 10,000 people all have or have had breast or ovarian cancer and were tested by Ambry to see if they have genetic variants that increase the risk of those diseases,” writes Andrew Pollack in the New York Times. “Ambry returned to the samples from those customers and, at its own expense, sequenced their exomes — the roughly 1.5 percent of a person’s genome that contains the recipes for the proteins produced by the body. Since proteins perform most of the functions in the body, sequencing just that part of the genome provides considerable information, and is less expensive than sequencing the entire genome.” The company spent $20 million on the project, he adds.

What makes this whole story particularly poignant is that Ambry founder and CEO Charles Dunlop suffers from cancer himself, which he attributes to a genetic mutation, and recently stepped down as CEO. “I would not be resigning if it weren’t for having stage four prostate cancer, which is now in remission,” he writes. “Cancer sucks. The stress of the job coupled with my gene mutation leaves a high likelihood of bringing the cancer back.”

This isn’t the first time databases of such anonymous medical data have been collected. Icelandic company deCODE is working to develop a database of health data for as much as two-thirds of the population of the country. Because the Icelandic population is relatively insular, this was a treasure trove for researchers, writes Emma Jane Kirby for the BBC.

“With little significant immigration since the Norsemen first settled here in the 9th Century, Iceland is among the most homogeneous nations on earth,” Kirby writes. “With so little background noise to filter in the small population of just 320,000 people, it’s much easier for scientists to isolate faulty genes than it is in larger multi-ethnic countries such as Britain or the US. Iceland also has a database containing the genealogy of the entire nation dating back 1,100 years.”

The Ambry Genetics database, known as AmbryShare, is nominally anonymous, Pollack writes. “AmbryShare will not contain the actual exome of each person, because that would pose a risk to patient privacy,” he writes. “Rather it will contain aggregated data on the genetic variants. For example, a researcher could look up how frequently a particular mutation occurs among the 10,000 people. Ones that occur frequently in these 10,000 patients, but not among healthy people, could raise the risk of developing those cancers.”

But health data privacy research has shown that “anonymous” medical data isn’t necessarily so and that individuals can be identified by a remarkably short list of data. In fact, just knowing a gender, birthdate, and zip code is unique for 87 percent of the U.S. population, wrote Seth Schoen for the Electronic Frontier Foundation in 2009.

“The notion of “anonymized” or “sanitized” data is then problematic; researchers habitually share, or even publish, data sets which assign code numbers to individuals,” Schoen wrote. “There have already been conspicuous problems with this practice, like when AOL published “anonymized” search logs, which turned out to identify some individuals from the content of their search terms alone.”

Also recall that law enforcement agencies have been doing what they can to mine genetic information from various private companies that collect it, such as 23andme. While the Ambry database includes only people with breast or ovarian cancer, it doesn’t necessarily mean that it could only help law enforcement track down people with those conditions. Certain components of DNA are passed down through the father and mother. It could happen that a relative of a criminal would be tested and in the database, which would help narrow down the search.

Health data privacy is likely to become even more of an issue in light of President Barack Obama’s Precision Medicine Initiative, which is intended to create a database of medical information for a million people and is expected to cost as much as $1 billion over the next four years.

“When information from one million people is brought together, it would make an attractive target for a hacker working to link the data back to individuals,” writes Dina Fine Maron in Scientific American. “Such a breach could rob both patients and their families of their privacy. Data for research are typically scrubbed of identifying factors like a patient’s name and birth date, but someone with enough information about an individual’s family tree may be able to connect some dots.”

In fact, health data privacy concerns have been enough to keep some people from participating in studies, Maron notes. But the PMI database could also include existing databases with participants who didn’t consent to this specific sort of aggregation, but who agreed that their data could continue to be used for research.

The downside of such privacy concerns is that not making the data accessible is a loss to research. “Admittedly, there’s not much loss to society if IMS Health can’t sell prescription data to marketers,” wrote the late tech journalist Steve Wildstrom in 2011, in response to a legal case on the issue of “anonymous” health databases that turned out not to be. “But there could be a considerable loss if researchers lose access to great masses of aggregated data. We are just at the point where the collection and analysis of vast amounts of data is becoming routinely practical. While there may be considerable risks in assembling that data, there is also a wealth of information about ourselves and our society that could be obtained from them. The debate must weigh both benefits and risks.”

March 17, 2016  4:55 PM

License Plate Readers Are Storing Everywhere You’re Going

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
privacy, Security

Remember a couple of years back, when people realized that their Android phones actually stored their location data, and how uptight everyone got? It turns out that private companies and governments are doing the same thing with your car using license plate readers, building gigantic databases of everywhere you’ve been. It’s perfectly legal, they don’t need a warrant, and they can even make money selling the data.

“These readers, which are situated at intersections, scan license plates and cross-reference them with state, federal and Department of Motor Vehicles records,” writes Jaxon Axelrod in American City & County of one such system, in Freeport, N.Y. “Police are alerted at a command center that is open 24 hours a day, seven days a week when a plate is connected with an infraction.”

The town of 43,000 paid $750,000 for the system, which has tracked 17 million plates in three months. In that time, Freeport has impounded more than 548 vehicles, issued 2,008 summons, returned 15 stolen vehicles to their owners, and arrested 28 people, Axelrod writes.

In fact, the system is so successful that the police chief wants to expand his staff of 95 by seven more officers to keep up, after overtime costs increased by 20 percent. Dissenters say the officers are being kept busy by writing up minor offenses such as expired tags.

In Pennsylvania, the state plans to eliminate registration stickers entirely in favor of license plate readers. Ironically, in that state, some police officers are against the idea, primarily due to cost concerns.

In other cases, private companies are collecting the data, writes Conor Friedersdorf in The Atlantic. “Throughout the United States—outside private houses, apartment complexes, shopping centers, and businesses with large employee parking lots—a private corporation, Vigilant Solutions, is taking photos of cars and trucks with its vast network of unobtrusive cameras,” he writes. “It retains location data on each of those pictures, and sells it.”

As of January, Vigilant Solutions has taken roughly 2.2 billion license-plate photos to date, and adds about 80 million more each month, Friedersdorf writes, noting the company has 3,000 law enforcement agencies, comprising approximately 30,000 police officers, among its clients.

Between 2007 and 2012, the U.S. Department of Homeland Security distributed more than $50 million in federal grants to law-enforcement agencies for automated license-plate readers, write Julia Angwin and Jennifer Valentino-Devries in the Wall Street Journal, adding that a 2010 study estimated that more than a third of large U.S. police agencies use automated license-plate readers.

It’s a lot of data that can infringe on people’s privacy by recording their comings and goings about sensitive locations, and which is readily accessible. “Police can generally obtain it without a judge’s approval,” Angwin and Valentino-Devries write. “By comparison, prosecutors typically get a court order to install GPS trackers on people’s cars or to track people’s location via cellphone.”

These systems are catching the attention of civil liberties organizations such as the American Civil Liberties Union and the Electronic Frontier Foundation. Aside from the whole issue of whether it’s a violation of our civil rights to use license plate readers to collect this data in the first place, the organizations are concerned about the safety of the data. In 2015, EFF learned that more than a hundred automated license plate reader cameras were exposed online, “often with totally open Web pages accessible by anyone with a browser,” the organization writes.

In response, some states are considering legislation, such as limiting how much data can be stored or the length of time it can be stored. The vendors, for their part, claim that such laws are a violation of their rights to free speech.

As with other privacy efforts such as the FBI’s attempt to get Apple to develop software to break into an iPhone owned by the San Bernadino shooters, supporters of the systems point to their abilities to fight crime. But only a tiny fraction of the captured plates are actually associated with a crime, according to the 2013 ACLU report, You Are Being Tracked.

“In Maryland, for every million plates read, only 47 (0.005 percent) were potentially associated with a stolen car or a person wanted for a crime,” write James R. Healey, Greg Toppo and Fred Meier in USA Today. “In one Sacramento shopping mall, private security officers snapped pictures of about 3 million plates in 27 months, identifying 51 stolen vehicles — but that’s a success rate of just 0.0017 percent.”

People who aren’t criminals are also concerned. “Through the “stakeout” feature, the NYPD may learn who was at a political rally, at an abortion clinic, or at a gay bar,” writes the ACLU. “Through the predictive analysis, the NYPD may learn that a person is likely to be near a mosque at prayer time or at home during certain hours of the day.  Through the ‘associate analysis,’ the NYPD may come to suspect someone of being a ‘possible associate’ of a criminal when the person is simply a family member, a friend, or a lover.”

On the bright side, technology is already being developed to solve the problem: “license plate reader blocker” has almost 100,000 hits on Google.

March 9, 2016  3:53 PM

Time for Backblaze’s Hard Drive ‘Swimsuit Issue’

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Backblaze, hard drive, HGST, Seagate, Storage, toshiba, western digital

The rest of the world has the Sports Illustrated swimsuit issue. The storage world has the Backblaze annual hard drive status report, but which is drooled over and argued over just as passionately, ever since the company started releasing the data a couple of years ago.

To give you some idea of the scale we’re talking about here, Backblaze had 56,224 spinning hard drives containing customer data as of the end of 2015, located in 1,249 storage pods. In comparison, a year ago the company had 39,690 drives running in 882 pods. That’s an increase of about 65 petabytes, more or less, the company writes.

The company uses 18 different types of hard drives in its data center, ranging from 45 HGST 8TB to 29,084 Seagate 4TB. It also still has 222 Seagate 1.5TB, which is the smallest drive it still uses.

Failure rates range from .44 percent for some models of HGST 4TB to 10.16 percent for the aforementioned Seagate 1.5TB models, which are also the oldest with an average age of more than 68 months. Not terribly surprising that they’re the ones most likely to fail. In fact, the company had said last year that it intended to migrate away from those Seagate drives.

Altogether, Seagate makes up 56 percent of the drives in the data center, compared with 41 percent for HGST and 3 percent for Western Digital. (Backblaze uses only a smattering of Toshiba drives.)

On the other hand, the company notes, when you look at the number of days drives have been in use, that statistic flips – HGST is 56 percent while Seagate is 41 percent. Why the distinction? “The HGST drives are older, as such they have more drive hours, but most of our recent drive purchases have been Seagate drives,” writes Andy Klein, director of product marketing. “Case in point, nearly all of the 16,000+ drives purchased in 2015 have been Seagate drives. Of the Seagate drives purchased in 2015, over 85 percent were 4TB Seagate drives.”

Consequently, Backblaze has largely migrated over to 4TB drives, with them comprising 75 percent of the hard drives the company uses, for a total of 42,301. 70 percent of them are Seagates, 30 percent are HGST, and Western Digital and Toshiba make up a sliver of less than 1 percent.

Of those 4TB drives, the HGST ones have less than a third of the failure rate of the other ones. So why not use just them? Because they’re not around any more. “The HGST 4TB drives, while showing exceptionally low failure rates, are no longer available having been replaced with higher priced, higher performing models,” Klein writes. “The readily available and highly competitive price of the Seagate 4TB drives, along with their solid performance and respectable failure rates, have made them our drive of choice.”

Klein also notes that while the Seagates do have a higher failure rate than HGST, it was possible to predict impending failures through SMART statistics, unlike disk drives from other manufacturers.

Backblaze has also begun using 6TB drives, which it began testing in 2014, and now uses nearly 2400 of them, Klein writes – 1882 from Seagate and 485 from Western Digital. However, the Western Digital ones have a failure rate more than five times higher than the Seagate ones, he notes.

In fact, Backblaze would love to buy more 6TB drives, but they are more expensive to buy and operate, and not nearly as available as the 4TB ones.  “There was a time during our drive farming days when we would order 50 drives and be happy, but in 2015 we purchased over 16,000 new drives,” Klein writes. “The time and effort of purchasing small lots of drives doesn’t make sense when we can purchase 5,000 4TB Seagate drives in one transaction.”

The company also has just a few 5TB Toshiba drives and 8TB HGST Helium drives, but didn’t say why it had such a small number – most likely because they were being tested until such time as they were cost-effective.

On the other hand, there are some models Backblaze no longer uses:

  • 1TB drives, having replaced them all with 4TB and 6TB drives to increase the capacity of its pods. It now uses the 1TB drives to “burn in” storage pods. “The burn-in process pounds the drives with reads and writes to exercise all the components of the system, Klein writes. “In many ways this is much more taxing on the drives then life in an operational Storage Pod.”
  • Seagate 2TB drives, because the company didn’t have very many, their failure rate was higher (10.1 percent), and they chose to upgrade the pods to 4TB drives. However, the company is still using more than 4,500 HGST 2TB drives because their failure rate is only 1.55 percent. Eventually they will be upgraded to 4TB or 6TB drives.
  • Seagate 3TB drives, which had a failure rate ranging from two to three times that of the closest other drive of that size. The company had said last year that it intended to migrate away from these drives, as well as the Seagate 1.5TB drives, due to their high failure rate.

If you’re just dying to get your hands on the raw data itself, it’s available online.

Disclaimer: I am a Backblaze customer.

February 29, 2016  4:47 PM

Amazon Web Services Jumps on the Zombie Bandwagon for Attention

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

A cloud company has finally figured out a way to get people to read its terms of service: Put a zombie reference in there.

“It’s hard to imagine the kind of person who would read all the way through Amazon Web Services’ massive terms of service agreement,” writes Jacob Brogan in Slate. “At more than 26,000 words, the document is denser and more digressive than Tristram Shandy, a veritable post-apocalyptic wasteland of legalese that dictates how users can and cannot employ products from the e-retailer’s massively profitable cloud computing division. Formidable as it is, however, someone managed to make it through.”

So where do the zombies come in? The service now includes a new Lumberyard gaming engine, which is free, open-source software intended to help developers write games. Normally, users are barred from integrating it “with life-critical or safety-critical systems,” including medical or military equipment,” Brogan writes. “Basically, that means you can’t use the software to program robot doctors or control weaponized drones,” which he says is pretty darn unlikely anyway. But just in case, all bets are off in the event of a zombie apocalypse, Amazon writes:

“However, this restriction will not apply in the event of the occurrence (certified by the United States Centers for Disease Control or successor body) of a widespread viral infection transmitted via bites or contact with bodily fluids that causes human corpses to reanimate and seek to consume living human flesh, blood, brain or nerve tissue and is likely to result in the fall of organized civilization.”

In the process, the zombie reference also helped promote Amazon’s new gaming engine. That’s likely to help the company’s cloud service, because the gaming engine must be hosted on either Amazon’s Web servers or the developers’ own, notes Elizabeth Weise in USA Today. In other words, no cloud service competitors, writes Chris Morris in Fortune. “And there’s no zombie apocalypse exemption there, so if the worst does happen, and Amazon’s servers go offline too, you’ll be out of luck,” notes Samuel Gibbs in The Guardian.

It’s not the first time that zombies have come up in the context of data protection and disaster recovery. In 2011, the CDC issued its own emergency preparedness and response circular about zombies.

“You may laugh now, but when it happens you’ll be happy you read this,” the circular warned. It went on to describe the zombie threat, and what people could do to be prepared in the event of a zombie apocalypse.

No, it wasn’t issued on April Fool’s Day, and no, it wasn’t a joke. Well, sort of. Did the CDC really expect a zombie apocalypse anytime soon? No, probably not. But it got attention, it made people laugh, and if it got people to read the circular, the information in it worked just as well protecting them against hurricanes and floods as it did against zombies.

As it turns out, the CDC may have been inspired by the Defense Department, which in 2011 released its own plan for “Counter-Zombie Dominance.” “Planners … realized that training examples for plans must accommodate the political fallout that occurs if the general public mistakenly believes that a fictional training scenario is actually a real plan,” quotes Foreign Policy in 2014. “Rather than risk such an outcome by teaching our augmentees using the fictional ‘Tunisia’ or ‘Nigeria’ scenarios used at [Joint Combined Warfighting School], we elected to use a completely-impossible scenario that could never be mistaken for a real plan.”

Cornell University also used zombies to help study the spread of disease, and in the process, figured out the safest places to be in the event of a zombie apocalypse. Similarly, last December, the British Medical Journal published a peer-reviewed study on the upcoming zombie apocalypse, to call attention to preparing for infectious diseases.

“Using zombies in lieu of real diseases gives researchers, public health professionals, policy makers, and laypeople the ability to discuss these heavy issues without getting bogged down in one specific outbreak or pathogen, because many of the problems we’d face during the zombie apocalypse are similar to those that come up in any serious epidemic: coordination. Funding. Communication. Training. Access to treatment or prevention,” writes Tara Smith, the author of the paper. “In short, it’s way more fun for the average person to shoot the shit about zombies than to have a more serious discussion about influenza, or Ebola, or whatever the infectious disease du jour may be–and maybe even learn a bit of science and policy along the way.”

In fact, the CDC zombie circular worked so well that the agency expanded the program into a variety of other content, including a graphic novel. The Amazon reference to the CDC may have been a nod to the program.

Considering that people have actually given up their first-born children through not reading terms of service carefully, vendors can’t be blamed for putting all sorts of weird things into them, just to get people to pay attention.

Newsweek, for example, pointed out that Tumblr’s community guidelines state: “While you’re free to ridicule, parody, or marvel at the alien beauty of Benedict Cumberbatch, you can’t pretend to actually be Benedict Cumberbatch.” And Tumblr also tells children younger than 13 in its terms of service to “ask your parents for a Playstation 4, or try books” instead of using Tumblr, writes David Goldman in CNN.

In that context, the amount of attention paid to the zombie reference in the Amazon terms of service worked pretty well – according to Google, it resulted in about 400 articles.

Well, 401.

February 25, 2016  3:03 PM

Verizon Reportedly Shutting Down Public Cloud Services

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
cloud, Verizon

Users of some of Verizon’s cloud services were left with two months to move their virtual servers to another, more expensive, cloud platform after the company told them it was shutting the services down.

Verizon Public Cloud and Reserved Public Cloud services will be shut down on April 12. The company told Bloomberg it intends to sell those businesses, which it bought through an acquisition of Terremark for $1.3 billion in 2011, and a later acquisition of Cloudswitch. Reuters had reported in November that the company had retained the services of Citigroup to help it sell the assets.

However, Verizon says it will keep its on-site Verizon Private Cloud (VPC) and Verizon Cloud Storage services active, writes Leo Sun for The Motley Fool.

Sun blamed two factors for Verizon’s decision. First, the company was having trouble competing on size with larger public cloud vendors such as Amazon and Microsoft. Second, it was having trouble competing on price with those vendors, as well as Google, which have been dropping costs for a couple of years now. “That move flushed many second-tier players out of the market,” he writes.

“It has become almost impossible to compete with AWS, Azure, and to a lesser extent with Google Cloud Platform in the market for renting virtual compute power over the internet and charging by the hour,” concurs Yevgeniy Sverdlik in Data Center Knowledge. “In competing with each other, these giants have made the cost of using cloud [virtual machines] so low and built out global infrastructure so big, no one can really manage to keep up.”

Because Verizon said it remains committed to supporting enterprise and government customers, Sun speculates that the company intends to provide more-lucrative private cloud services that don’t require it to support its own infrastructure.

Verizon government customers use a different cloud service platform, according to Frank Konkel in Nextgov. Verizon Enterprise Cloud Federal Edition is a public, private and hybrid cloud platform that has met the Federal Risk and Authorization Management Program’s standards, which are the government’s standardized cloud security requirements, he writes.

This isn’t the first time that a cloud provider has shut down with little notice, leaving its customers scrambling to find other options – as well as the logistical challenge of getting the data from one cloud provider to another. Cloud-based disaster recovery provider Nirvanix gave its users just two weeks when it shut down. Vendors such as HP have also announced that they are shutting down public cloud services.

In this particular case, Verizon is at least giving its users options, reports Barb Darrow in Fortune. “Customers on Verizon Public Cloud Reserved Performance and Marketplace can move their work to the company’s Virtual Private Cloud (VPC), which—according to Verizon, offers ‘the cost effectiveness of a multi-tenant public cloud but includes added levels of configuration, control, and support capabilities …’.”

On the other hand, these options are typically more costly. “These are dedicated, physically isolated cloud environments,” Sverdlik writes. “They are usually a lot more expensive than public cloud services, where many customer VMs run on shared physical servers.”

And in any event, moving virtual machines (VMs) takes a lot of work, Darrow quotes one user as saying. “It’s ‘a total pain’ that can take minutes to hours per VM because of a dearth of good migration tools,” she writes. Moreover, the hardware and application programming interfaces (or APIs) of the two kinds of cloud service are different, she adds.

Coincidentally, Terremark hit the news again this week, this time in connection with a post-mortem report on the botched Obamacare launch, for which it was a contractor. Five days before the launch, the company was ordered to double capacity within three days, but it proved not to be enough.

February 19, 2016  3:03 PM

FBI Finds ‘Perfect Test Case’ to Force Apple iPhone Encryption Issue

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Apple, Encryption, FBI, iPhone, privacy, Security, smartphone

Okay, it’s another government vs. encrypted smartphone situation. But this one is different.

Syed Rizwan Farook and his wife Tashfeen Malik, who last December killed 14 people and injured 22 others in San Bernadino, had an Apple iPhone 5c. The Federal Bureau of Investigation (FBI) wants to see what’s inside the phone, and it’s asking Apple for help.

So far, this sounds like your standard encryption case – Apple says it doesn’t have the password, and can’t decrypt the phone, so the FBI is out of luck.

What’s different in this case is that that’s not what the FBI is asking for. Instead, the FBI is asking Apple to write a new version of the phone’s operating system that will make it easier for the FBI to break into the phone.

The iPhone in question has several security features to help protect it against attacks, such as wiping the phone after 10 incorrect password attempts in a row, forcing passwords to be entered via the phone screen, and implementing a pause in-between password attempts. The FBI wants Apple to write software for that phone – and, it claims, only that particular phone – to eliminate those restrictions, so the FBI can more easily implement a brute-force attack against the device.

(Now, if the shooters had used a fingerprint rather than a passcode to encrypt the phone, the FBI would be in the clear. In fact, they could have even used the fingerprint from the dead shooter to open his phone.)

For the policy wonks, the FBI is using an ancient law called the All Writs Act of 1789, which is intended to compel a third party to help with a criminal investigation. Let’s say you stole something and put it in my safe. All Writs can be used by law enforcement to make me open up my safe to retrieve the stolen property.

Apple, though, is refusing, claiming that were it to write such an operating system hack, it could get out into the wild and be applied against any iPhone. (Including, Apple now says, against more modern iPhones that have even more security features built in.) “World War II, especially in the Pacific, turned on this sort of silent cryptographic failure,” writes Ben Thompson in Stratechery. “And, given the sheer number of law enforcement officials that would want their hands on this key, it landing in the wrong hands would be a matter of when, not if.”

Moreover, Apple is concerned about the implication of using the All Writs law in this fashion. “If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data,” writes Apple CEO Tim Cook in an open letter. “The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.”

Also, having once let the genie out of the bottle, what’s to keep the FBI from coming back and requesting this software hack again, in a different case? Or even, writes Farhad Manjoo in the New York Times, prophylactically? “Once armed with a method for gaining access to iPhones, the government could ask to use it proactively, before a suspected terrorist attack — leaving Apple in a bind as to whether to comply or risk an attack and suffer a public-relations nightmare,” he writes.

Apple could also be subjected to the same pressure from other governments, Columbia University computer science professor Steven M. Bellovin (who has just been appointed the first technology scholar for the NSA’s Privacy and Civil Liberties Oversight Board) told CNN.

Naturally, the FBI is using one of the more heinous recent cases of record to force the issue. Terrorism is right up there with child pornography in terms of being one of those crimes that of course you don’t want to be seen supporting. “For the administration, it was perhaps the perfect test case, one that put Apple on the side of keeping secrets for a terrorist,” writes Matt Apuzzo in the New York Times.

One could even speculate that the FBI doesn’t actually need the information on the iPhone, but is simply using this case to establish the precedent.

But having once established the precedent, the software could be used again. Already, notes the New York Times in an editorial supporting Apple, another federal magistrate judge in New York is considering a similar request to unlock an iPhone, this time in a narcotics case. The editorial also pointed out that Apple had already given the FBI data from the phone’s iCloud backup, and that the All Writs Act has a provision against unreasonable burdens. (Manjoo also notes that future versions of the iPhone could potentially close any such loophole.)

At this point, the usual suspects are all lining up on one side or the other on the situation, with some agreeing with Apple and others saying that the company is overreacting. For example, Apple is calling the FBI’s request a “back door,” but is it really? It depends on the definition you use, Thompson writes. “Cook is taking a broader one which says that any explicitly created means to circumvent security is a backdoor,” he writes. But to some, a back door is a way to bypass encryption specifically, which is not what the FBI is asking for, he explains.

Some observers believe that, thus far, Google is equivocating in its support for Apple. What makes it interesting is that Google, along with Apple, was the other company that announced in 2014 that it was turning encryption on in phones by default. Does that mean, if criminals used a Google phone, Google might be more likely to cooperate in breaking the phone’s encryption?

Apple may also feel freer to take a stand on the issue because, unlike Facebook, Google, and Twitter, its business model isn’t as strongly predicated on gathering data from users, write Nick Wingfield and Mike Isaac in the New York Times. In addition, Apple has fewer government contracts that could be at risk than do some of its competitors, they added.

Apple has received an extension from the original February 23 deadline and now has until February 26 to agree to comply.

Or not.

February 9, 2016  8:53 PM

Can Your Heirs Get to Your Data When You’re Dead?

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
privacy, Security, Storage

Normally, this blog talks about the value of protecting your data, whether it’s preserving it, locking it up, encrypting it, and so on. But today we’re going to talk about when you probably don’t want to do that.

Namely, when you’re dead.

Passed on.  No more. Ceased to be. Expired and gone to meet your maker. Stiff. Bereft of life. Pushing up the daisies. Metabolic processes are now history. Off the twig. Kicked the bucket. Shuffled off this mortal coil. Run down the curtain and joined the bleeding choir invisible. Ex-geek.

You get the picture.

“In establishing our online presence: a) we use a computer, camera, or mobile device; b) we register with online services: email, banking, online purchases, photo sharing, website hosting; and c) we store files on a hosting server, network, or cloud service,” writes Crystal Sharp in Online Searcher. “Most of us have several online accounts with different types of services: bank accounts and investments in more than one institution, medical records in a personal health record, website domain ownership information, and photos, music, video, and blogs on various social networking sites. On a regular basis, we may pay bills, collect royalties, make investment decisions, update information, renew subscriptions, or close accounts. Access to each account is by password and users are advised, for security, to have different passwords for each account.”

But all of that becomes terribly complex, Sharp warns. “In an emergency, no one may know what accounts we subscribe to, how to access information for each account, or how to deal with the content within each account unless we record details of the accounts we have, show how to gain access to each account, and provide instructions in a readable and easily available format on what needs to be done.”

Something to keep in mind is that these digital assets may have real value. A 2013 McAfee estimate found that the average person has digital assets worth $35,000. Whether it’s Bitcoin, airline miles, domain names you own, or purchased media, digital assets can add up.

There are certain terms of art associated with the post-death disposition of your digital identity, whether it’s data stored on your own servers, or data stored on somebody else’s servers. Moreover, a lot of this stuff is changing all the time, as these services figure out that, hey, clients die, their heirs want access to it, and they’d better figure out how to handle it.

So the terms you’re looking for are typically “digital assets” for the stuff, “digital legacy” for the stuff after you’re dead, “digital estate plan” for what to do with the stuff after you’re dead, and “digital executor” for the person who handles the stuff after you’re dead. This is all complicated by the fact that not all states recognize digital estate plans or digital executors, but it’s a good idea to write it all down anyway, recommends digital estate service vendor Everplans.

There have been a number of well-publicized incidents of heirs who struggled to retrieve the digital assets of people who died. In one case, a son gave up as much as $2000 in a PayPal account because the father hadn’t left a will granting him possession—even though bank accounts had no problem paying out.

Then there’s Michael Hamelin, a hacker who died in an accident in which his wife was also injured. He secured the family’s systems so well that even with the help of other hacker friends, she hasn’t been able to gain access to some of their files, including the only copies of digital photographs they owned, writes Patrick Howell O’Neill in the Daily Dot.

There have also been legal cases as companies wrestle with the issue of privacy vs. legal access. In one example, Peggy Bush, a 72-year-old Canadian widow, was told by Apple that she’d have to get a court order for the company to reveal the password to an iPad card game she and her husband liked to play. “I thought it was ridiculous,” she told Rosa Marchitelli in CBC News. “I could get the pensions, I could get benefits, I could get all kinds of things from the federal government and the other government. But from Apple, I couldn’t even get a silly password. It’s nonsense.”

Moreover, laws may vary from state to state. While the Uniform Fiduciary Access to Digital Assets Act (UFADAA) has been passed to help address this issue, not all states have supported it, and there has been pushback from vendors. Nearly half of U.S. states have introduced legislation in 2015 to enact UFADAA, according to ARMA International. “However, most of those efforts have stalled due to opposition from Internet and telecommunications companies concerned that the act raises privacy questions, conflicts with federal law, and undermines contract rights.”

(Something else to keep in mind is that when faced with grieving widows, companies have been known to bend the rules regarding access to digital assets, leading some to speculate that this will prove to be a fruitful avenue for social engineering, until companies catch on. “I’ve been involved in social engineering,” Andrew Kalat, a friend of the Hamelins who helped the widow deal with the aftermath, told O’Neill. “When I saw how willing companies with little or no planning for death were to bend the rules, I thought, ‘Wow, this is a powerful technique.’”)

The Internet abhors a vacuum, so startups have been springing up to deal with the issue. The Digital Beyond, for example, considers itself, “the go-to source for archival, cultural, legal and technical insights to help you predict and plan for the future of your online content.” While not a service itself, it does maintain a list of more than 50 services intended to help manage and control online content after the death of the owner. Other sites on the topic include Digital Passing, Everplans, and Planned Departure.

Kalat recommends setting up a “legacy drawer” with signon and account information, and actually swapping roles between spouses for a month every year so that everyone becomes familiar with everything.

That said, there may be …things… you don’t want your heirs to find. If you don’t want your kids screaming, “My eyes! My eyes!”, there are provisions for that, too. Some services offer “account incineration,” writes Rob Walker in the New York Times. “If you don’t want your heirs figuring out that you had a secret Tumblog clogged with pictures of Natalie Portman, maybe you should just arrange for it to be ‘incinerated,’” he suggests.

Some services are setting up procedures to deal with a person’s online accounts. Google, for example, offers Inactive Account Manager, a one-stop shop for all Google services that can alert people, pass on information, or wipe your account should you not log in after a certain (configurable) period. Facebook lets you set up a “legacy contact” to control your Facebook account after you die.

One way or another, the Internet will need to deal with the issue, because demographics are not in its favor. “By 2050 more than half of the Internet’s users will be dead,” writes Cory Doctorow in Locus. “That is, of all the accounts ever created by Internet users, more than half will have been created by people who have since died.”

January 31, 2016  8:38 PM

EMC-Dell Merger Hits Turbulence

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Dell, EMC, Storage

Okay, nobody thought that a merger the size of October’s marriage between EMC and Dell would be done this soon. But there’ve been a number of bumps in the road that are making some analysts – and, possibly, customers – concerned.

This past week, EMC held its quarterly earnings call, and the rumblings about the merger were such that CEO Joe Tucci made a point of saying, yes, the merger was still happening and still on track to close by October — if only because the deal included “significant penalties” should either side fall down on the job. (EMC would pay $2.5 billion to terminate the deal; Dell would be out $4 billion, according to the Wall Street Journal.)

EMC has made a number of changes to the merger in response to criticism, writes Barb Darrow in Fortune. “They reversed their stated plan to move VMware’s vCloud Air product into EMC’s Virtustream enterprise cloud unit because VMware shareholders didn’t like the idea,” she writes. “And, on New Year’s Eve, EMC said it was taking a $250 million charge related to its previously announced plan to cut $850 million in costs, including layoffs.”

The opinions of VMware shareholders are relevant because VMware is a big part of this merger. EMC owns about 80 percent of VMware, and VMware also provided about three-quarters of EMC’s value. Also, part of the way the deal is being funded is through VMware being considered a “tracking stock” that is intended to sweeten the deal to shareholders by as much as $9 per share – but some analysts are valuing that part of the transaction as essentially worthless at this point, writes John Shinai for USA Today.

That’s why another action also made watchers of this merger nervous: VMware said last week that it is laying off about 800-900 people, or about 5 percent of the company. In addition, VMware’s CFO is resigning and is being replaced by EMC’s CFO. VMware stockholders are reportedly concerned that the company will end up getting sold to help finance the Dell-EMC merger and they’ll lose money, writes Scott Ard in the Silicon Valley Business Journal.

EMC’s earnings were slightly less than expected. “EMC logged a profit of $771 million (39 cents a share), off from $1.15 billion, (56 cents a share) from a year ago,” Darrow writes. “Excluding merger-related costs and other items, earnings per share fell to 65 cents from 69 cents. Revenue fell 0.05% to $7.01 billion. Analysts had expected 65 cents profit on $7.12 billion in revenue.”

Analysts didn’t blame the merger for the slowdown, just the same sorts of things that have been hurting EMC in recent quarters all along — the adoption of cloud storage, software-defined data centers, and price declines of flash-based storage solutions, writes Morningstar. On the other hand, Tucci reportedly blamed “angst” about the merger as part of the reason for the slowdown, writes Curt Woodward in the Boston Globe. The value of the dollar is also a factor.

In case you forgot, EMC had lower earnings last quarter, too, just a couple of weeks after the merger was announced.

Moreover, since the announcement, both EMC and VMware stock have dropped in value. EMC stock was around $33 a share in October, and now is well under $30 a share, Shinai writes. This is a problem because the deal is predicated on EMC stock being valued at $24.05. If the stock price falls below that level (which it did during at least one point during the week), it’s going to be tough to complete the acquisition, he writes. VMware stock has dropped 40 percent in that same period, he adds.

The result is that the value of the deal has dropped by $9 billion, to only $58 billion, according to the Wall Street Journal.

There’s also concern that Dell might have trouble raising the $40 to $50 billion in debt required to close the deal, writes Billy Utt in AustinInno.

Further down the pike, there’s some concern that EMC may have trouble retaining its employees if they’re concerned about the company’s future, writes Scott Kirsner in BetaBoston.

“We’re confident. We know what we’re doing,” Woodward quoted Tucci as saying on the call.

We shall see.

January 26, 2016  12:04 PM

User Finds Amazon Glacier an Expensive Roach Motel for Data

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Amazon, cloud, Storage

People used to joke about the notion of “write-only memory,” where data could be written to it but not retrieved again. To at least one user, that’s what’s happening with Amazon’s Glacier service.

As you may recall, Glacier was announced in August, 2012, as low-cost storage for long-term archiving in return for customers being willing to wait several hours to retrieve their data. That resulted in a cost of $10 per terabyte of data.

But a fellow who used the service found out that retrieving his data wasn’t nearly as easy as putting it in there. Marko Karppinen writes in Medium that he used the service to back up some 150 CDs, or 63 giagabytes, soon after the service became available. Recently, he decided to migrate the data.

“The culprit was the same neat freak tendency that had me toss all those CDs in 2012,” Karppinen writes. “I simply no longer wanted to have that 51¢ AWS bill appear, each and every month, in my email inbox and on my AmEx statement. Here in present-day 2016 I’m paying for a one-terabyte Dropbox account and, as a part of my Office 365 subscription, a 1TB OneDrive. Why would I keep a convoluted 51¢-a-month archival setup when I already have all the cloud storage I could need, on two diverse–yet–incredibly–convenient providers?”

But Karppinen found out it wasn’t as easy – or as cheap – as he might have thought. First of all, it was technically complicated to do, with limited tools to support it. Moreover, it is – as advertised – glacial, he writes. “Before you try it, it’s hard to appreciate how difficult it is to work with an API that typically takes four hours to complete a task.”

(Kind of like working with punch cards in the old days, grasshopper.)

Karppinen writes that he ended up spending most of the weekend trying various tactics – with a requisite four-hour wait after each new attempt.

Second, it was expensive. “Here I was, working on a full retrieval of the archive, something that Glacier was explicitly not designed for,” Karppinen writes. “Glacier’s disdain for full retrievals is clearly reflected in its pricing. The service allows you to restore just 5% of your files for free each month. If you want to restore more, you have to pay a data retrieval fee.”

When Karppinen had originally researched the fee, he noted that the description said it “started at” $0.011 per gigabyte, and assumed that that was what he would be charged, for a total of 86 cents. But as it turns out, it ended up costing him more than $150.

Glacier data retrievals are priced based on the peak hourly retrieval capacity used within a calendar month,” Karppinen explains.You implicitly and retroactively ’provision’ this capacity for the entire month by submitting retrieval requests. My single 60GB restore determined my data retrieval capacity, and hence price, for the month of January, with the following logic:

  • 8GB retrieved over 4 hours = a peak retrieval rate of 15.2GB per hour
  • 2GB/hour at $0.011/GB over the 744 hours in January = $124.40
  • Add 24% VAT for the total of $154.25.
  • Actual data transfer bandwith is extra.

Had I initiated the retrieval of a 3TB backup this way, the bill would have been $6,138.00 plus tax and AWS data transfer fees.” [All emphasis his.]

Remember, to add insult to injury, Karppinen still hadn’t gotten his music back – but he did eventually figure out how to do that. And he includes all the gnarly details.

Interestingly, when we wrote about Glacier in 2012, we noted two points:

  • “The service is intended not for the typical consumer, but for people who are already using Amazon’s Web Services (AWS) cloud service. Amazon describes typical use cases as offsite enterprise information archiving for regulatory purposes, archiving large volumes of data such as media or scientific data, digital preservation, or replacement of tape libraries. ‘If you’re not an Iron Mountain customer, this product probably isn’t for you,’ notes one online commenter who claimed to have worked on the product. ‘It wasn’t built to back up your family photos and music collection.'” [Emphasis mine.]
  • “There is also some concern about the cost to retrieve data, particularly because the formula for calculating it is somewhat complicated.”

Not to say “I told you so” or anything, of course. And Karppinen sounds like he’s figured that out already – and has a lesson for all of us as well. “More and more, we expect cloud infrastructure to behave like an utility,” he writes. “And like with utilities, even though we might not always know how the prices are determined, we expect to understand the billing model we are charged under. Armed with that understanding, we can make informed decisions about the level of due diligence appropriate in a specific situation. The danger is when we think we understand a model, but in reality don’t.”

January 22, 2016  3:02 PM

California, New York Put Forth Useless Phone Encryption Bills

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Apple, Encryption, Google, phone, Security, smartphone

California and New York are each attempting to pass bills that they claim will help protect people against crime, but in reality would likely simply eliminate a source of sales tax revenue from the state: Each is putting forth a bill that would forbid smartphones with unbreakable encryption to be sold within their respective states, levying a fine of $2,500 on each infraction.

As you may recall, this all started in the fall of 2014, when Google and Apple each released smartphones with encryption that even the respective vendors couldn’t break. Much handwringing on the part of law enforcement ensued, warning us of dire consequences such as pedophilia, terrorism, and so on. After the furor died down a bit, it has come up again in light of recent terrorist attacks and the concern (likely incorrect, as it turned out) that terrorists were using encrypted smartphones.

Now, one of the handwringers, Manhattan District Attorney Cyrus Vance Jr., has encouraged 62 New York district attorneys to ask the New York Assembly to address the issue, because the federal government has failed to do so, writes Seung Lee in Newsweek.

Democratic Assemblyman Matthew Titone, of Staten Island, put forth such a bill last June, but because the Assembly didn’t address it then, he has re-introduced A8093 during this legislative session. The goal of the legislation is to encourage the federal government to act on the issue, a spokesman for the Assemblyman told Lee.

Interestingly, according to some reports, it’s retroactive to January 1 of this year, meaning that Apple and Google could theoretically be on the hook for fines for smartphones they’ve sold legally.

At the same time, California Assemblymember Jim Cooper (D-Elk Grove) put forth a similar bill, Assembly Bill 1681. It is specifically intended to help law enforcement investigate and prosecute suspected criminals and criminal organizations that are found to be involved in human trafficking and other serious crimes, writes Hannah Albarazi for CBS. (One difference – the California bill doesn’t take effect until January 1 of 2017.)

Keep in mind what these bills actually purport to do. They don’t keep people from using encrypted smartphones in New York and California. They simply specify that vendors can’t sell (or lease) those phones in New York and California. The implication is that we could soon expect encrypted smartphone stores, like fireworks stands, to pop up around the borders of whatever states enact such regulations.

“I never thought I’d see an Apple Store in Newark (or Hoboken), but legislation to ban sales of secure smartphones will do exactly that,” noted one Twitter commenter.

Also recall that case law on whether people can be forced to surrender their phone’s encryption key is not yet settled. It all depends on whether an encryption code is something that is the expression of one’s mind, like the combination to a safe, which is protected under your Fifth Amendment rights not to incriminate yourself, or a physical key, something you possess, which is something you can be forced to produce. Courts have been going back and forth on the issue.

Meanwhile, members of the technology community ranging from Apple CEO Tim Cook to security expert Bruce Schneier have pointed out that encryption back doors don’t just open for the government or law enforcement, and would weaken security for everyone. “You can’t build a backdoor that only the good guys can walk through,” Schneier wrote when Apple first announced its policy. “Encryption protects against cybercriminals, industrial competitors, the Chinese secret police and the FBI. You’re either vulnerable to eavesdropping by any of them, or you’re secure from eavesdropping from all of them.”

“There have been people who suggest we should have a backdoor,” Cook reportedly told 60 Minutes. “But the reality is, if you put a back door in, that back door is for everybody, for good guys and bad guys.”

Ironically, while all this is going on, National Security Agency (NSA) Director Adm. Michael Rogers was telling the Atlantic Council, an international affairs think tank, that encryption was here to stay and that attempts to legislate it, as in California and New York, were misguided. “Spending time arguing about ‘Hey, encryption is bad and we ought to do away with it,’ that’s a waste of time to me,” Rogers said, writes Cory Bennett in The Hill.

Of course, to the paranoid, that simply is confirmation that the NSA already knows how to read our encrypted smartphones.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: