Campfire is 37Signals’ latest release. A most fascinating product indeed and one that raises a very interesting question: is it better to keep things centralized or not? Come on in and bring the marshmallows.
When 37Signals introduced Campfire, I couldn’t help but admire the idea. A simple one indeed - online chat revisited - but they were one of the first to allow it to grow and enter the small business world without requiring users to think too much about their actions. Like Basecamp or Backpack however, Campfire had me wondering about the benefits of centralizing information, especially in a remote place we do not control.
For years, it was commonly admitted one should never put all of one’s eggs into a single basket and literature abounds in that sense. When it comes to data, that principle roughly translates into distributing information so that, should a piece ever be stolen, it would be extremely difficult, or even impossible to put the pieces back together. In that, provided that method is properly implemented, it figures among the best ways of securing content: there are no codes to break, no clues to find, no security mechanism that could be bypassed. In fact, short of uniting all the people who are aware of part of the secret, convincing them all to reveal their knowledge and putting pieces back together, there is no way to go back to the source in a reliable fashion.
In today’s technology-rich world, this means keeping files onto different machines and obscuring the paths they take over the network, by relying on encryption and anonymizing proxies. Certainly not an easy task, but probably a possible one to accomplish, provided one is willing to invest enough time and energy into the matter.
Products like Campfire on the other hand incite us to centralize our information. As they are often used by small companies, that information may contain trade secrets, financial data… In other words, plenty of good things that may be of interest to hackers. Now, Campfire does provide security features and its owners are people the community of the Internet has reasonable trust in. In that, it does not seem putting information onto Campfire is, in itself, that much of an issue - and this blog entry is certainly not directed against 37Signals in any way.
Yet, despite all the efforts that have been put in place to secure the site - according to the Campfire pages, that is -, some essential points remain: this is a US-based service, placed under US laws, no server is totally secure, and security breaches tend to pop up as easily as salmonella in community kitchens, especially when it comes to rich web applications accepting input and maintaining large databases.
What do you think?
PS: Haribo is, of course, a registered trademark. I am not linked to them in any way, except as an occasional marshmallow abuser.