Re: All your database (and email) are belong to us ...

[der Mouse <mouse () rodents-montreal org>]

> > As long as you trust them, Google can probably keep the systems more
> > secure than a bunch of random sysadmins who may or may not have
> > training ...
> That right there is a heck of a point.

True - but it's also semi-irrelevant.  Whether Google *can* is not
nearly as important as whether Google *will*.  (The former is necessary
but by no means sufficient for the latter.)

Given all the other problems they have exhibited, I doubt they will.
And, given how high-profile a target they would make, I much prefer to
trust in local admins, who, while they may make more mistakes than
Google, will make different mistakes from the next site over.  This
venture of Google's centralizes sysadmin, turning it into a monoculture
- and monocultures have caused trouble just about everywhere they've
occurred; I expect this to be no different.

The real problem is that even if Google _does_ run these systems more
securely than (say) LA's own sysadmins, one crack means *everyone's*
security is blown, not just LA's.  That's the monoculture aspect.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse () rodents-montreal org
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.