Anyone with a stake in the overall success of cloud computing should take a few minutes to read the recent NYT interview with Peter G. Neumann, a highly-respected computer security researcher who, now entering his 9th decade, continues to do ground breaking work on digital reliability.
Commercial cloud computing creates new levels of urgency for structural weaknesses that Dr. Neumann has been warning about for decades, including the the dangers inherent in complex systems and in monocultures.
Concerns such as this are often treated as being hypothetical—outside of the community of academics and government researchers who spend their lives working in the field of digital security. Neumann’s scientific opinion represents what is considered orthodox within this field.
There really is no room for doubt that the robustness of our current computing environment, not the least of which includes the complex Internet-enabled public ‘cloud’, is to a large degree dependent upon ‘band-aids’, and fails to take full benefit of a half century of research into computer security. The open question that Dr. Neumann cannot answer is how long this continues to be sustainable.
The reality of most of the human-designed world is that it is non-optimal, and kludged together, but we muddle along pretty well in spite of poor design and misplaced priorities. Today’s compute environment may last for decades, as we continue to extend last century’s flawed architectures and sloppy code across increasingly complex and exposed service offerings, patching security and reliability holes with digital chewing gum and baling wire. If this does eventually become unsustainable, its good to know that some highly-qualified researchers have been putting a lot of effort into ‘rethinking the computer.’
The post Peter G. Neumann on Cloud Risks appeared first on Jay Heiser.
