Hint of Visibility in the Cloud
Visibility in the cloud is one of my concerns these days. When someone else hosts and processes your data, how can you tell if it is "secure?" I found Robert Graham's post Gmail now shows IP address log to be very interesting. Robert explains how Gmail using HTTPS doesn't always use HTTPS (which is old news, as he says), but monitoring (of a sort) is now available to determine if someone else is using your account. According to the Gmail blog, Gmail will soon make available logs of IPs using your Gmail account. I agree that the technique could be applied to other Web and cloud applications. How about a record of my Amazon S3 account?