[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Thursday 17 May 2007 18:05, Neil Williams wrote: > On Thu, 17 May 2007 16:29:57 +0100 > > Tom Potts <tompotts@xxxxxxxxxxxxxxxxxxxx> wrote: > > > I still fail to understand the push from Google and Microsoft, as well > > > as others, to introduce web based office apps. Firstly, the poor > > > quality of broadband (or worse, dial up) in many areas of the UK and > > > indeed the USA, make this kind of thing virtually unusable. Secondly, > > > would I want my data stored on someone elses servers? > > Depends on the kind of data. Generally, I only put application-type > data on servers when I would share that data anyway. Online banking is > different but that's not a web application either. (I wouldn't use it > if it was.) > > > This is where a lot of people go 'wrong' on web stuff. > > Imagine you travel the world and you have all your data on your laptop. > > Your laptop gets nicked - all your data is gone, your whole office > > security is at risk. > > Standard security methods: encrypt what is genuinely sensitive, I've worked in industry - there is no such thing as standard security - people will keep unsecured copies of things 'cos its easier'. > don't copy onto the laptop stuff that you don't need at the time and, > optionally, provide some form of SSH connection to your main box in HTTPS works for web apps! > case you find that you need something later. Then standard GnuPG > behaviour: create a secondary key for use on the laptop that you can > revoke without having to also revoke your main key that always stays at > home. No security is completely impenetrable, it's just a case of using > sensible and reasonable precautions. Web2.0 is not a sensible risk, IMHO. > > > Now if you have a web accessible 'office' that you can securely access > > over the web, then the chances are you can work from anywhere in the > > world. > > So trusting the server (over which you have no control) is preferable > to trusting your own laptop? Who has root access to the servers that > you use - do you know? The server can simply be one of my machines at home - just cos its called a server doesn't mean someone else owns it! > > > The 'office' package can also be loaded onto a laptop and then > > synchronised with the central server when connections allow. > > So if the laptop gets stolen, you've STILL lost data and put your > office security at risk! In a business setup by keeping the main office on the server you can control what is on the laptop from there. Currently if you read a document on the laptop from the main server you have a copy of it on the laptop. You can configure your web office not to do that. > > > As for bandwidth - a decent web app may take a little time to load but see later... > > since your working locally there should be little working bandwidth. > > ? So Web2.0 is actually intranet 2.0 ? No, the whole point is lost if > it's only a local network. What point? Just because you have a network connection doesn't mean you have to send data up and down it. And a local network is merely a more (?) available and secure part of the whole network. I'm not really talking web2 here - though the flowcharting program was 'web2' it didn't have to be - the menus could have been loaded at startup. At startup of, say document editing, the (probably) javascript app is uploaded and then the document contents are loaded, the editing is done on the local machine. When done the document contents are sent to the server. Loading a new document would probably check to see if the app have been modified and only re-loading that if it had changed in the meantime and then loading the document contents. Now if you have 5000 people in your organisation and 5000 pcs and the app changes then you currently have to make sure you update 5000 pcs. With a web app they simply connect and edit and they're updated. The only binary you have to update is firefox. If you take a look at fckeditor: the demo loads pretty quickly - on my machine it loads a lot faster than any OO document locally and I can write a couple of hundred lines of code that would create a document management system in a DB with an LDAP security interface. Searching would be a doddle - all the data available on the db and not distributed over 5000 machines. Thats most of the last 10 years of M$ revenue stream in few lines of code. OK you don't get some of the features of word that you have to spend £2500 training someone to use and no one else notices but you get a secure, traceable, searchable document management system that 99% of your employees can use. This is perhaps why Google and others are rushing to try and provide these services - if they can get you to sign up before you realise you can do it inhouse they can continue the M$ business model of getting money for old rope. Tom te tom te tom > > -- > > > Neil Williams > ============= > http://www.data-freedom.org/ > http://www.nosoftwarepatents.com/ > http://www.linux.codehelp.co.uk/ -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html