As regular readers of my blog should know by now, I’m a big fan of SaaS (software-as-a-service). I’d go so far as to say it’s the future of software.
Like all things, though, SaaS has its drawbacks, the biggest of which are questions of reliability, as the recent outages of salesforce.com have made painfully clear to its customers. It’s great if your data lives on the network, but what happens when your data isn’t available, either because the network isn’t available or because the servers it lives on are down? (The rhetorical question brings to mind Leslie Lamport’s famous observation that “a distributed system is one in which the failure of a computer you didn’t even know existed can render your own computer unusable”.)
Security and trust are important too. Prime example: saleforce.com’s less than forthright acknowledgment of the recent outages. Another: Just today, Google launched version 3.0 of its desktop search software, which gives users the incredibly useful ability to search their local documents from any computer in the world. Of course, it does this by storing the index (and, apparently, the documents themselves) on Google servers. Hmm. Do I really want my business plans stored somewhere on the web outside of my direct control? Then again, an increasing number of people keep their email on the web, so chances are, if I’m collaborating with someone, they’re already there.
As much time as I’ve spent thinking about SaaS, though, this was a new one:
A friend of mine managed to get himself locked out of his Yahoo account, and after hours on the phone with Yahoo support, he seems unable to convince the Yahoo bureaucracy he is who he says he is so they will let him back in. He even offered to fly to Sunnyvale to present his driver license. Apparently, the zip code Yahoo has on file is different than the zip code he’s had his entire life, and the support staff say they can’t unlock his account until he gives them the right answer, which he’s already doing. (Apparently, the best one particularly dim bulb in Yahoo customer service could come up with is that he call back each day with a different guess till he gets it right.)
In short, there seems to be some sort of an immovable object/irresistible force thing going on, and he’s not sure how to break the deadlock so he can get back to his data. The most pressing problem is that he’s got some tax related information in his email account, and on the current path, there seems to be no way for him to get to it by April 15.
So, I pose two questions here: First, if you work at Yahoo, how in the hell can my friend get his access back? As already stated, he’s spent hours on the phone to no avail. I’ve tried inquiries on the backchannel but have received no responses. Second, for the larger SaaS community, if our data lives on the network, what happens if Google, Yahoo and the like become the phone company?
Just get 100 friends from the community, and have them each call 10 times, each time with a different zip.
Brute force.
Sorry, make that 1000 friends
I was a corporate lawyer during the last boom and every second client wanted to run an ASP service. I’ve been telling people ad nauseum that the future is in personal storage with everything on it, not networked storage and applications but no one seems to believe me.
Streamed music? Nope, ipod. Backups on the net? No, gi-normous USB keys. Apps over the net? No, notebooks, pocket pc’s and portable suites running off USB keys complete with all settings and data.
What if you lose your portable device? They are so cheap, you go back to your backup at home/office and load up your replacement device again.
My father worked at a major international telecom supplier his whole life and he still has nightmares about the client/server/mainframe setups they had. Is it really happening all over again? Thbbbbt!
>> (The rhetorical question brings to mind Butler Lampson’s famous >>observation that “a distributed system is one in which the failure of a >>computer you didn’t even know existed can render your own computer >>unusable”.)
google seems to think this is actually due to Leslie Lamport
Kevin,
You are right: It was Leslie Lamport. Thanks!
-ian
As people start to rely upon services that store a digital identity(cell phone, online banking, email providers), if for what ever reason their real world identity does not match their digital identity this is the result. The digital identity can be altered by a random data error on storage or human error usually through bad typing. Once this discrepency occurs, the company will assume for all legal purposes that the borked digitial id is correct. And now the question is how to fix it. And as this example shows, by the time you notice it, its too late because you usually need this situation corrected ‘yesterday’. I had signed up for a cell phone account and was supposed to provide some hand written document with personal info. I did and then some months later, I wanted to access my online account which used this personal info as a password. It seems they read incorrectly or mistyped the info and then I had to figure out what they had entered to get the account access. It was confusing to give what I thought was the real world answer only to be told it didn’t match the digitial id answer. Maybe the people in belgum have an idea – government issued id’s with digital component. That would seem a better way(not perfect) to verify a user. As with things digital, there is always a way to exploit it. As to your friends dilemma, Yahoo only knows a few identifiable facts about him, other then those facts how do they ‘know’ him. There is no f2f interaction like is possible with real world businesses. If he showed up on yahoo’s door, how would he prove himslelf, dna, blood type test, eye color? Maybe he could email someone the entire contents of his yahoo account on this computer as proof that he had access to the account?
Cheers,
Kev
This same exact scenario happened to me, with Yahoo’s email, about six months ago. All of a sudden, my password no longer worked. There’s only so many times you can tell yourself, “Maybe I fat-fingered, let me try it once more.” After three days it became very serious as I too had critical data stored on their servers. It made me feel extremely helpless. I went through the same routine of them not having the correct zip code on file and me trying to convince them via email and phone that I was me and to give me back my email account. Well after some spirited back and forths, my old password suddenly started working. All I can say is that Yahoo finally admitted their system was experiencing problems and they were sorry for the inconvenience. Sorry is kinda scary, Yahoo. Best of luck to your friend to get his email back.
They ALREADY are like the phone companies.