Cloud proof of failure - was:: wikileaks unreachable

• Previous message (by thread): Cloud proof of failure - was:: wikileaks unreachable
• Next message (by thread): Cloud proof of failure - was:: wikileaks unreachable
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[peter's theory]
> > The cloud is a failure. Too easy to get it down.
> > I guess wikileaks returning to dedicated hosting proofs that.

> No, it just proves that organizational decisions are made by human beings t=
> hat have values.  Whether or not those values are 'right' isn't the point -=
>  the point is that the technology isn't what failed here.
> 
> There are plenty of dedicated server hosts that would have shut off wikilea=
> ks under political pressure - and there are plenty of 'cloud' hosts who wou=
> ld have kept them up.  I don't think we can draw any pass/fail conclusions =
> WRT cloud computing (defined here as virtualization-as-a-service) from the =
> removal of Wikileaks from S3.

The question would appear to be whether attacks outside the technical 
space should be considered a failure.

It should be obvious that if I can attack your site with a blast of IP
traffic and deny others access to it, that's an effective takedown.  I
believe that someone DDoS'ed EveryDNS hosting of Wikileaks DNS.  On the
other hand, EveryDNS appears to have *chosen* to stop supplying service
to Wikileaks, so this was not a purely technological takedown.

The neat thing about cloud computing is that it is, to borrow Amazon's
term, "elastic."  I'm not sure we've seen scalable computing that can
be scaled rapidly in this manner for largely arbitrary purposes in the
past, and a cloud the size of Amazon's is probably able to cope with a
DDoS of virtually any size, assuming a willingness to throw sufficient
resources at it.

>From that perspective, I cannot see cloud computing as a failure, but
instead a massive success.

However, I can see outsourcing as a potential failure.  When you allow
a third party (Amazon, EveryDNS, whoever) to become involved in your
operation, you are essentially allowing them a veto over your continued
technical operations.  This makes the outsourcing provider an attractive
target for interference of the legal/political type.  How tolerant 
would your webhosting provider be of continuous DMCA complaints being
submitted about your web site, for example, even if they were without
merit?

>From that point of view, cloud computing may be inherently a bit more
vulnerable, because clouds tend to be resources being rented to third
parties.  With dedicated servers and/or your own IP space/servers, you
have increasing amounts of control over the response to certain threats
outside the technical realm.

A risk analysis of these factors is, therefore, suggested when deploying
services.  On average, the benefits of being able to rapidly provision
and scale resources in the cloud probably vastly outweighs the risks to
the average operation of political/legal pressures on the cloud hosting
provider; that computation necessarily changes for something like 
Wikileaks.

Of course, if one views the Internet itself as a sort of meta-cloud, it
should be obvious that meta-cloud computing is proving to be very
resilient.  But that brings us to a Tron-like mentality about the whole
Internet...  how apropos.  :-)

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

• Previous message (by thread): Cloud proof of failure - was:: wikileaks unreachable
• Next message (by thread): Cloud proof of failure - was:: wikileaks unreachable
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]