Who owns the data in the cloud?

This discussion was created from comments split from: Knox is at the end of life ?.

Comments

  • Mork
    Mork
    Community Member
    edited March 2017

    It's amazing to me you've abandoned one of the best products you had and, in the process, abandoned me, the customer. I can't believe it takes "that many resources" to maintain Knox with security or other minor updates.

    And, I don't need your apologies for "any inconvenience" as a way of letting you off the hook.

    It's NOT OK.

    AB is going off in a direction that meets my needs less and less.

    I don't use/want 1P cloud. Period. I want Knox. Period.

    I tried to get a friend to buy 1Password standalone last week, but there was no mention of anything other than your paid (drip-drip-drip) cloud 1P option on your site I could find (of course I could have missed it, but if it's there, it's clearly not obvious). So, instead, he just downloaded the free password manager from sourceforge. It's not as slick as 1P, for sure, but it meets the critical requirements. And, no marketing shenanigans.

    Not sure what's happening at AB, but like so many other "cloud-only-forced-on-you" products, I've stopped using lots of companies' software.

    Seems like "marketing" has taken over.

    Thanks

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Mork: Perhaps like you, I have enjoyed using Knox for years. Actually, I continue to do so today. While Knox is no longer being developed, since it can continue to work for you as it always has, it doesn't seem like anything has been taken away from you. Your other comments don't seem to have anything to do with this discussion on Knox, but I'm glad to hear that your friend is using a password manager, even if it isn't 1Password. Nothing is being forced on anyone, and staying secure online is more important than whatever personal feelings you might have about "cloud" or "marketing".

  • Mork
    Mork
    Community Member
    edited March 2017

    Not "forced"? OK, I'll be very happy to say "Hey, I was wrong". So, where exactly is the perpetual license for 1P now? I was once told by 1P that they would continue to offer a perpetual license for 1P, yet I no longer see any mention of that option on their website. Did I miss it somewhere or was that promise hollow? So, assuming the perpetual license has gone bye-bye, I am forced to either buy the 1P "forced-subscription" or go elsewhere. Sorry for any lack of precision in my previous posting....That's what I meant by "forced". (as in "take it or leave it".)

    My "feelings" on the cloud is that it is not secure and susceptible to all kinds of problems, including 'who owns your cloud data', which has been reported on in various articles (just search "who owns your cloud data" and look at the hundreds of returned links). Plus, there's the drip-drip-drip of subscription-forced services whose main goal is cash flow. Plus, I would never store sensitive information in the cloud, encrypted or otherwise.

    1. Who "owns" that Cloud data?
    2. Who has access to that data?
    3. Who backs it up?
    4. Where are the backups stored?
    5. What happens if data is lost? Is the company responsible/liable?
    6. etc.

    Plus, just because nobody can decrypt my 1P data "today" doesn't mean, if it's somehow compromised (taken from the cloud via all-to-common hacks), it couldn't be decrypted later (via the coming quantum computers, or other techniques). Who's on the hook if that compromise happens? 1P? I doubt it. Nope, it's up to ME to keep MY data secure. That means, yes, to me, no cloud.

    I would gladly keep buying 1P, for example, perpetual license version 7, should it ever be released with new features I could use. However, based on evidence I see now, I am not holding out hope that perpetual license version 7 version will ever happen.

    Again, I hope I'm mistaken.

    Please let me know.

    Thanks for your reply.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2017

    @Mork: Thanks for replying. I hope you don't mind, but I've split you off into a separate discussion. You raise many important points, but since they have little to do with Knox I think it's best that this be a separate conversation.

    You ask some very important questions, and I'll try to answer each of them as clearly and succinctly as I can (though obviously these are pretty big questions, so it's tempting to get carried away!) Here are some quick answers, but I encourage you to read on after that for more information:

    • So, where exactly is the perpetual license for 1P now? While we are only marketing 1Password.com memberships, we do still have licenses for sale upon request.
    1. Who "owns" that Cloud data? You own your data.
    2. Who has access to that data? Only you can access your data.
    3. Who backs it up? A (cloud-based) computer does.
    4. Where are the backups stored? AWS servers.
    5. What happens if data is lost? Is the company responsible/liable? In the unlikely event that all of the redundant server infrastructure is wiped out, you and AgileBits probably have been too.
    6. etc. — I guess the rest falls under this. :lol:

    To begin with, I think that the most important thing we need to focus on is that security isn't about feelings, and that shouldn't be the focus. We've all got preferences and that's fine. And obviously when there are humans involved it's unavoidable to some extent. I hope you'll appreciate that I'm not saying that feelings — especially yours in this context — don't matter. They do. But if we making decisions in 1Password based on feelings alone doesn't bring us real security. Certainly feeling secure is valuable too, but only if something is in fact secure. Otherwise we're just letting our feelings fool us. And that goes for any of us.

    It seems like your main question is "Who owns the data in the cloud?", so I've used that title. But I can change it if you'd like. I just think it's helpful to have a focal point like that, especially since (at least to me) your other questions also stem from that.

    Now, when answering, "Who owns the data in the cloud?", I can only really respond from a 1Password perspective. There may be laws and regulations that apply to some folks after all. But for us at least the answer is simple:

    The user owns their own data, whether in the cloud or on their personal devices.

    On its face, there's a lot of legal nonsense and uncertainly around this question, but because AgileBits never has access to your data, regardless of the setup you choose, for the purposes of a 1Password user, it's simple, and hasn't changed since we first created 1Password. Even with 1Password.com, your data is encrypted on your device, so all the server ever ends up with is an encrypted blob. And since the Account Key is created locally, your Master Password is only known by you, and neither is ever transmitted, no one — including AgileBits — has the means to decrypt the data. (You can read more details on how all of this works in our white paper.)

    So, long story short, even if we were to become evil and want to get to your data, or government agencies tell us to hand it over, we can't. We just don't have the keys to it; only you do. So, even if in some legal sense you may not "own" something you secure in 1Password, you "own" it in the sense that you're the only one with the keys. Obviously this capability could be used nefariously as well, but we believe strongly that good people shouldn't be denied the ability to protect their privacy and security just because it could be used by baddies as well.

    But while we've designed 1Password so that no one could compromise us to get to your data, so we've also used much stronger encryption than is necessary for the foreseeable future so we have plenty of "comfort cushion". But you're right that technology marches on, and quantum computers might prove useful someday. While it's safe to say that research in that area isn't going to sneak up on us, hypothetically let's say that things work out. Even if we (collectively, as a planet) have all the technology and equipment needed, the power requirements constrain our ability to do the work in a useful amount of time (AES256, which we've been using for years, is often chosen with hypothetical future quantum computers in mind). The more likely scenario is that it continues to be a risk that someone can crack our data after we're long dead, but even by much more generous estimates we will have a lot of wiggle room when it comes to adjusting for new risks presented by new technologies. If pressed, I can totally change all of my passwords within a few decades. ;)

    Anyway, all of that is to say that we're very aware that having a service like this on the internet makes us a more interesting target. And this way, we simply don't have anything that would be useful to attackers. That may not matter to you if you simply don't want to pay for a subscription, but I wouldn't want you to have the impression that you're more secure by using a local vault, or less secure by using 1Password.com, as they're both using the same fundamental technologies with adjustments based on use and threat model.

    With regard to "cash flow", I don't think we've ever claimed that we're not trying to make money. That's the "sustainable" part of the phrase "sustainable business". We've never made it a secret that we're trying to make a living making software. We love what we do, would love to keep doing it, and "cash flow" is the only way that's going to happen — especially with continuous development, testing, and support, and now also server infrastructure, maintenance, and bandwidth. Also auditing and bounties. While we've built 1Password to be secure even in the case of a database compromise, we still want to keep it as secure as possible by preventing access to the server in the first place.

    In the end, it's important to us and to most 1Password users that 1Password just keeps getting better. So while you don't need to pay anything more if you're happy with the 1Password you already have, the way to get the most out of 1Password is with a subscription, because there are things we're able to do there that just aren't possible — both technically and financially — otherwise.

    I hope that gives a clearer picture of how all of this fits together, but be sure to let me know if you have any additional questions.

  • Mork
    Mork
    Community Member

    Appreciate your thoughtful and full reply.

    An example of trusting the cloud was just in another article I read today, in this case iCloud:

    http://mac360.com/2017/03/sorry-apple-i-cannot-trust-icloud/

    FWIW, I am not worried at all that AB would ever become "evil" or anything along those lines, just that it's up to me and only me to really protect my data. If I put that data in the cloud I've lost control of it. That's the crux of my posting.

    I'm happy to hear you still offer perpetual licenses "on request". My concern with that part of your reply is that I don't see how that the "on-request" (off the books, so to speak) model ever supports a 1P version 7, or beyond that is ever advertised and sold.

    I still like the old AB of years past. Yes, that's just my preference. :) Make money? Sure. Create software that's good and I'll buy it, but I won't pay monthly.

    Thanks again.

  • AGAlumB
    AGAlumB
    1Password Alumni

    No problem. Different strokes for different folks, as they say. Cheers! :)

  • prime
    prime
    Community Member
    edited March 2017

    That article made me laugh. It's like saying Apple shouldn't use other companies parts for their products either (Intel, Samsung, LG, and others). Maybe it's because I work in the technology field, I see stuff going down all the time, it's nothing new at all.

    Does this author think that when he goes on his IPS he stays on his ISP lines only? They don't. All IPS companies rely on others to work. All technology companies use other companies for other stuff. As long as Apple and Agilebits is encrypting my stuff, I couldn't care less.

    I can guarantee that that if and when Apple makes their own data storage, they will go down, and they will have hiccups. I promise that, and again I see it all the time.

    My company works for many telecommunications companies and I see emails everyday that something is down. It may be for a second, it may be for hours, and it may be for days, but it will always happen.

    @Mork, this isn't directed at you, and please don't think that, it's towards the author of that article.

    @brenty, thanks for more stuff for me to read.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @prime: You're welcome! :lol:

    What is really tough is that while certainly everyone makes mistakes and sometimes downtime is the vendor's fault, what I see a lot more is inter-ISP DNS issues or flat-out DDoS attacks causing problems for internet services, and since the internet wasn't built with any o f this in mind there just isn't a perfect solution. :unamused:

  • wkleem
    wkleem
    Community Member
    edited March 2017

    I know this is slightly off topic, but search of Microsoft - Danger outage. Microsoft, 10 years ago in 2007, purchased Danger who made the Hiptop, an early smartphone.

    Being reliant on the cloud, it happened that Microsoft had an outage and most Hiptop (Sidekick) users lost most of their data which were stored on Microsoft's servers, without redundancy as the main and backups failed at the same time! If there was a transition from Danger's non MS servers to MS ones, It didn't happen at the time of the outage.

    "According to the Financial Times, Microsoft said the data center it acquired from Danger 18 months previously had not been "updated to run on Microsoft technology."[1] A company statement said the mishap was due to "a confluence of errors from a server failure that hurt its main and backup databases supporting Sidekick users."[2] T-Mobile blamed Microsoft for the loss of data.[1]"

    https://en.wikipedia.org/wiki/2009_Sidekick_data_loss

    What's the difference between "outage" and data loss? :(

    Danger and Hiptop is now a relic of history. Microsoft shut it down.

  • wkleem
    wkleem
    Community Member
    edited March 2017

    One thing about Knox, and I say this as a non user, is that the latest version works with El Capitan. It won't work with macOS Sierra, going forward.

    I would love to get a license but Knox being an unsupported product, means that I am not buying it.

  • wkleem
    wkleem
    Community Member

    I have no idea how my comment about Knox ended up in this thread. Please move the discussion to the correct forum if you feel it necessary to do so.

  • Mork
    Mork
    Community Member
    edited March 2017

    On the "data loss" issue, my wife paid about $10/month to host her email with a major well-known Fortune-500 company. In the "cloud". She hosted her email there for 20 years. Then, one day her credit card was hacked and, in the four hours it took to fix things up, this company, as luck would have it, had tried to charge the credit card for the monthly payment.

    So, what happened?

    Though zero fault of ours, and although we contacted them within 4 hours of this happening, this major "cloud" email company deleted all her emails and her account. Despite multiple emails, snail-mail (to the president of the company), to tech support, on the forum, you name it, they were NEVER able to restore 20 years of emails from backups.

    Her emails were....gone. 20 years. Gone.

    That's the cloud. You're on your own. The cloud/subscription model is great for companies, and I agree, there is some convenience. But for me that convenience comes with too much (1) Cost (drip-drip-drip), but mostly, (2) risk.

    IMHO, the forced-subscription model allows companies to not be as innovative to sell the next release. They, instead, are just sitting back getting monthly payments. I'm not saying every company is like that, but the incentive to innovate is reduced with the forced-subscription model.

    We learned a valuable lesson: protect your own data. Forget 3rd parties.

    Stories like this, though not as extreme, have happened to people I know.

    John Dvorak at PCMag has written several insightful articles on this subject.

    --

    Speaking of "abandonware", I do not ever recall being notified by AB that Knox was no longer supported or available for purchase. I'm thus moving my Knox folders to an encrypted mac partition since I can't now be sure it will work in the next OS release and there won't be support for it if it doesn't. :(

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Mork: First, I can't tell you how sorry I am to hear about your wife's emails. You may not believe it, but it makes me physically angry. I've lost data in the past too, and there are few things I get as worked up about. :rage:

    That's the cloud. You're on your own. The cloud/subscription model is great for companies, and I agree, there is some convenience. But for me that convenience comes with too much (1) Cost (drip-drip-drip), but mostly, (2) risk.

    That said, I disagree completely. Certainly there are companies out there who just don't care. You may think it's not in their interest to. They probably do too. But the fact is that this kind of breach of trust is a great way to lose — and eventually go out of — business. I can't imagine you're their customer today.

    IMHO, the forced-subscription model allows companies to not be as innovative to sell the next release. They, instead, are just sitting back getting monthly payments. I'm not saying every company is like that, but the incentive to innovate is reduced with the forced-subscription model.

    It's just the opposite. With subscriptions, if we don't deliver a great service and continuous improvements, people have any opportunity to cancel — in many cases monthly. The incentive is there for us to keep providing value, otherwise customers do what I did with my Hulu subscription: "What is there left that I want to watch? Nothing? Okay, I guess I don't need to keep paying for this then." 1Password isn't the only game in town, and the only way we keep subscribers is by making it appealing for people to stay subscribed. You're absolutely right to think about your data though. But keep in mind that without our reputation, we don't have a business. So a failure on our part, whether security, data loss, or otherwise, gives people every reason to stay away from 1Password. And since we really love what we do and would very much like to keep making a living doing it, we're determined not to let anything bad happen to your data. After all, we want to protect ours as well.

    Speaking of "abandonware", I do not ever recall being notified by AB that Knox was no longer supported or available for purchase.

    Having Knox unavailable for purchase doesn't affect you if you've already purchased a license. Your license doesn't expire and the app will continue to work the same as it has been. Hypothetical future Knox customers also aren't directly affected, though if someone had already been in the middle of the free trial and decided they wanted to purchase it after we'd removed it from the store I can see that might seem rude. It isn't ideal, but personally I'd be more offended if a company sold me a license today for something they'd already decided not to continue developing.

    I'm thus moving my Knox folders to an encrypted mac partition since I can't now be sure it will work in the next OS release and there won't be support for it if it doesn't. :(

    Indeed, I'm still using it today, so I hope it doesn't break! We really won't have any way of knowing anything until WWDC at the earliest, and even then it may be months before the next macOS is really finalized, based on previous years. However, even if the app stops working, the chances that you won't be able to access your vaults is slim. Certainly it's possible, as Apple does change some big things from time to time. But Knox just uses macOS disk images, which are an OS features used in more places than I can count (every time you download an app in a .dmg, for example), so chances are if they make changes, there will be backward compatibility in place, or it will be possible to migrate them to a newer format. So while we're not going to be releasing Knox updates, it's hardly the end of the road for my vaults, and likely yours as well. :)

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2017

    @wkleem: I'm actually using Knox on Sierra. As far as I'm aware, the only limitation is that encrypting full drives with it cannot work in Sierra. But I'm still using it for all my individual vaults stored on my drives.

    And I definitely remember the Sidekick fiasco. I think Microsoft took some important lessons from that. OneDrive and Azure are rock solid.

  • pervel
    pervel
    Community Member

    IMHO, the forced-subscription model allows companies to not be as innovative to sell the next release. They, instead, are just sitting back getting monthly payments. I'm not saying every company is like that, but the incentive to innovate is reduced with the forced-subscription model.

    I simply don't understand that logic. I agree there are good and valid arguments against a subscription model. But this isn't one of them. To me the logic seems to be that if the company wants to keep me paying, they have to keep me interested. With a subscription model I expect the company to continuously update the product with both bug fixes and features. If they don't, I will cancel my subscription and move elsewhere.

    With a license model (i.e. a one-time fee for a specific version) the company has much less incentive to continuously implement new features. In fact, they will have an incentive to postpone new features until the next major version so that customers will want to pay for the upgrade.

  • DanielP
    DanielP
    1Password Alumni

    I couldn't agree more with you @pervel! :+1:

  • prime
    prime
    Community Member

    I agree also @pervel
    Even Microsoft gives you more when you subscribe to their Office 360 over buying the stand alone Office. As lone as they keep giving me more and making t worth it, I don't mind paying.

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2017

    @prime: I didn't realize that there was a difference between Office365 and purchasing a license as far as features. Then again, I didn't realize you could still buy an Office license... :lol:

  • prime
    prime
    Community Member

    @brenty With the office 365 you get 1TB of OneDrive and the license you don't. You also got better support too with 360 (it's Microsoft, so can't be all that great lol). The cool part is, if you need a TB of cloud, you're basically getting Office for free.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Ah okay. I thought you meant Office features. It makes some sense that you'd only get the hosting with a recurring subscription. :)

This discussion has been closed.