WIRED:New technologies are beginning to show how we might have more independent, safer and more private lives online, writes Danny O'Brien
WHOM DO you trust? That's the question that users (and businesses) should be asking - with the entirety of their personal data and their backups in the balance.
From home-spun programs written to dump your computer's hard drive on Amazon's servers, to enterprise-level systems that backup an entire company's digital assets far from the office while its employees sleep, everybody wants to save their data offsite using the internet. Some might even store data on the internet that they don't keep in their offices, for ease of access from any location that has internet access.
Even if you don't have to worry about keeping the data safe in your office, it has to end up somewhere. Usually that somewhere is picked by the company whom you've chosen to hand your data to - and that can have some negative consequences.
Firstly, that company might screw up. Customers of The Linkup were shocked to hear last week that the company had irretrievably lost more than 45 per cent of its client data. The thousands of customers of Amazon's S3 had to do without access to their data when the storage service went belly-up for a few hours in the middle of the European workday.
Finally, there's the privacy issue. If you store all your files with another party, that company may be less protective of your data. Depending on circumstances, it may end up revealing that data to its employees, to your competition or even to the government.
It might turn out that, rather than trusting a corporation like Google or Amazon, you might be better off trusting the people you already know.
I've been playing around with an open source program called Tahoe in the last few days. I don't suggest you do the same, quite yet: Tahoe isn't designed for everyday use yet.
It's actually an internal program that a company called AllMyData uses for storing backups of its customers' data, but at its core it has a number of ingenious applications of high-level computer science that could gain widespread use.
They attack the problems of privacy and reliability by assuming that the machines on which your data will be stored are accessible to others, and potentially unreliable. Your data is stored in an encrypted, near- impossible-to-break cipher and stored across many machines, in such a way that a large chunk of them could disappear tomorrow and you'd still be able to retrieve your data.
I'm using Tahoe now between my friends to store data. We've set up a grid and drop files into it that we'd like to protect if our own machine's copy became unavailable due to a hard-drive error.
The collection of machines we're using is just our own computers. We each allocate space on our own drives and the data is spread across the network.
I can't read what bits my neighbours have stored on my drive and they can't read my bits. It would take a failure of 80 per cent of all of our computers before we'd lose data.
When you explain this set-up, people are sometimes uncomfortable. Firstly, they worry that the data is actually viewable in some way: that data stored on someone else's drive might accidentally be revealed. In fact, the encryption used in this model is very strong and known to be reliable against this kind of inspection. It is far more likely that the data would be discovered through some other route (like someone gaining access to your own machine through a virus or malware).
Secondly, many of us are uncomfortable with promises of reliability that are couched in percentages. An 80 per cent failure seems like a high number of hard drives (or friends) to lose, but it's not very emotionally reassuring. Presented like this, you start thinking of ways that it might be reached - perhaps there would be an earthquake or a brand of hard drive that fails?
Finally, I know some people are uncomfortable with what their friends might be doing with the resources they have donated into a general pool. Supposing one of your friends was doing something unsavoury, might you be implicated?
These are odd questions to ask when you realise that you give far more trust to these large corporations than you are willing to extend to your friends.
Companies could go snooping through your data. The same unexpected disasters - earthquakes, 80 per cent of the servers inexplicably dying - could just as easily strike any third-party to whom you've given your data. While that company may be insured, or you may have a service level agreement, there is still no way you can get your data back.
Finally, you're paying companies hard cash to provide these services: if they did anything salacious, should you be implicated as enabling them to do that?
I'm enjoying playing with these new technologies because I think they spell out how we might have more independent, safer and more private lives online. At the same time, though, I find the questions they raise a fascinating indication of how much we have grown to trust the big Web 2.0 companies - and sadly, how little we appear to trust each other.
I bet it's just a blip while we grow used to yet another new metaphor from the internet. You'll just have to trust me and see.
