Lessons from a hard disk crash
Thursday, May 3, 2001 by Dave Winer.
Good morning sports fans, it's a bright new day, I'm feeling rather clean because yesterday I had a total hard disk crash. I lost every bit of information on my main computer. And of course my backups were inadequate, I lost some work, and learned once again that Murphy is my best friend and colleague. He's with me where ever I go.
I wrote yesterday on Scripting News: "As I put back together all my favorites and settings for the 18th time in the last three years, maybe now the value of HailStorm or something like it is sinking in. Suppose all that information was up in the cloud. So my hard disk crashes. Not a problem. Every time my computer boots it checks in with the cloud and gets all that junk."
Shortly after posting this I got an email from Brad Choate, who asks a question I heard a lot in the intial discussion of HailStorm. Here's an excerpt from his email.
I'm a big Microsoft consumer just like most people, but frankly Hailstorm scares me a little. OK, a lot. I remember when I first saw "The Net" -- the concept back then of someone erasing or hijacking the identity of someone else seemed ludicrous. But with a technology like Hailstorm, where user information is so centralized, it makes it much easier to be a reality.
I'm not suggesting that Microsoft themselves would be capable of abusing their own system, but they don't have the best track record when it comes to security issues. It's one thing for a standalone commerce site to be compromised, yielding thousands of credit card numbers. It's another thing altogether if someone breaks Hailstorm and grabs hundreds of thousands or millions of credit card numbers, addresses, and other personal information that Hailstorm will be collecting from every user. Frightening.
I forwarded Brad's email to Charles Fitzgerald, a Microsoft marketing director.
I said: "You must be hearing a lot of this.. What do you say to them?"
Here's what Charles said.
1. Our business success is predicated on giving you control over your data. Your stuff is your stuff - we're simply providing a system by which you manage, protect and securely share your data. If we fail to do this, we fail as a business. We don't like to do that. Aligning business model with customer proposition is a very powerful incentive to do the right thing.
2. Microsoft won't sell, mine, target or publish your data. Nor is there any advertising around HailStorm so we avoid any conflicts associated with ads. Contrast that to most Web sites or AOL which is all about monetizing your eyeballs and force feeding you a diet of pop-up banner ads, People magazine and the Cartoon Network.
3. The security system is a key part of protecting privacy of data. We think we have a very good and compartmentalized one that mortals can actually use (the weakest link in any security system is humans). And while theoretical browser holes and such make the headlines, the reality is we know how to run secure systems. We have some minor nits in the past (and hopefully we have learned from them), but the reality is we are probably the most attacked set of sites on the Internet. We get attacked tens of thousands of times a month - no better proof.
4. People have a hard time understanding just how terrible the privacy situation is today.