News AWS accused of a ‘digital execution’ after it deleted 10 years of users' data without warning — software engineer details “complete digital annihil...

[Admin]

A software engineer has warned against trusting cloud data storage services after suffering a ‘digital execution’ at the hands of AWS

AWS accused of a ‘digital execution’ after it deleted 10 years of users' data without warning — software engineer details “complete digital annihil... : Read more

 

[Hooda Thunkett]

I don't find any of this surprising. There's an oldish saying: "There is no cloud. It's just someone else's computer."

 

[chaz_music]

Uhm ... isn't the attraction to these kind of services is that they keep backups? You know: backing up your data just in case of failures or errors, just like this internal AWS goof?

In general, I don't believe you should trust others with your critical data and I keep it local for that reason. Having your data out on a cloud service or platform storage means that not only can the data just go away like this, it can also be stolen. And consider any of these kind of platforms as potentially dangerous: AWS, Onedrive, Dropbox, Gmail, Google Docs and Office 365, and email and texts of any kind that are stored externally on someone's servers.

If your data means anything to you, keep it local, and periodically make backups. If your data is very important to you, then even save backups off site, i.e., copy to a RAID array and save those drives at someone else's location (trusted friend, grandma's house, another business, etc.).

 

[voyteck]

If your data means anything to you, keep it local, and periodically make backups.

Or the other way around: work on a file stored in the cloud and make a local copy regularly. Actually, making local copies only seems the worst solution to me unless the data is stored outside. A burglary or a fire--and you lose everything anyway.

 

[Dementoss]

Keeping all your essential data in one place in the 'cloud', regardless of data security claims made by the company you choose, seems mad. Surely no company should put themselves in a position, where they are able to lose all their essential data, because of one mistake.

 

[Sippincider]

That’s why it’s called the cloud: POOF!

 

[DS426]

Uhm ... isn't the attraction to these kind of services is that they keep backups? You know: backing up your data just in case of failures or errors, just like this internal AWS goof?

In general, I don't believe you should trust others with your critical data and I keep it local for that reason. Having your data out on a cloud service or platform storage means that not only can the data just go away like this, it can also be stolen. And consider any of these kind of platforms as potentially dangerous: AWS, Onedrive, Dropbox, Gmail, Google Docs and Office 365, and email and texts of any kind that are stored externally on someone's servers.

If your data means anything to you, keep it local, and periodically make backups. If your data is very important to you, then even save backups off site, i.e., copy to a RAID array and save those drives at someone else's location (trusted friend, grandma's house, another business, etc.).

Cloud data can be backed up by other providers and tools. For example, Gmail has Google Takeout to export one's own data, and then there's at least one free tool out there that connects via IMAP to download Gmail emails and such. Office 365 isn't backed up automatically, just as most cloud services aren't and require (or *SHOULD have*) a 3rd party provider or local source that the data is backed up to. Barracuda, Veeam, and others have M365 Backup, typically using cloud-to-cloud backup.

I think the main takeaway of this article should be this: not trusting all of one's data with a single provider, cloud or not.

 

[SomeoneElse23]

I thought it was common knowledge that an offline backup is required.

But based on the number of successful ransomware attacks and cloud disasters, apparently it's not common knowledge.

 

[Pierce2623]

Uhm ... isn't the attraction to these kind of services is that they keep backups? You know: backing up your data just in case of failures or errors, just like this internal AWS goof?

In general, I don't believe you should trust others with your critical data and I keep it local for that reason. Having your data out on a cloud service or platform storage means that not only can the data just go away like this, it can also be stolen. And consider any of these kind of platforms as potentially dangerous: AWS, Onedrive, Dropbox, Gmail, Google Docs and Office 365, and email and texts of any kind that are stored externally on someone's servers.

If your data means anything to you, keep it local, and periodically make backups. If your data is very important to you, then even save backups off site, i.e., copy to a RAID array and save those drives at someone else's location (trusted friend, grandma's house, another business, etc.).

I agree 100%. Dude was crazy for using it as his primary storage. Roll Tide!

 

[Alvar "Miles" Udell]

Software engineer with over a decade of experience doesn't use backups because he said AWS's features should have been his backup...Doesn't matter that AWS possibly did something shady, still his fault.

 

[umeng2002_2]

Ah yes, the cloud...

 

[bit_user]

Uhm ... isn't the attraction to these kind of services is that they keep backups? You know: backing up your data just in case of failures or errors, just like this internal AWS goof?

I think they prioritize data security over protecting against flaws in their infrastructure or administration. So, I'd expect the backups are all encrypted and anonymized. What that means is that if your keys get deleted, then even though the backups are still around, it doesn't matter if you can't find or decrypt the data you need.

However, I have no idea about how AWS/EC2 actually works. I'm just speculating, because you're right that they certainly have backups and I'm pretty sure they didn't actively prune the user's data out of those.

 

[bit_user]

Or the other way around: work on a file stored in the cloud and make a local copy regularly. Actually, making local copies only seems the worst solution to me unless the data is stored outside. A burglary or a fire--and you lose everything anyway.

Another option would be to backup to another cloud-based service, such as Backblaze. It would have to be someone with their own infrastructure that you're certain doesn't just park your data on the same cloud platform you use as your primary.

 

[abufrejoval]

First thing they told us, decades ago: never work without a backup!

Reminds me of OVH (a French cloud provider), who lost a significant chunk of their data center near Strasbourg a couple of years go: far too many people only then realized that backups were an extra option and cost.

But yeah, AWS needs to learn a painful lesson about cheating and hopefully, they won't just lawyer the case (and the victims) to death.

 

[Bruce Benson]

I moved off of Google drive and docs for this reason and the possibility of outages. I have a Proxmox+Ceph cluster as my homelab running NextCloud+Collabora as my Google replacement. I keep a monthly backup in my fire safe and a daily backup to another Proxmox PC at a family member's house (backups encrypted). I use Google for sharing some things, but if they annihilated everything one day, it would not be a problem.

 

[abufrejoval]

I moved off of Google drive and docs for this reason and the possibility of outages. I have a Proxmox+Ceph cluster as my homelab running NextCloud+Collabora as my Google replacement. I keep a monthly backup in my fire safe and a daily backup to another Proxmox PC at a family member's house (backups encrypted). I use Google for sharing some things, but if they annihilated everything one day, it would not be a problem.

I'm working with a very similar setup. Ceph is only in the home-lab, but I'm building (single, non-cluster) long distance replicas with my kids, who are spread around the country. I'm also using Univention as IAM, originally because it integrated NextCloud, supported most Linux distros and Windows, and could be used for Proxmox as well.

Unfortunately that Univention/NextCloud integration is now toast, beause Frank Karlitschek evidently seems to think that Univention profits more than his company... Many of my fellow Germans just fail to go for the big picture!

For me the cloud availability track record was somewhat less important than MAGA protection: chances of being cut off by somebody's brainfart seemed much bigger.

Of course cloud prices would have been a rather important next barrier.

 

[adamXpeter]

This is not a classic backup problem.
They said "not to backup to the same machine" and AWS surely did not do that.
The mistake was that the point of the "same machine" is extended to the "same provider".

There is no IT solution for a terminated account.

On the other hand, it probably will not be cheap to regularly export all your data from a provider to home or to other provider.

 

[adamXpeter]

I moved off of Google drive and docs for this reason and the possibility of outages. I have a Proxmox+Ceph cluster as my homelab running NextCloud+Collabora as my Google replacement. I keep a monthly backup in my fire safe and a daily backup to another Proxmox PC at a family member's house (backups encrypted). I use Google for sharing some things, but if they annihilated everything one day, it would not be a problem.

That's nice until your provider thinks your _outgoing_ traffic is too high for a private subscription. (Assuming the burden of maintaining NextCloud+Collabora worth it, compared to a remote desktop connection to the home computer.)

 

[zzarac]

After reading comments here I know my take will be unpopular, but I do not feel sorry for this guy.

3-2-1 backup recommendation has been around for a long long time and if you're not following it you simply do not care about your data.

 

[passivecool]

After reading comments here I know my take will be unpopular, but I do not feel sorry for this guy.

3-2-1 backup recommendation has been around for a long long time and if you're not following it you simply do not care about your data.

The thought, the fallacy is, that there is a giant company with hundreds of employees, each of whom are responsible for and understand data protection 100x better than (I, humble consumer). That the bespoke company would delete the entire account including all backups, or that they would expose or allow the erroneous exposure of the entire bucket (with maybe the sensitive data of millions of users), would mean for sure that they are out of business, right? And so the risk management should be at a level beyond anything that I, personally, could ever maintain.

right?

Maybe I update the HDD i keep at in my ex-girlfriends basement after all?

 

[wbfox]

Hehe. Just when you think it's been a bad day, you read something that just makes you giggle.

 

[seanmchugh1]

Back to on prem!

 

[hotaru251]

According to this source, the initial verification request and suspension of the account were simply a smokescreen, as all Boudih’s data had already been wiped by accident.

i mean if that was somehow provable to be true...that would sink the trust of the service.

I feel for him losing so much becasue of possible error on mega corpo side, but i also dont feel sorry as ALWAYS backup stuff 3-2-1 especially if its got yrs of unpublished content :|

 

[derekullo]

I don't always test my code
But when I do
I test in production!

 

[Alex/AT]

Well, there are 2 assumptions about keeping your data / services in cloud (any kind of data, any kind of cloud):
- It can be shunned, lost or whatever damaged anytime
- It can be considered all leaked or perlustrated by default
Nothing bad in that, just keeping this in mind is the way to go.