Skip navigation

Cloud computing. It’s a term that has become so pervasive that it’s easy to imagine it as the next logical, progressive step in computing. I, however, find myself agreeing with Richard Stallman more and more. Cloud computing is, perhaps, the least needed, least thought out and, potentially, most dangerous “improvement” in modern computing history. I’m also aware that I am in the minority among tech-savvy users when it comes to this position. With that in mind, I must acknowledge the potential benefits. Moving applications and data storage onto servers has it’s advantages. The operating system is no longer a barrier. A person wouldn’t have to choose their software based, in large part, upon their operating system. Data storage becomes more convenient as online storage solutions such as Amazon’s S3 service enable ordinary users to essentially operate their own, mostly hassle-free, web servers. Even seemingly innocuous services like web e-mail and hosted blogging services illustrate the ability for “cloud computing” to makes previously complicated services simple. Anyone can run their own internet-connected file server. But only a few have the technical knowledge or desire to successfully do so. So why don’t I like cloud computing?

There are three main reasons why I’m luke warm on cloud computing. Cloud computing requires the user to depend upon a machine, run by someone else, whose only connection to him is through the internet. Cloud computing means sending to and storing data on a server that you don’t control, and whose security measures you cannot be sure of. Cloud computing also has the potential of being less secure than traditional desktop computing.


Reliability is an essential aspect of any system. A computer is only useful as long as it continues to function. A website is only useful as long as it continues to run and have bandwidth and resources available. When you consider cloud computing according to these simple requirements, it ought to seem obvious that computing in the cloud will be less reliable, everything else being equal. An application depends upon a single workstation having enough resources available and, at a lower level, functioning hardware to run. Cloud computing requires the same thing from a server, which is most likely being accessed by multiple users, and a functioning internet connection with sufficient bandwidth. Increasing the point of failure will inevitably lead to an increase in potential that such services will be degraded or even fail.

But what of hardware failures? Isn’t it true that a business will use better hardware and employ people who are more knowledgeable than the average consumer? Won’t these considerations tilt the scales toward the cloud? Simply? No. Hardware performance and quality have been increasing while the cost has been decreasing. This inverse relationship allows the average consumer’s desktop to be more capable than it ever was before. It is true, however, that in the rare case of hardware failure a cloud application will have built-in redundancy and people capable of fixing such problems. This prevents most breaks in service. Yet, this fails to be a strong argument. Most consumers have multiple computers, a fact that will become increasingly more widespread as the cost of hardware goes down. That, coupled with a prudent back-up plan, would allow most consumers to avoid serious disruptions.


I was originally planning to focus exclusively on the privacy implications of moving and manipulating data on a “foreign” server. The truth is privacy seems to be important only to a select few people, myself included, and the consequences of cloud computing really extend to the concerns over control. Cloud computing leads to a fundamental loss of control. Our data is stored on someone else’s servers, in someone else’s building. By doing work through a cloud application, the user is fundamentally placing undeserved trust in the honesty of the application owner and it’s employees. In all cases the user is put into a situation where he lacks actual physical control over his data.

Why does this matter? Data is malleable. It can be easily changed. Data is also easily copied. In this situation, someone else can more easily copy and/or modify your data and monitor you. It also opens up the further possibility, suggested by recent events, that you could even be locked out of access to your data and applications. Some of these risks can be mitigated through the use of encryption. Encryption is no panacea though. Most people choose weak keys/passwords. This makes the encryption much weaker. Also many application providers offer secondary means of access, often in the form of “security questions”, which are usually even weaker than the key or password in use.


Cloud computing, currently, is potentially less secure than traditional desktop computing. Web applications are typically available at any time of the day, and any day of the week. That means it is available to attempted exploits at any time. The database and/or data behind the application are continually available to any one who is able to gain access. Contrast that with a desktop application. A person who gains access to that desktop will have access to the data on that specific machine. If the network which the computer is on happens to be unsecured, then the person could gain access to them at well. At it’s worst, the damage is limited to specific instances—specific machines. In other words, it is easier to limit the damage caused by penetration through a flaw in a desktop application than it is with a cloud-based application. A cloud application is, then, a bigger target than any individual user would be. That combined with the current current vulnerability which modern web applications have shown to attacks by malicious users, ought to inspire caution.



  1. Control. That’s my favorite critique of cloud computing. Your information isn’t yours if someone else can copy it and use it without your permission, or deny you access to it. Its a fundamental ownership thing that will put a lot of power in the hands of the server controllers that used to belong to the owners of the computer hardware/software.

  2. It is interesting and refreshing to find a critical point of view on the phenomenon of cloud computing, here i leave you with a great piece on the subject if you want to check out

  3. The non-tech savvy people at my place of work like to use the word cloud as if its the future, when they don’t even know what cloud means. I have to explain to them that in a nutshell its your data stored on servers somewhere in the world. Just out there somewhere.
    Being the sole IT person, when they say they want to go with a “cloud based solution” for certain data, they have no idea what it means. They think since “cloud” is all the rage that by us doing “something” cloud that will be an industry leader. I tell them if they want to entrust our data on the “cloud”, they’ll have to do it without my blessing. That way WHEN an undesired result happens I will have deniability of responsibility in the choice to adopt cloud.

  4. I am an IT professional, specifically on cloud computing technologies and methodologies. I disagree with much of what is posted here. I think that there are healthy ways to mitigate risk while using cloud computing resources. I think that medium and large organizations are better setup to avoid risk, than individuals and small business’s. Organizations can afford to take the time to understand and truly trust their providers security architectures, hiring practices, uptime / reliability requirements, etc. They can also take steps to secure the transactions over the internet, and verify audits done on cloud providers (hired black hat teams, security certifications, etc). Of course, all of this adds cost and overhead to cloud. You have to decide if this overhead, mixed with clouds savings and convenience and advantage, makes sense for you. Often enough, users and managers tend not to do or know-about many of the various cloud risk-mitigation techniques that exist.

    PS: if cloud is so bad according to this author and the commentors – why is this blog hosted on a cloud-based SaaS blog, and not a personal web server and blog serving software?

    • Because the web is cloud based by default, unless its hosted on his own machine behind his own firewall. “Cloud” is fine for certain things. Just not, IMO, for sensitive or confidential data. Nobody cares if a blog gets hacked.
      Again, the big thing that bugs me about cloud is people acting like this is something new. But people are wanting to extend putting data on “the cloud” that belongs on a private network.

  5. I have read so many content concerning the blogger lovers but this piece of writing is actually a pleasant piece of writing, keep it up.

4 Trackbacks/Pingbacks

  1. […] response to Nicholas Sinlock’s Three critiques of cloud computing post yesterday, here is the opposite point of view. (Please check out the rest of his posts. […]

  2. […] naysayers like Larry Ellison and Richard Stallman started popping up, taking jabs at it.  This blogger even says that cloud computing "is, perhaps, the least needed, least thought out and, […]

  3. […] there are some serious disadvantages to cloud computing that smart people are raising as well. They center around control — a […]

  4. […]  “Three Critiques of Cloud Computing”, October 25, 2008 […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: