back to article The cloud virtualization black hole

Last week was an interesting one for the virtualization workshop, as we turned our attention to cloud computing and the reaction has been, well, nothing. Well, that's not quite fair – the comment on Virtualization and the cloud was, "Good article. Please, I implore you to add case studies," and on Unravelling the cloud confusion …

COMMENTS

This topic is closed for new posts.
  1. Anon

    Virtualization successor

    Surely what comes after having all your data and processing far away and its availabilty subject to the vagaries of the local backhoe users is to have all your data and processing in-house?

  2. Anonymous Coward
    Anonymous Coward

    We are virtual

    I have just completed the migration of a CMS system hosting a number of web sites onto Amazon's EC2 platform.

    The process was not unlike delivering a project to a live server in a data centre, with the exeption of working around the ideosyncrasies of Amazon's platform.

    The product is faster, and I am confident that it will be easier to recover in the event of a failure, since we have online images of the servers and online backup of data.

    As for the data? Well it's in the EU, and as far as we can tell as secure as if it were in our current data centre.

    I guess it's down to how sensitive your info is, but only you can decide.

    It's not really much cheaper as far as we can see at the moment, but at least we don't have to buy new servers and network infrastucture every 3 years.

    I guess it's a business choice at the ned of the day, but for us it's 'so far so good'. That may change in the future, but I think dismissing it could turn out to be a little shortsighted.

  3. amanfromMars 1 Silver badge
    Grenade

    NEUKlearer HiTech ...... is always AIMagical Mystery Turing Trip for a Brave Few and Master Pilots

    Jon, it is not that there is silence, it is just that IT and Media have not yet covered an IntelAIgently Designed Virtualised Application using Cloud Control Protocols, which will invariably be, as are all such Cyber Controls of Information and Intelligence Developments, because of Military Protection and/or Compartmentalised Private dDevelopment, because of ITs Prodigious Power Yields in Multi-Use Environments........ and that of course would also include the Dual Use Paradigm of Good and Bad, with concerns about the Novel Chain Reaction Technology and AIMethodology being Transferred into the Wrong Hands /Damaged Hearts and Minds, and being Cynically Abused.

    However, such Abuse would be very Swiftly Catastrophic to the Abuser, so that renders any such Third Party Worries, Null and Void.

    Do you Imagine that the Register is just as Responsible, and maybe even more so given ITs Hosting of HyperRadioProActive BetaTests, as anyone else for the Sound of Silence?

    Suck IT and See would not have you idly chasing around looking like IT staffers with extra things to do with their time, would seem like a Sensible Option Studiously Ignored, which is Real Stupid in anyone's Language.

  4. Anonymous Coward
    Linux

    only one cloud app that makes sense right now

    I think all the clamour to provide fully virtualised computing environment is putting the cart before the horse. In my opinion, there's only one "cloud" application that makes any sense right now: harnessing commodity storage on the net for a second line of secure data backups. Right now, I can only see this form of app as being useful for disaster recovery. I wouldn't entrust my first line of backups to cloud storage unless I was running the cloud in-house, or running it in collaboration with others in a partnership. It's not that the security of the system is in question (see below), just that it's easier to prove value and do proper cost/benefit analysis when you have control over how your "cloud" resources are managed.

    In fact, there are algorithms and protocols that can make cloud *storage* provably secure from the ground up. The oceanstore and tahoe systems are good open source examples of this. The tahoe filesystem in particular looks quite good. I'm not associated with either of these projects, but I should say that I'm in the early stages of developing a similar system ("GnetRAID" on SourceForge), so I may be biased in favour of the whole "cloud" storage idea. But on the other hand, since I'm writing these kinds of apps, you can maybe take it that I understand the technical details involved. Unlike most of the unqualified waffle that's spouted about "cloud" apps these days...

    http://pl.atyp.us/wordpress/?p=1541

  5. ThePhantom

    Cloud Computing is Just Time Sharing Warmed Over

    Cloud Computing is what graybeards used to call Time Sharing. When computers filled rooms and cost millions of dollars, many companies had a dumb terminal like a Teletype, IBM 3270 or ADM-2, or a combination card reader/printer in their office which was connected by a point-to-point leased telephone line to a central computer somewhere. Customers were billed for time and storage just as they are billed for computing in the cloud.

    Compute jobs would be sent to the central computer and the results would come back a few minutes to several hours later. Hundreds of universities had rooms full of terminals that connected somewhere else. In the San Francisco Bay Area many schools connected to the LHS Decision time sharing system at the Lawrence Hall of Science to play Trek73, one of the earliest computer games.

    Here are some of the main differences between Time Sharing and Cloud Computing:

    - Time Sharing used a direct data connection from premise to premise

    - Only one customer used the computer at a time or it was partitioned physically or logically (virtualized) to keep the users completely separated

    - There was no possibility of public access to the system of any kind (i.e. not on a network)

    With CPU cycles and software so cheap, does it make sense to move your business to the cloud? It might if you are a small or medium business (SMB) and either can’t or don’t want to pay for an IT staff. However, if you are a large corporation, you may not save much because the cost of your IT staff and infrastructure is spread over a lot of employees. In fact, a report issued earlier this month by international business consulting firm McKinsey & Company threw some cold water on the cloud computing hype, pointing to the technology’s limits in terms of cost scalability. McKinsey focused its cautionary advice on big companies, warning that “current cloud computing services are generally not cost effective for larger enterprises.”

    There are also security and availability worries when your data no longer is under your own control. ”There are legitimate questions enterprises should ask about the security, scalability, availability and reliability of a cloud computing solution,” says John Sloan, an analyst with Info-Tech Research Group in London, Ontario.

    Hackers have yet to siphon data out of a cloud (that we know of…), but the services themselves have experienced some serious outages – which could put you out of business if you don’t have a contingency plan in place. For example, last July 20, Amazon S3 went down for seven hours – the service’s second outage in 2008. What would happen to your business if access to email, accounting, and other information just stopped? I’m not saying this is an insurmountable problem, just that you need to be aware of the trade-offs between cost, availability, and security. If you want to take advantage of cloud computing to save money, that’s your decision. Just be sure that you carefully research your vendor, perform a risk analysis and business impact analysis then add up the numbers before you make the move. Remember that 99% uptime means 87 hours of downtime a year.

  6. Francis Vaughan

    Solution in search of a problem.

    See title. Rather than just exemplars, it would be interesting if someone could elucidate just what the problem being solved is.

    I worked on similar stuff over a decade ago - before it was even called Grid, let alone Cloud. Even then we quickly realised that data protection, provenance, rights managment, and security were the critical and difficult issues. Indeed it quickly became apparent that it was about data, and not about compute (and we were working on it from a HPC standpoint.) It seems that we may well just see the wheel turn yet another time.

  7. Andy Ash

    What can I say?

    Perhaps if SpinVox had the IP that an investor would hope they had, then the cloud would indeed have a silver lining.

    Distributed computing is more or less the same as parallel computing, on a larger scale. It is accepted that parallel computing is difficult. For the cloud to be other than mere hosting, customers have to take on that difficulty.

    It is clear that a successful business model must have customers as well as providers.

    Such a thing will succeed, but those prepared to invest in the specialist IP will be large organisations. Equally because of the potential for customers of those large companies to be worried about their data, it won't be something that the large companies will advertise too proudly.

  8. gollux
    Alert

    At this time...

    it smacks of a solution looking for a problem to solve.

  9. adnim

    A matter of time..

    "Hackers have yet to siphon data out of a cloud (that we know of…)" ThePhantom.

    It is not the developing intelligence of IT systems nor the incessant march toward an envisioned computing utopia that frightens me, it is human stupidity and greed.

    Human stupidity will at some point expose confidential data residing in the cloud to those who have no right to access it.

    Human greed will sell confidential data gleaned from the cloud by human operators to the highest bidder.

    All I can say is if you feel the need to place your trust in a cloud computing solution for confidential business information, encrypt everything, I mean encrypt everything. Oh and don't leave your keys in the cloud either. Did I say encrypt everything?

  10. amanfromMars 1 Silver badge

    Cloud is for Doers.

    The Cloud Platform is only Secure if you have Control of the Server and can Guarantee that Information is Safe/Unreachable by an Unauthorised Third Party, and why anyone with Sensitive Information would entrust it to a Third Party for Storage rather than Usage, is a Sensible Question which always looks for a Crazy Answer.

    It is a Perfect Platform though for Effortless Distribution of Sensitive Information/Critical Intelligence though.

    Oh, and because of that aforementioned Secure Control of the Server Caveat, is Cloud Storage never going to be Safe and any Guarantee as such would be Worthless and therefore a Fraud being Actively Perpetrated.

  11. Ian Michael Gumby
    FAIL

    Huh?

    "There are some pretty fundamental data protection issues for a start – which are only just starting to be talked about, never mind tested in the courts. Indeed, some of the comments were questioning whether cloud-based services were in fact legal under data privacy law in some jusrisdictions."

    Uhm this is why the whole cloud paradigm was a non-starter to begin with.

    Even if you consider that back in the 60's,70's and in to the 80's companies were leasing time on mainframes that they couldn't afford on their own, and was the closest comparison to today's 'cloud', there wasn't the quandary of legal issues that we face today.

    I mark this article as a fail. Not only for the fact that Cloud computing has its definite drawbacks, but that it took this long for El Reg to catch on. ;-)

    Maybe I expect more from the Reg because they sometimes 'get it' ? ;-)

    -G

  12. jake Silver badge

    @ThePhantom

    "There was no possibility of public access to the system of any kind"

    I was connected to Stanford's TymeShare in 1975 (acoustically coupled modem and boxes & boxes of green & white stripped fan-fold paper). I had access to email, Trek, Wumpus, Fortran, COBOL & Basic, and the SF-lovers email list from ARPANET (it took me about 4 months to discover I could SEND email, too ...). And ASCII art Snoopy, of course[1]. At home. I was 13 years old. Being raised in Palo Alto had its advantages ... not that I knew it then, of course.

    [1] OK, I'll admit it, I did print out the ASCII art TITS04 file ... and lived in terror that the folks at Stanford would tell my mom ... I bicycled to Cubberly high school to throw it away the next day so Mom wouldn't find it in the household trash. Hey, I was only 13! :-)

  13. Anonymous Coward
    Go

    Justifiable paranoia?

    For years and years and years and ... people have been able to entrust, say, their business accounts to an online accountant.

    Yes, trust is (as in a great big AC B-I-G) important thang.

    Given options of entrusting my data with UK civil servantry, google, Microsoft, Apple, ... the only one I wish to drop from the list is UK civil servantry (partly due to its quaint and quirky unbounded numptiness)

  14. jake Silver badge

    Interesting.

    You allow my comment to ThePhantom, and not my more on topic post? Strange ... maybe it got lost in the aether ... So I'll try again, paraphrasing.

    I suspect that the reason that people haven't been replying to the cloud/virtualization articles is simply because we are sick of the topic. The younger set are latching onto it because it is "new" and "exciting". To us older folks, it's a series of technologies that have been tried, and with the exception of a few niche areas, found to be lacking ... ESPECIALLY with the low cost of disk/ram/cpu and the all-important I/O.

    Virtualization niches include nostalgia game play, obsolete OS work on modern hardware, web/internet hosting, software testing, and not much else. (And you had better re-test that software on actual hardware before shipping it, dammit!).

    "Cloud" niches are toys and marketing hype, at best.

    The old guard are sick of saying it, and the youngsters are tired of hearing it.

  15. amanfromMars 1 Silver badge
    Gates Halo

    Killer Google Bot App + MS App Bot = a Singularity of Passionate Immaculate Purpose.

    "Uhm this is why the whole cloud paradigm was a non-starter to begin with. ....... I mark this article as a fail. Not only for the fact that Cloud computing has its definite drawbacks, but that it took this long for El Reg to catch on. ;-)" ..... By Ian Michael Gumby Posted Tuesday 1st September 2009 18:02 GMT

    IMG,

    It is a horses for courses thing, with the Cloud being Better than Perfect for Imperfect BetaTesting of IntelAIgent Command and Information Control Systems and SCADA .... 4SCADA2. I trust in Global Operating Devices that that Simple Instant Message explains All the Apparent Start-Up Interest. It is though No Place for Beginners* who will Lose Everything at Everything they Try to Do, for IT is not a New Paradigm for Some/Others who Wwwield it in XXXXStreamly Matured Secured Applications/Programs/Pogroms/New World Orders.

    What else would you expect of the Man who has Everything and Nothing but Time on his Hands in Space, except MSChief?

  16. Portent
    Big Brother

    Legal snooping?

    I wonder how long it will be before various government agencies force cloud providers into handing over various data held on behalf of their customers, a little like they do with emails, etc, now.

  17. Anonymous Coward
    FAIL

    Justifiable paranoia? (aka: FAIL Scales)

    >> For years and years and years and ... people have been able to entrust, say, their business accounts to an online accountant.

    I remember the time well - back when you knew, each and every day, which continent your accountant had his server on. For that matter, the continent the guy who jimmied the door to his office was on.

    But that was then. Your online accountant has since migrated to the Cloud in order to reap the benefit of negating the maintenance and management costs of that physical server. His shiny new IaaS server image now exists virtually between two or three continents, as the follow-the-sun package he selected achieves optimal cost for his minimal compute needs.

    Now, have a guess at which continent you're slowly being flamed from .. I'll give you a clue - it's just gone past midnight .. ah, here comes your data now. You're right, of course, it doesn't really matter. But did you know that my access to your accounts, without your or your accountant's consent or knowledge, is legal on this continent? Here's an example from a continent that may also occasionally contain your accounts;

    http://www.securityfocus.com/columnists/478

    Its only unjustified because you don't understand the problem.

  18. Anonymous Coward
    Gates Halo

    Microsoft hugs servers, why shouldn't we?

    The external Cloud demands the outsourcing of trust. And thus amanfromMars is right - if you have no control you have no server (or server integrity, if the owner is kind enough to let you remain on the server while he makes a conquest of your data, clones it running, etc).

    The Microsoft Security Response Center understands this. Their "10 Immutable Laws of Security" becomes a common sense guide to Cloud Security when you replace "bad guy" (the person who has exploited your trust) with "Cloud Provider" (the person you trust);

    http://technet.microsoft.com/en-us/library/cc722487.aspx

    Cloud canneh change the laws of phusics ..

  19. ThePhantom

    @ jake

    Yep, you are correct that SOME timeshare systems offered dialup, but surely Hunt the Wumpus didn't need to be as secure as Stanford's financials - which in theory should have been on another system. LHS also offered dial up, but again, nothing secure was supposed to be on the system.

  20. jake Silver badge

    @ThePhantom

    "Yep, you are correct that SOME timeshare systems offered dialup,"

    Most did, if you knew who to talk to, said PleaseAndThankYou[tm] where appropriate, and were willing to offer elbow grease pro bono. Me, I paid for both of the telephone lines and both modems. Thank gawd/ess Stanford was a local call away ... There is only so much money you can make tuning up cars/bikes/boats and carrying papers when you are 13!

    "but surely Hunt the Wumpus didn't need to be as secure"

    Wumpus and similar games weren't secure, by design. They were built to be fiddled with. If you have access to a Linux or BSD system with the games package, try typing "wump" or "trek" in a terminal for a blast down memory lane :-)

    "as Stanford's financials - which in theory should have been on another system."

    I worked on that system a little later in life (and get called in occasionally to this day). It was, and still is, airgapped. Something that these "cloud" providers seem to be missing ...

    "LHS also offered dial up, but again, nothing secure was supposed to be on the system."

    LHS? Local high school? (Never mind, I just scrolled back up ... I had an account at the Lawrence Hall of Science, too; I may have uploaded the first version of Kermit you ever downloaded in the early '80s :-) ... But I digress, if it wasn't airgapped, it wasn't secure and shouldn't have been treated as such. People who use the word "cybersecurity" in a serious manor make me laugh!

This topic is closed for new posts.

Other stories you might like