In a relatively short time, the phrase "in the cloud" has become a term of art when talking about the internet. A quick Google search shows nearly a million uses of the phrase in the past month, a 3x increase from the same period in 2009. But, what does it actually mean to have your web site, your software, your data, or anything else "in the cloud?"
"In the cloud" is derived from "cloud computing," which in turn is just a new term for distributed computing, where data-crunching tasks are spread across a variety of different physical processing units. This was common in mainframes in the 1960s, and later the idea of distributing processing across cheap PCs running Linux became popular in the 1990s.
The nineties also saw the advent of computation distributed across computers of different types, belonging to different people:
SETI@home, uses volunteered computers to search for patterns in transmissions from space; Scott Draves' Electric Sheep has participating computers render complex, beautiful abstract animations, some of which have won awards.
Where it seems to have changed is with the creation of what you might call "clouds for hire": Amazon Web Services offers both computing and storage platforms, as does Rackspace Cloud Computing and a handful of others. These have become popular ways to operate new web services and similar offerings, cheaper and easier (some say) than dealing with physical hardware yourself.
The botnets used in nearly all forms of cybercrime today, which are made up of tens of thousands of virus-infected computers (unbeknownst to the computers' owners) are a less palatable example of distributed computing.
These botnets in particular illustrate that the concept of the cloud as a magical place where data goes in and data comes out on demand, nothing to think about, nothing to worry about, with no responsibilities of your own...it's a convenient mental image, but in nearly all cases it's simply wrong.
The Amazon cloud is actually a series of computers owned by Amazon, physically located in facilities they own or lease. The Rackspace cloud is similarly owned by Rackspace. These computers and facilities are subject to security breaches, backhoe attenuation — and legal jurisdiction.
the cloud is magic
swift, robust, reliable
except for rackspace
Along with physical locations and ethernet cables, the various computers that make up those clouds also have IP addresses. When your cloud-based process communicates with the rest of the internet — to send email, perhaps — the remote server that it's talking to sees that IP address as the source of the transmission. But as Reddit and others have been discovering, that IP address is in most cases shared with everyone else who uses the cloud — possibly including spammers, or other bad guys. A virtual server "in the cloud" can even be infected by a virus and become part of a botnet.
As the popularity of cloud-based services has grown, so has the apparent applicability of the phrase "in the cloud." It now appears to refer to any processing or storage which takes place outside of your own desktop, laptop, or mobile device. I've heard people talk about keeping their email and calendar and contacts "in the cloud" when all they're actually doing is letting Google Apps or Apple's .MAC service host it.
Are you all just saying Cloud when you mean Internet? Have I lost it?
—software developer Jim Van Fleet, on Twitter
This use of the phrase seems to be predicated entirely on the concept of the cloud as a place where you have given up all responsibility for your data. These companies will take care of you (except when their Terms of Service say they don't have to.) Not everyone wants to operate their own mail server, or write their own calendar synchronization application; hosted email and other "software as a service" offerings absolutely can make sense, so long as you're aware and comfortable with the idea that you've given up a large measure of control.
And that's the important thing to consider before relying on an Amazon-style distributed computing cloud, or using web services like Google Apps. How much control do you need over security, privacy, uptime? How can you be certain you're complying with all relevant laws when you don't know which jurisdiction your process is running in? Who else is sending email from that same IP address? What will happen when the federales show up with a subpoena?
All of these things are well-understood for traditional computing, and even for colocation situations, but industry understanding and best practices around cloud computing are still emerging — hampered by the ever-widening, increasingly cloudy meaning of "in the cloud."
When it comes to sending email, I'd have to strongly advise against using clouds. Even if it makes sense to host your web site and run your processes from the cloud, use an ESP or a reliable relay service to send the email.
Above all else, don't be swayed by the illusion of the cloud. You can't touch it, but someone is still held responsible. You can't see it, but someone can still be subpoenaed. Someone can trip over a power cord, or go out of business, or get bought by your competitor. Whether you trust that someone is up to you.
is the cloud down? I can't log in, and my keyboard is wet.
—an anonymous smartass
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Afilias - Mobile & Web Services