Last week when the bug and design flaws (Meltdown, Spectre) with Processors (Intel and other Processors) was announced, there is a question mark on the future of Cloud Computing. In fact, one colleague told me the Public Cloud is dead as a result. I don’t agree based on my experience with Cloud Computing Technology since its Inception.
What is the issue? Understanding Speculative Execution
Let’s take an example of code.
IF A=B THEN
C = C+1
ELSE
C = C- 1
The IF … THEN instruction results in a branch, until this instruction is executed there is no way to know which instruction will be computed next (addition or subtraction). Modern processors takes advantage of “Speculative Execution”. This method is where the processor may start speculating which instruction might be next, based on previous experience. It starts executing the instruction even before the conditional branch instruction executes and comes back with the result.
In this case, it may start executing both instructions (addition and subtraction) at the same time to reduce the wait time. When the result of the conditional check comes back, the result of the undesired instruction is simply discarded.
Branch prediction improves the performance of the instruction execution and results in faster processing of instructions for branches by making use of a special small cache called the branch target buffer or BTB. Whenever the processor executes a branch, it stores information about it in this cache memory. When the processor next encounters the same branch, it is able to make a speculation or “guess” about which branch is likely to execute.
An attacker can read this cache memory (BTB) before it is discarded - the attacker has access to your data.
This is what the Spectre Design flaw is about.
Below is a video explaining Spectre in more detail:
Below is video demonstrating the Meltdown attack:
Is the Public Cloud Dead?
No, but there will be changes in trends on how enterprises use cloud computing. Here are some of the trends I believe will be followed post Meltdown and Spectre.
- Co-location services are on the rise (It makes it easier to have multi-cloud strategy)
- Hyperconverge your private cloud (build private clouds that operate like public clouds)
- Use of container will be still a Question Mark as the Processor Design Flaw (Spectre in particular allows One Container can Access Data from another Container in the Same Host.
- Cloud cost containment
- Lift and shift those cloud apps (Lift-and-shift migration tools will accelerate the rate of cloud migration)
- Enterprise apps may find their way out of Public Cloud to a more secured Co-Lo or a Hyper Converged Infrastructure based Private Cloud.
- Openstack , Open Source Cloud Software adaption will be interesting to watch.