[LINK] SMH: '4800 Aussie sites evaporate after hack'
Roger Clarke
Roger.Clarke at xamax.com.au
Wed Jun 22 10:42:13 AEST 2011
>On 22/06/11 09:29, Roger Clarke wrote:
>> On the Whirlpool discussion forums, where there are over 60 pages of
>> posts discussing the Distribute.IT hack, customers were livid at
>> finding out their data was gone forever.
>> "I think I'm in shock ... I have lost everything .... I couldnt
>> possibly replicate all those years of work again ... my whole lifes
>> work is gone down the drain," wrote one.
At 9:43 +0930 22/6/11, Brenda Aynsley replied:
>I have no sympathy for people who who find themselves in this situation
>and who havent done anything themselves to protect their investment.
>
>I remember years ago losing about 4 hours of work on a computer; that
>taught me to take responsibility for my 'valuable' data and to keep it
>backed up. I now have a backup regime that I am happy with where the
>data I lose should disaster occur is within tolerable limits and it's no
>big deal to do the backups.
>
>what is wrong with people taking responsibility for backing up their own
>data? In my view this is the first law of being a user of any computer
>device. If you consider it of value, then treat it with the respect it
>deserves.
Under arrangements in the olden days, that worked.
But, with current outsourcing arrangements, there are many
circumstances in which a customer is unable to perform their own
backups.
For example, if a service has a front-end web-site that interacts
with a DBMS backend, the customer is unlikely to have access to the
DBMS and hence can't run scripts to periodically backup the database.
Indeed there are many contexts in which the customer doesn't even
have ftp-access to the directories containing the HTML, and hence
can't even run scripts to periodically backup the web-site.
In effect, service-providers are not just tempting customers to
delegate everything to the provider, but in many cases they're
actually precluding customers from retaining any vestiges of control
over their data and service. It's called 'lock-in' and/or 'what the
customer wants', depending on your point-of-view.
Hence my call for litigation to make abundantly clear to
service-providers that with the authority they're creating for
themselves comes responsibility, accountability, liability - and
ultimately personal bankruptcy.
--
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW
Visiting Professor in Computer Science Australian National University
More information about the Link
mailing list