Hand wringing and confusion over the recently announced #Spectre and #Meltdown bugs are making the rounds. These bugs shake the foundational assumption of modern computing — that CPU privilege levels and virtual memory work as intended. This assumption is what makes multitenancy in the cloud possible. The spectre (get it?) of data leaking between cloud tenants should concern everyone who uses or operates multitenant service.
Should I be scared?
Maybe, but not about this. The major cloud providers had advance notice, and did an awesome job of getting patched.
“All instances across the Amazon EC2 fleet are protected.”
“The majority of Azure infrastructure has already been updated to address this vulnerability.”
“GCP has already been updated to prevent all known vulnerabilities.”
What can we learn from all this?
More or less, if you delegated your infrastructure management to someone big, you don’t have to take any action. That is a pretty good position to be in.
The downside of multitenancy in the cloud is that bugs like this one will enable attackers to violate the separation from time to time. The upside of the cloud is that indiviual operators don’t have to worry much about patching.
I think the lesson here is that security at scale works better. Perhaps there is a design principle to consider:
To the extent possible, delegate your security operations to someone doing it at a bigger scale than you.
I’d love to hear what you think.