Plugging a USB drive into a PC for hacking? Only in movies far from reality!
In spy films like "Mission: Impossible", not to mention SF movies such as "The Matrix" and "The Thirteenth Floor", we can see surprisingly fascinating technologies used for hacking. For instance, just by plugging a USB drive into a computer, the main character will easily break the password and escape with all the files downloaded automatically from it. But in the real world, simply plugging a USB drive into a server computer will not immediately lead to running a hacking program in it. A linking process called mounting is required, along with granting of authority. So this is just a movie far from reality. In fact, there is no way to crack the password in such an easy and fast way, and installing a program when the screen itself is locked is also impossible in reality. Wasn’t it surprising that the hacker knew how to unlock the screen even without putting in the password? Well of course, hacking in real life involves far more fascinating social tactics and techniques that exploit various loopholes around us.
Though there may be some unrealistic aspects, the movie that depicts scenes that are most similar to real-life hacking is "Mission: Impossible". In the movie, there is a famous scene in which Ethan Hunt (Tom Cruise) hangs down on a rope to hack a server device at the CIA headquarters that is completely shut off from the outside world. Surely, the CIA knew the best way to maintain security is to operate systems isolated from external networks, so he had to sneak into a data center in order to hack into the server. But one thing to note here is that physical hacking cases like this can hardly be found in reality.
Companies nowadays adopt clouds rather than independent servers
Now, it has become more likely that such hacking scenes in movies will no longer be seen in the future. This is because companies these days are refraining from operating their own infrastructures like servers. Since the 2010s, a large number of companies have migrated their systems to the cloud rather than spending much money on setting up servers and storages at their own Internet Data Center (IDC). So nowadays, there is no need to secretly break into a room full of servers in order to hack into a system, because the server screen can be seen even at a desktop of a developer working at home. This means that cloud security has become increasingly important and that PC users should be more cautious of malicious programs.
The reason why so many companies have migrated their systems to the cloud is that the “pay-per-use” billing model has become common in today’s cloud market. Previously, companies had to spend a tremendous amount of cost to cool down server devices below zero degrees, update the OS, and respond to system failures, but they can now be free from such burdens by paying a service fee. Also, they do not have to worry about the depreciation of outdated servers nor the burden of training employees whenever a new system comes out.
With the emergence of Managed Service Provider (MSP) offering cloud services, it has become much easier for companies to use the cloud. Cloud services like Amazon Web Services (AWS), Google Cloud Platform (GCP), and MS Azure allowed companies to limitlessly expand servers whenever necessary and prevent data loss in system failures. But at the same time, professional knowledge was also required to use cloud services. Moreover, as cloud providers do not take much responsibility for system failures, developers were held accountable for such issues in many cases. In the past, applications that only offered basic management features in cloud services made it difficult for developers to handle system failures, expenses and resource expansion (such features have greatly improved since then). That was why a service specializing in cloud management which manages services 24/7 without failures naturally came out, thereby allowing developers to be completely free from cloud management.
Companies should use more than one type of cloud to prepare themselves from system failures, and cloud management is essential for the automation of service deployment and operation in the DevOps environment. Thus, MSP provides all of such services so that developers can focus solely on coding. Accordingly, the MSP market has shown exponential growth since 2019 and has become a core service of a number of IT companies.
So, have the lives of developers become more comfortable after cloud adoption?
In the past when horse-drawn carriages were replaced by cars, many worried about horsemen losing their jobs, but soon after, a new job called driver appeared. Well of course, people had to learn about car excel, clutch, and basic mechanisms of engines in order to get a new job as a driver. Similarly, with the emergence of cloud services, developers now have to learn about new technologies related to cloud services. Previously, they only had to manage two to three servers but now have to gain basic knowledge on cloud even when MSPs manage the servers. If we say there is one server in India, one in the U.S., and one in Japan (clouds can only roughly identify where their servers are located), developers should learn about what to consider in order to operate systems in such a distributed environment. These can of course be easily handled if their companies are using MSP services, but they still need to have knowledge on them. It’s like having to know about car insurance policies even when subscribing car insurance in order to prevent oneself from facing false charges or unfair situations. If companies migrate their systems from an independent server to a cloud environment, they need to re-develop and modernize the existing codes in a way that is more suitable for the cloud environment.
But still, the overall level of difficulty has decreased significantly. And like the improvement seen in the shift from carriages to cars, the speed of development has become much faster than before. This is because developers can now spend more time on development with less time used on cloud management. Development tools are also undergoing great changes, most notably due to Web Integrated Development Environment (IDE) that enables development directly on the web without installing development tools in the PC.
Among the many types of Web IDE, “Eclipse Che” is the most widely used one these days. (Its name “Che” came from a city called Cherkasy in Ukraine where it was mainly developed) And with the shift towards the cloud native environment, various versions of projects for Eclipse are currently underway. The key advantage of Web IDE is that it enables coding work directly on web browsers, and that the development results are directly run on the server. So regardless of the development environment, developers can use high-performance server devices for their development work only with a web browser. What’s more is that they can begin the work right away without spending long hours on environment configuration every time they create a system thanks to the integrated development environment. As Eclipse IDE, which operates in a virtual development environment called container and Kubernetes cluster, is offered as an open source together with other extension tools, it is expected to show more growth in the years to come.
Developers will have no room to rest in the age of cloud
Such advancement of cloud services that offered much help to developers may also serve as a shackle that suppresses them. Now, anyone can see all the codes being written on clouds, and the productivity and efficiency of each developer can be measured. So the days are over when developers could get away with small mistakes they had made in the codes. They may miss the past when they listened to music on YouTube and occasionally surfed the web during work, because clouds are watching every move they make. We may think of the cloud as a surveillance camera that watches each developer just like a speed camera that detects speeding cars. Well of course, this is seen from the omniscient viewpoint of developers, so don’t take this the wrong way. In the next part of this article, we will have a look at another story about the changes in the way IT companies work.