Don’t Trust the Buggy, Bossy and Bleeding Cloud

Last week's stories about the brain online, from Google, Cloudflare, Uber and the FCC

WASHINGTON, DC - MAY 11: Federal Communications Commission (FCC) Chairman Thomas Wheeler (L) speaks as FCC Commissioner Ajit Pai (R) looks on during a hearing before the Privacy, Technology and the Law Subcommittee of Senate Judiciary Committee May 11, 2016 on Capitol Hill in Washington, DC. The subcommittee held a hearing on "Examining the Proposed FCC Privacy Rules."

Current FCC Chair Ajit Pai, dreaming of destroying all of former Chair, Tom Wheeler’s, good work. Alex Wong/Getty Images

Welcome to Last Week Was a Beta, our Monday look back on the big stories in tech last week.

So, I’m an Android user, and late last week I had to re-sign in into my Google account unexpectedly, just like loads and loads of others using Google’s mobile OS. Doing so is always a bit of an aggravation because I use two-factor authentication and it doesn’t work super well on phones. However it was a much bigger deal for people who use Google equipment to run their home network, using products like Google Wifi.

The same hiccup forced factory resets on those devices, which apparently was a giant pain for people who had carefully set up complex local networks. I would never know, because Google is the last company I would ever use at my on-ramp to the internet. The lesson here is larger than privacy: when devices obey commands from the cloud, you’re never really that hardware’s owner.

But in terms of cloud disasters last week, though, those resets were a side note compared to ”Cloudbleed” a vulnerability found in Cloudflare, as Gizmodo reported, that’s been causing giant websites that use its service to spit out random chunks of data into an as yet unknown number of hidden caches all over the internet.

In Google’s defense, one of its engineers actually discovered the bug, and Cloudflare quickly patched it. So that’s good. Cloudflare is also pretty sure that no blackhats ever found it or exploited it, but it’s been live since September. The lesson here shows the danger of one company dominating a particular facet of security online.

A former Cloudflare employee, Ryan Lackey, told Gizmodo that this turned out to be a tiny problem with big implications. His point though, was that if a tiny, tiny mistake (this one may have been as little as one wrong keystroke) leads to big problems, then a small mistake could yield huge problems.

No one in the tech press was that invested in the Cloudflare dustup though, because most people were looking for fresh angles on the viral report of sexual harassment at the un-taxi company, Uber. Not a story unique to the ride company, as the Observer found quickly in talking to other women in tech. And it’s just one facet of a larger story about Uber’s out-of-control culture, as The New York Times reported.

The question of Uber’s culture put the company under such intense fire that even its investors came out publicly to deride CEO Travis Kalanick’s plan to stamp out sexual harassment. The investors very reasonably pointed out that the company can’t expect a serious investigation if everyone involved has a larger stake in Uber’s ultimate success.

The flap got so bad that #DeleteUber appears to have actually started to register with the company, as Ars Technica reported.

Yet despite most eyes on Kalanick, for those who really pay attention to the wires and semiconductors of this industry, it still seemed dense for FCC chair Ajit Pai to delay rules that required ISPs to adopt reasonable privacy protections at the time that he did it, as Gizmodo reported. Cloudbleed was still a developing story when he acted Friday, so just at the moment that people found out that their privacy might have been compromised even when they thought they were protected, Pai decided to leave consumers a little less protected.

The controversy slightly obscured news that Google is also attacking Google over another cloud related issue: whether or not one of its former employees has been using what he learned at Google to build Uber’s self-driving cars. Google’s Waymo filed a lawsuit on Thursday in federal courts over the issue, as the New York Times reported.

The harassment controversy might hobble Uber, but don’t bet on it. On the other hand, a major legal loss on self-driving cars would be an existential threat to the company. As a transportation company, it absolutely has to win a piece of the autonomous car market, as we’ve previously reported.

Right now, Uber is just a mobile payment system wrapped in an ephemeral social network that connects people with cars to those without them, but, once there’s a person on only one side of that transaction, what Uber does today won’t be necessary.

So if the company doesn’t establish itself as an autonomous car contender, it will be $68 billion worth of vapor that just disperses out into other people’s clouds, while someone else’s software takes each of us where we want to go.

At least, humans are planning for human agency. Last week, an AI beat the living crap out of some of the world’s best Super Smash Bros players, as Quartz reported. Like last week’s forcibly reset Google routers, maybe the cloud will eventually decide when to pick us up and where we need to go.

We may never trust the cloud, but the day could come when we all just have to obey it.

 

Don’t Trust the Buggy, Bossy and Bleeding Cloud