2007MAY022054

2007MAY022054
web application hosting
Image by bootload
"…
who made who, who made you
who made who
ain’t nobody told you
who made who, who made you
if you made them and they made you
who pick up the bill and who made who
who made who
who turned the screw
yeah …"
[0]

I put this up yesterday, deleted it because I couldn’t quite visualise how this relates to what I’m doing. So here it goes.

The reason this page is was pulled is not because wordpress.com is bad. Not because Dig refuses to display it, nor the DMCA court order that requires wordpress, digg and the author to remove content. [1]

‘… In essence, application host owners have root and everyone else is a non-privileged user. So do not be surprised (but be alarmed) if root users take a peek at your files. …’

It’s the fact, google scanned the contents of one it’s users notebooks, recognised that it is illegal, then started the whole process.

The message is clear. If you want to use other peoples tools, free, for payment or otherwise are you sure they are not looking at your data?

This is one of the things I’ve been fearing, third party services that do not honour basic principals you have come to expect using your everyday tools. In this case I don’t think google alone is at fault (even though I’ve said it before google is evil). If users cannot expect the same rights that they have using their own tools on the desktop, it should be of no surprise if they are hesitant in using web based applications.

So if you use or rent third party tools while you can expect things to be backed up, visible anywhere, do not expect the same level of security you might think you should get. It’s often said web based tools replicate the functionality on basic unix systems. But where is the fine grained control for access?

In essence, application host owners have root and everyone else is a non-privileged user. So do not be surprised (but be alarmed) if root users take a peek at your files.

In the last project I was working on this is exactly the scenario tackled – private information on the boring desktop software (along with it’s nightmare installation problems) with some integration with the web. The difference is you had root. Not some third party service.

Who owns you?

Reference
[0] AC/DC, ‘Who owns who, May 24, 1986, Vanda Young’

lyrics.rockmagic.net/lyrics/ac_dc/who_made_who_1986.html

[1] webskine, ‘article on DMCA takedown’

taoetc.org/69

[2] Kevin Rose, ‘Dig this …’

blog.digg.com/?p=74