CodeSpaces and the risk of cloud computing

I love small business.  They innovate. They drive our economy.  They offer products in an agile manner.

I love cloud computing.  It’s convenient.  It’s flexible.  It makes things affordable that once were cost prohibitive.

Doing business with anyone carries risk, and some may feel that doing business with small businesses carries greater risk.  But we do it anyway because we like the product or service that is offered.

One such small business that I have done business with is CodeSpaces.  They were a startup that provided cloud-hosted Source code control such as Subversion and Git.  They had a continually improving project management dashboard oriented around agile methodologies.  They were affordable, with plans as low as $2/month.

When I started HomeSpot HQ, I had a laptop.  I did most of my development on that laptop, but knew I needed a place for source code control.  Being familiar with Subversion, and being in need of a free or low cost solution, I researched and found CodeSpaces.  Upon registering for an account, I pushed my source files in to the cloud, ready to access them anywhere.

CodeSpaces announced yesterday that their service had been breached by an unauthorized attacker, and that a good portion of the code, project information, and other customer data that had been willingly pushed to the cloud by their customers had been irreversibly destroyed.

CodeSpaces issued this statement about the incident:

Code Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in a irreversible position both financially and in terms of on going credibility.

As such at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us.

Thankfully for myself and for HomeSpot HQ, I had moved off of using CodeSpaces for my ongoing source control solution.  But had I not, then not only was CodeSpaces’ business compromised, but quite possibly mine would have been as well.

I frequently receive emails from new HomeSpot HQ users that read something like this.  “I really love your product and am excited to use it.  However, what happens to my data if you disappear as a business?  Is there a way to export or extract it?”

These users are rightfully being proactive in considering the safety and trustworthiness of the cloud.  They recognize the value of the data they would provide, and the value of the time required to provide it.  They want assurances that their effort will not be wasted because we close up shop overnight.

CodeSpaces is the victim of a crime.  They indicate in their full statement that they have withstood previous attacks without incident.  It is unfortunate that this crime leaves the company in a state where their only option is to close.

This story (and many like it) illustrate the risk we take when using hosted services.  It forces me as the provider of such a service to redouble my efforts to keep my customer’s data secure.  This is the world we live in.

 

Photo credit: https://www.flickr.com/photos/carbonnyc/

 

About the author

derek Derek Smith is a software developer with 20 years of history developing on the Microsoft platform. He is the founder of HomeSpot HQ, and is a Principal Software Engineer at FM:Systems in Raleigh, NC. Derek is on Twitter and Linked In

Leave a Reply