Dassault + Autodesk + Cloud = You Are Screwed

Reading with interest the comments by Autodesk this past week referencing the acquisition of HSMWorks as part of their strategy to move users to the cloud. It is appropriate to discuss exactly what this wonder of software utility will have to use to work. Yes, it is true, this thing has to use the internet.

In congress this past week has been the discussion of Huawei telecom equipment from China. Your friendly provider of internet shopping carts for those who want to know all about what you don’t want them to know about. This comes in the same year that brings us the reports of Dell server boards with back doors built-in and military components with the same from China among many other reports. Look, there is a lot of proof of these things out there and if the idea that your internet stuff is secure is the world you live in you better start researching for yourself and see.

Anyway so the Chinese governments partner Hwawei makes stuff for the world’s internet and does whatever they have to in order to get it in place. I had to laugh while reading about this stuff today as about a half a year ago I jokingly said if I were the Chinese I would provide this internet stuff for free. Now I find out they are providing the equipment for free in some cases just to get their foot in the door.  China is a very corrupt nation with contempt for the idea of your intellectual property rights and the ties of the military have tentacles all through Chinese finance and industry. This is not a group of people who can be trusted in any way.

http://www.zdnet.com/hack-in-the-box-researcher-reveals-ease-of-huawei-router-access-7000005600/

SO, now that they have a shopping cart in place in your facility just what do you do about it? Well you yank it out and get a different piece of equipment first off. Better yet your internal network for important things has no acess to the internet.  But what about the web which neither you or Dassault or Autodesk can or ever will control? Web is safe right? I mean these people from Autodesk and Dassault are capable management and would not tell you a lie just to get into your pockets right?

Now look I am not a millionaire nor a billionaire and I am not the head of a major or even medium size company. I can read however and do a smidgen of research. What I find is indisputable proof of jeopardy for those who adopt any cloud based service without complete indemnity from the cloud company. Like the ones Finance has had to offer. Ironclad and in writing. I have to believe that I am not uniquely suited to find this information out and therefore the only conclusion a rational person can reach is that the cloud as these guys promise it is a fraudulent promise.

Last year there was an  event that most of you are not aware of. This little jewel made sweat pop out on the foreheads of every major military contractor and security agency around the world.

http://www.washingtontimes.com/news/2010/nov/15/internet-traffic-was-routed-via-chinese-servers/?page=all

So just remember, any company that tries to sell you or force you into the cloud and is not willing to completely cover your risk there does so with malice aforethought. They are interested in only locking you into a solution that will in short order make you a data hostage subject to extortion where pay to play with your own intellectual property will be the new norm. Comments to the contrary about providing stand alone desktop solutions never come with written guarantees of longevity nor is there an available contractural agreement to provide such a thing for any time frame. Not one provides proof of concept nor a real world ROI study to demonstrate how this will be of true benefit to customers that I have seen. It is purely about your money in their pockets and more of that over time and in ways you can’t stop except by leaving.

It is a profoundly cavalier attitude towards your future these cloud companies like Dassault and Autodesk bring to the table. Let me rephrase that. It is a contemptible one where they can’t prove security nor cost justifications for their business model. They do however have endless supplies of Koolaid at the negotiating table though so at least you won’t be thirsty while discussing things with them.

On second thought I can reference a recent real world study although an inadvertant one. COFES 2012 internet meltdown. Providing proof of concept we have here http://www.deelip.com/?p=7485#comments

Prepackaged Malware for you and the Cloud

I think the rush to embrace new for the sake of new because a group of people see a way to make money is a foolhardy thing. Yes I know the cloud is going to be used in some areas as I have said before but not for critical data like CAD as far as I am concerned. I am rethinking even for banking as there are more and more problems and at some point in time people will lose out. At the very least to be safe you have to hire something like Lifelock to protect your identity online. There is a price to pay for convenience in either stolen identities and or cash or at the least fees you have to pay each month for insurance like Lifelock.

Cool, tech savvy, cutting edge etc but mostly executives looking to reduce expenses any way possible and believing too much in hype. My favorite types are of course MBA’s and CPA’s without a primary or secondary degree in real world disciplines like Engineering or manufacturing. Basically the same group of clowns that brought you tech support from people who can’t speak English and have to read from the script while they try to solve your problem. Big money saved for them but what about their customers?

Today I read this. http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

This follows what was recently revealed with Military items which were similarly compromised because our MBA CPA types have moved huge chunks of our manufacturing to places like China. Word to the wise. If the company that wants you to put CAD on the Cloud will not make a clear and binding commitment to you as a customer to make you whole from any damages from forced usage of the cloud can you afford to be there? The world is getting more complex all the time and you can ill afford to purchase a service that the offering company will not stand behind when it is you and your company who will be left holding the bag.

If you are wondering about the cloud or considering useage of the cloud for CAD perhaps this would be a link of interest. http://www.zdnet.com/topic-security/ Read this for a few weeks and see for yourself about why none of these cloud for CAD vendors will stand behind what they want you to buy into.

As an aside here. Our government is a serious participant in the undermining of the US manufacturing base. They inflict ADA, EPA, OSHA,  affirmative action, and tons of other things that have gone so far past reasonable or justifiable, like Homeland Security has become, and into the realm of confiscation and socialism that it is hard to imagine this is America anymore. Then they allow companies to relocate to places like China where they can do what they want with ten times the pollution introduced into the atmosphere as what would have happened here and no alphabet agencies to ruin their days.  This November there will be perhaps the last time to vote against all this crap before we slide over the cliff if indeed it is not to late no matter who gets in. I am afraid we are in for a time of real trouble which will last for years no matter what and the best we can do is limit the damage by getting rid of the big government socialists in BOTH parties and begin reconstruction for the future.

I don’t normally put politics in here but sorry, it does affect me as a CAD user and as a company owner and I am getting tired of being walked over by big bad government and lazy people who want to stay at home and goof off while I have to work. Oh, and 100,000 dollar a year teachers that can’t teach in Obama’s back yard. His buds don’t you know.

Could the Cloud be the Death Knell for Your Company?

I get emails on occasion questioning me as to why I am so adamant against putting things like CAD data on the cloud. I know the cloud is going to be common place for many more things in the near future than it is today. But the seriousness of your jeopardy there can’t be understated nor plausibly denied. Reading ZDNet stuff today and two articles rear their frightening heads.

http://www.zdnet.com/apple-patent-could-remotely-disable-protesters-phone-cameras-7000003640/

In part I quote.

“U.S. Patent No. 8,254,902, otherwise known as “Apparatus and methods for enforcement of policies upon a wireless device,” was granted in late-August, and would allow phone policies to be set to “chang[e] one or more functional or operational aspects of a wireless device [...] upon the occurrence of a certain event.”

What that means in real-terms is “preventing wireless devices from communicating with other wireless devices (such as in academic settings),” and for, “forcing certain electronic devices to enter “sleep mode” when entering a sensitive area.”

What this also means is what can be disabled can be enabled and can be set up no doubt to transmit data back to whomever. I thought people figured I was over reacting to this kind of stuff when I talked about just this type of vulnerability with iPhones and the Chinese who make them. I am quite certain they would NEVER take advantage of this for back doors now would they. ” Could you prease turn you iPhone little, we need better picture” was a comment I made then and now this is in the news. Courtesy of the Cloud and Apple which has a really bad rep for creating hostages and data mining anyway we have your complete junior corporate/hostile government espionage kit soon to be included with every new iPhone. Now it’s not just iPhones that could be capable of this but I think they seem to be leading the way in this corrosive technology.

One of the other things is how much access your government has to your data because you allow it online. http://www.zdnet.com/bad-assumptions-about-cloud-computing-and-the-patriot-act-7000002614/

It was my assumption originally that the Patriot Act which was supposed to provide for the protection of US citizens had as its primary goal a George Orwellian motive and utilised hysteria from 9-11 to get it through. Well Animal Farm is here and along with it the ability of many to access your data and never have to tell you about it. ( By the way, Ayn Rands book “Atlas Shrugged” and George Orwell’s book “Animal Farm” are worthy reads for you and your children if you have not already  done so.)  Apparently when BAE defense in Europe decided to not renew various Microsoft Office products based on what they perceived to be security risks to their data because they felt the US government could access everything as Microsoft was an US company. It turns out there is no safe haven and the Europeans are doing the same to their own citizens to.

Corruption and crony capitalism involving government officials is well-known and sadly appears more and more to be widespread. How easy it has now become to force access to your data through this mechanism of domestic security via the vehicle of bribery or influence peddling. Do you dear reader trust the foxes guarding the hen-house to leave the eggs alone? Do you see any justification anywhere they are trustworthy? I see Eric Holder in this country doing as he pleases with your stuff for whatever reason and who is going to chasten the corrupt top cop? I see companies like Google harvesting tons of things to be used for whatever reason and not telling you what or why. I see the Chinese government who has built a huge economy in part through theft of intellectual property utilizing subpoenas to get what they want when they can’t hack it their way into it.

Now I have laid some actual and philosophical reasons out here for you to consider. I want you to think seriously about what I have said so far and then remember what is the common single thing that makes all this jeopardy possible. It is a method of data mining that you can’t stop or prevent except by one thing and that is to not allow it to happen in the first place. The ONLY known method to stop this type of breach is stay offline. Yes I know the iPhone has a camera that could be used just like a camera for later uploads but remember that the back door I am talking about here is enabled and directed over the web.

I don’t have any good answers for companies that are geographically diverse and feel the need for data transfers. It is in many ways a competitive advantage I know but how can any of this stuff be made truly secure?  I do believe it is time for companies to start a serious review of security measures however from allowing iPhones into your facility and onto the shop floor to what data can you afford to lose by exposure to the internet.

I remember reading of a story where the Russians were interested in some of our aircraft some time back. Well of course they were not allowed to take cameras into the facility but they did take sticky soled shoes in there and wandered around machining areas where they captured alloy samples which they took back with them. The jeopardy for your data lifeblood today is far more pervasive. I fear in many cases the thief is invited in through the corporate boardrooms where promises of security are believed and myopia prevents anything past purview of cost cutting for the next quarter. And make no mistake, the thief IS invited in when you use the cloud. Now you have to determine if the jeopardy is worth it.

Cloud Fraud for you, BIG Shopping Cart for Chinese

So I read all the puff pieces from COFES this year and with the exception of Deelip there was hardly any mention of the failure of the cloud. Mike Payne no sooner gets done with the propaganda bit of the cloud is reliable, just trust me, when the Techsoft demo immediately after Mike’s PR deception fails because, well,  because the cloud does not work reliably. I applaud Deelip for being basically the only one I have found who attended COFES who states what happened there. http://www.deelip.com/?p=7485#comments in case you missed it.

So we have all the self promoting fanboys who run around extolling the wonders of the cloud that were there and who will not talk about it.  But today I want to talk about something besides the prevalent cloud companies fraud of making service delivery promises they know they can’t keep.

How about security? The NSA and the military are two groups that have to have security. It’s not an option. They both believe that only by avoiding the web can you be secure. They do not state to do so under special conditions. They do not have a single cloud software producer to recommend to you as being secure because none of them are. Enough of you guys reading this have work for or contacts with someone who produces things related to national security. Go ask them when their companies are going to the cloud with their important stuff. I think you will find they are not.

Cloud companies would prefer you not read any further so if you work for one check out now. You don’t want to know the truth anyway.

http://www.smithsonianmag.com/history-archaeology/Richard-Clarke-on-Who-Was-Behind-the-Stuxnet-Attack.html

First let us look at the situation with Iran and their nuke program. There are some governments that do not like the idea of nutty jihad kook muslim’s running around with nuke’s who think they are going to get a lot of virgins in Heaven if they use them. So they just whip up this little program called Stuxnet and deliver it to the kook’s. Now the kook nuke sites are pretty high security I suppose so the best way to deliver your package would be the web I should think. The rest is history.

All major companies spend a lot of time and money on R&D. All major companies according to Mr Clark give it away as a result of putting their stuff in places where the web can access this. OK you cloud guys, Oleg and the rest, prove this man wrong. Where is your proof of security? Oh I forgot, silly me, you have all your stuff secure at a farm and under your total control. Lets just disregard the idea that nothing is secure here once it leaves this farm and pretend we are an employee of a cloud company.

http://www.zdnet.com/blog/security/dell-ships-motherboard-with-malicious-code/6901

Uh Oh, you mean we may not be? Yes that is exactly what the little voices from the back of the auditorium keep shouting out and you guys ignore because you want to make some money. This is the fraud associated with these cloud companies that bothers me the most. They have to know about these things and have such scant regard for customers that they would rather lie about their products and say anything they have to just to make a sale.

The wisdom of MBA/CPA types that have shipped our industrial base to China so they can have bigger bonuses is another large problem. Ever wonder why we flew into Iraq so easily at the start of the Gulf War? This is the story I have been told. Air Traffic Control was sold to Saddam by the French. Included in these and made in the USA were pc boards and or software put in these and then shipped to France and then to Iraq where they thought they had state of the art defense systems. Well they were but not quite like they thought. Just before the planes went in the command to shut down or look elsewhere or just ignore (or whatever they did) was given and our guys flew into airspace untracked. Yes I know stealth bombers but that was not the only thing going on.

This same mindset that said ship our jobs over to our enemy looks only at today’s savings. China is in case you have forgotten by the way someone who wants to dominate the world and subjugate it. They don’t want just to be the leaders economically they want a world of vassals. They feel no compunction whatsoever about stealing everything they can get their hands on and the state sponsors tons of hackers to do that.

This same MBA/CPA mindset now is saying that we can save you money if you will just believe us and go to the cloud. They have no regard for your long-term future and can only see today and your money. The idea that the cloud is technically impossible to be reliable or secure is something they would really prefer you ignore.

Question for the day. What is the difference between con men and a thief? Answer, con men  are polite and want you to think they are offering something you need or want to get your money.

You CAD guys who are faced with being told you will have to work with software in the cloud had better start waking up to the jeopardy self-serving and short-sighted companies like Autodesk and Dassault are putting you and your companies in to.

Your turn cloudies. Let’s hear from the fan club that will once again ignore these issues.