[my][home][toon]
previously known as [cold][wet][durham], [dirty][grimy][london],[busy][shiny][toon],[frantic][crowded][south]

Fear of leaky clouds

May 15th 2008 in rant, technology

There’s lots of buzz about cloud computing, virtualisation, and elastic scalability at the moment, with some of the really big players throwing money, time and people at it.  When you first start to thing about it, virtualisation makes a huge amount of sense.  The ability to have new instances, virtually instantly, from snapshot (and thus pre-configured) is very attractive.  To be able to run virtual boxes with different operating systems on the same hardware, and to be able to float services between instances allowing for excellent resilience, has many attractive hooks.  In short, virtualization is very clever, and very very handy.

Cloud computing also offers some attractive hooks for big business.  Quick and easy scalability, only paying for what you use, the ability to cope with web traffic spikes, and many many other things (including some very dubious claims in my eyes about the green credentials of cloud setups) make it seem like an excellent solution to many current computing challenges (especially those which was web-based).  The shear
investment that some companies are making into cloud computing at the moment would seem to suggest that it is “the next big thing”, or rather “was the next big thing in 2007 and is now ramping up to just be The
Thing”.

The trouble is, I’m very nervous about such things.  My problem lies with leaky abstractions.  A virtualised server is by definition is an abstraction of a physical server.  In reality it has to be a massive
chunk of file sitting somewhere and being “played” by another operating system (I think – I’ll be honest – I don’t know exactly how it works).  Abstractions make things easier to deal with, and allow you to shift paradigms by hiding the finite detail (they add magic, that so “things just happen”), the problem being people forget about the detail.  Combine this with the nitty-gritty problem that all abstractions “leak”, and we might be cueing up some problems for ourselves.  ”Leaky” is where an abstraction breaks down.  Bits of the thing it’s wrapping up into a black box poke through.  Windows Blue Screen Of Death is a classic
abstraction leak, as are datafile corruptions in databases, and physical media CRC errors and a hundred and one other things.

Being able to exploit a “leak” in an abstraction is great for circumventing security.  If you can read a database datafile direct from the operating system, and you have a good dose of “sneaky bastard” in you, you can change records, and their checksums without having an account as the right user in the database front end.  If you can push packets into the TCP stack and pull them out again, you can skip round lots of security, and make a system dance to the tune of your band.  If you can read and write to areas of memory as one process, you can modify the behaviour of another.  None of these things are that easy, but they
are very very achievable.

If you can think your way outside of an abstraction (or rather inside if we use the “wrapping” analogy) you can cause havoc if the underlying system is not absolutely bomb proof, and here lies the problem.

If you are renting “space” in a cloud from an 3rd party provider, and lets face it most people will be because building and running our own cloud is beyond the financial and technical bounds of most start-ups,
your data and that of your customers is going to be bumbling about inside an area that a clever abstraction-jumper can access.  It might well be nice and secure inside your instance, and only you have access to it, but if your instance is being persisted to disc or is resident in the memory of a physical box that somebody have managed to hop into from their instance, you could be screwed.

Of course, this is nothing new, and if you are renting cloud space and time you should be doing everything to encrypt, secure and manage your system, but you do have to wonder how many people are getting very
excited about having the ability to have enormous capacity at their finger tips, and forgetting the basics.

This whole rant should be subscripted with “This is a subject I’m not brilliantly knowledgeable about, but I was thinking about it in the shower this morning, and it occurred to me that if you abstract the idea of cloud computing you get a very similar picture to that of processes sharing a Unix box, and where abstractions look the same from a distance, they might well share some of the same characteristics”.

Possibly Related Posts:





required



required - won't be displayed


Your Comment:

watching sopranos, no time to write, or read, so dumping links.

Wuffle – the thing that drives companies with mojo

Four words that drive Web2.0 companies (and I would argue, every great company)

Four more words that drive great companies

7 keys to graphic design on the cheap, because if you’ve getting started, you shouldn’t be giving other people [...]

Previous Entry

I don’t often post code (in fact, this might be the first time) but using a bit of google foo, a bit of bodging, heres a motion detector in Processing.org (my language of choice at the moment). So here’s the file for you…movin and here’s a picture of it in action

Next Entry

Recent Comments
Categories
Archive