What Tracks Do You Leave When It Comes To Virtualization In Cloud?19 Jan 2017
I spend a lot of time thinking about how technology can be used for good, and for bad. I feel pretty strongly that many technologists do not think deeply about the alternative ways in which their technology can be used, for both good and evil. This is one of the big challenges in the world of APIs, how do you encourage companies to open up their resources, knowing they may not fully understand what they are doing. It may be something that stimulates innovation, but it may also be something that gets abused.
One of the ways I push my understanding of technology is through my process of design fiction, where I write stories that push realities on my alternate Kin Lane blog, and similar stories from the world of APIs on alternate API Evangelist. A topic I'm pushing forward in this areas centers around how do law enforcement or the "good guys" conduct forensic analysis on mobile devices, as well as via laptops, desktops, and servers they obtain custody of--inversely I'm trying to understand how hackers or the "bad guys" cover their tracks. I prefer talking about this stuff out in the open so that others can learn from, whether it is for good, or for bad--I believe the good from being transparent outweighs the bad in many scenarios (not all).
When it comes to recovering data from laptop, desktop, and server hard drives, practices for recovering data, as well as covering your tracks, are pretty proven. When it comes to doing this on mobile phones there is still much being figured out when it comes to reliability getting into mobile devices, as well as a whole lot of discussion around what is currently possible, and being used by law enforcement, banks, and other corporate and government entities. We are seeing regular trickles of information emerging about what technology and services are available out there to help get at people's information stored on mobile phones--a discussion that needs to be further brought out in the open.
In my style, I am thinking about the future of how information is protected, and how the surveillance machine is getting at information. I'm focusing on virtualization, and like the unallocated space on a hard drive, how long does information stick around in virtualized environments. Increasingly we are storing information on virtualized storage instances, and running applications and desktops in virtualized environments. What does data storage, and recovery look like in these environments? I regularly fire up 20-30 virtual servers, along with virtual storage drives to process jobs, harvest and crunch data, then delete them when I am done. What happens to all this data? What is retrievable? I am not just talking about for my recovery needs, I'm talking about in law enforcement scenarios.
I'm not looking to do anything illegal--not my style. I'm looking to understand this so I can be ahead of the curve in poking, prodding, and stimulating the conversation about how we keep our bits private, as well as understand what the police and surveillance apparatus is up to. I am not team terrorist or criminal, but I am team anti-surveillance. I am a strong believer that if we can have an honest conversation about this out in the open, and better understand what is possible that we can sensibly mitigate criminal activity while also protecting the privacy of citizens and businesses. I'm just getting going thinking about this, talking with experts in my circle, and learning more. I will keep exploring both in reality here on my blog, as well as on my alternative blogs, and see where this all goes.
If you have any expertise or opinions in this area, I'd love to hear your thoughts.