Friday, June 25, 2010

Computing in the cloud and securing my private data

Since my computers are all connected to the Internet and there are many benefits in having my 'public' computing activities hosted or stored on public (free) computers, I have been assessing whether I can keep some  of my personal or 'sensitive' files in the 'cloud'. I have concluded that none of my sensitive data should ever be put in the'cloud'. The main reason for this is that, once these bits and bytes have been sent through my ISP's servers, they are in effect 'public' or at any rate potentially so. Essentially, I have lost control of where or to whom they are sent. I have always considered my email, blogs, webs and so on as essentially open to all, or at the very least to external organizations that demand these files from ISPs and 'cloud' resource managers. That way, I hope that I have not put myself in a situation where these files could cause me problems. I am very polite in these public venues.

The items that should not be 'visible' to the outside world are my password lists, private diary entries and thoughts, my photos and personal documents, including scanned copies of my passport and my bank and credit card details. My personal address database is also private and needs to be protected. I store these files as 'invisible' items for local use only inside encrypted volumes on the local hard disks of my personal computers. These files are synchronized to each other by using batch files to send them over the local network and with a portable hard drive, which is also encrypted. There are other layers of encryption. My private documents and databases can only be opened in their applications with a password. I use TrueCrypt as the tool to make encrypted virtual local drives within the hard drives of my computers and I 'hide' my private files within them. I try to ensure that these files have never been sent across my ISP's networks, or into the 'cloud'. I do not mount these virtual drives except when I need them and I do not leave them 'open' when I am surfing or using the Internet. If I had really sensitive (military-equivalent) data, I would keep it on a notebook computer which never accessed any network and which did not have any USB ports. Backing up hidden files to an on-line resource is clearly not a good idea, so I have to be responsible for making safe copies myself. I do not  allow any access to my computers from other computers outside my local network, although I recognize that this does not prevent others from maliciously entering my network and computers through crafted web pages, Trojans or key loggers. I just have to be alert and compute as safely as I can.

But the 'cloud' has many virtues. One is the excellent feature of many of Google's on-line resources that are often linked to each other: I can write a blog in my gmail account or in a Google Doc and publish it on my blog directly from either of these applications, as well as editing the blog directly in Blogger. I hope that other cloud resources will work as well as these, so that I need only one portal for many of the on-line files that I generate and use. Perhaps this will be a feature of  Google's OS?

I conclude that I have to compute in a schizophrenic manner, with two sets of rules, one for public and one for sensitive data. I have to decide which type of data is in each file before I create it.

I believe that a local encrypted virtual drive should be available to every user, to contain sensitive data in hidden files. Add that strong recommendation to my earlier one: that every computer should have two hard drives one of which is removable and which is used to clone the system drive and to replace it when it dies, a fate (like taxes) that all are subject to. Plan ahead!

Christopher Spry
Wimbledon, London
Updated 15:37, 29 June 2010

My website is cramped

Published TUESDAY, AUGUST 15, 2006

My website is cramped

It is surprising, in this age when hard disk space is cheap and widely available, that Internet Service Providers (ISPs) limit the space available to their customers. For example, I have a community website, for which I pay nearly £100/year, which limits me to 80 MB total space. I should like to add still pictures, videos, sound files and so on, but as my web space is already full (in fact they kindly allowed me 10 MB extra space) there is currently no possibility of doing this.

At another of my website, I have arranged for searches and access to be directed through my broadband connection into my house, where they are connected to the website which I am running under Windows XP. There is no limit on the size of the website I can provide here. Fortunately, this ISP does not charge for this useful service, so I do not need to purchase additional web space beyond the small amounts they allow me to use as part of my broadband account.

I see that there are some ISPs who are offering much more space that usual, but this does not seem to have stimulated the principal ISPs to increase theirs.

Major disadvantages of serving my web from my home computer, are that the uplink speed is slow, only one web can be made available this way for each broadband connection and the computer has to be on all the time. Many computers are not designed to run continually and there may be power supply or hard disk problems ahead. Perhaps I should consider buying a dedicated server to serve my web from home. My first searches on the Internet for a suitable computer have not been very successful. For about £350 I can buy a server that this has no monitor, keyboard or mouse. I suppose I could load Linux onto it and administer it from another computer. Suggestions about the best way to proceed would be gratefully received.

I'm sure there are many people like me who have web sites which are cramped and expensive to run. For us, a computer that would run continually and silently from home, would be a great step forward.

Christopher Spry
London, 15 August 2006

My new blogs

My blogs about the Natural World are at Here, I plan to comment on computing issues that affect me as I work with, and update several Intel/Windows PCs in Wimbledon, where the  Internet connection is up to 3.5 Mb/sec and in Senni, Wales, where the Internet is only available at up to 0.5 Mb/sec.

Christopher Spry
Wimbledon, London
15:19, 25 June 2010

Monday, December 05, 2005

Keeping software up to date and secure can be a nightmare

Today, I have been updating my web page that lists over 100 of the programs that I use. I have been trying to find and install updates for all of them, many of which could be security updates. It has taken all day. It was often a frustrating experience and it indicates to me that much of the software industry is still in its infancy in this area. This blog summarizes some of the problems I came across.

Some of the vendors were not able to provide access from their main pages to their software without trying to force me to buy products that I did not want (Adobe and Real Networks for example). Others did not provide information on the latest version of their software, until I had looked several pages deep into their sites, and then only when I saw the name of the download. I often had to update the whole program only after uninstalling the previous version manually. There were multiple reboots to contend with. Some had several programs packaged together, so that I had to retrieve all of them, when I only wanted part. Some discussed updates without actually providing them (vapourware, this used to be called). Some of the updates could only be installed if I manually uninstalled the previous version. QuickTime told me that my system could be unstable if I did uninstall the previous version, so I was not able to install the update I need to deal with a problem running the program. That one, I will just have to do without now.

Very few vendors email me when new versions are released, even though I have registered my copy with them (and used a key that locks the software to one computer) in the vain hope that they would. Fortunately, some have now added update options to the 'Help' tab in their software, but I have to look for them there. A few check for updates automatically and offer to download them. One of these 'clever' programs keeps telling me, incorrectly, to get an update. Some software has changed name, without making this clear. Many web sites have altered their update web pages, without providing links to the new web sites. Some vendors do not have updates for programs that they should - the user has to buy a full version when he/she only wants an update.

It is a disgrace that the software industry is in such disarray, when it comes to updates. This problem is not limited to applications. All the operating systems that I use are poor at this, as I know from hours spent with Windows, Linux, Solaris and Irix updates. It is rare for any vendor or software manufacturer to send me an email that they have an update. The principal exceptions to this are individuals who have specialized software, but they can offer me updates that are cosmetic or only deal with minor issues, which are not listed in the email, so I have to check at their website first. Commercial software organizations are happy to send me advertizing in emails, but rarely does this contain update information, and it never knows what software I am using, even though I registered it with them and the software can even check back to their website for other purposes. Some organizations require users to pay through their support sites to find out if there is an update.

So, here I am, having spent another difficult day, struggling around the net to do something that ought to take place in the background, automatically, while my computers are idle.
Christopher Spry, 5 December 2005

Firefox v 1.5

Firefox v 1.5 from

I have been using Internet Explorer for many years but this weekend I have transferred to Firefox 1.5. I am delighted with it. I am impressed with how well it works: fast, simple to configure and available with a host of functions that I use regularly. I particularly like tabbed internet browsing and bookmarks. It reads RSS feeds and has a simple appearance that I like. I strongly recommend it to Windows users. Be aware that it will take a while for new users to find out all that it can do, and I spend some hours configuring it and setting it up with my most useful bookmarks and settings, although bookmarks in Internet Explorer were imported for me. I shall be interested to see if the new version of Internet Explorer, which has been several years in preparation, will come up to these standards.

Christopher Spry

Wednesday, November 16, 2005

Blog software review

Three blog software products are reviewed at SitePoint. These are self-hosted, so they require some installation and maintenance. Blogger does it all for you.

Christopher Spry