• Home
  • Et Cetera

Infosecurity.US

Why Cloud Computing Is Inherently Insecure

By Marc Handelman on December 4th, 2008

Amerit Williams, the TechBuddha, has posted a superb analysis of the issues facing cloud computing initiatives, specifically targeting the security weaknesses found in their respective architecture. A short snippet of Amerit’s blog post (and today’s MustRead) appears after the jump.

From Amerit Williams post:  “There is little doubt that cloud computing offers benefits in how organizations look to drive greater benefit from their IT dollars, but there are also many trade-offs that can dramatically reduce, and negate the benefits altogether, understanding these trade-offs will allow an organization to make the right decisions.

As with most advancements in computing, security is generally an afterthought, bolted on once the pain is great enough to elicit the medication. Sort of like the back pain of IT, security enhancements tend to result once the agility (availability, reliability, etc) is somehow inhibited or because it is prescribed as a result of a Doctors visit (compliance audit) cloud computing is no different…”

Amazon AWS, Google App Engine, Microsoft Azure, and More – Part 1: Can We Secure The Cloud?

Categories: Cloud, Common Sense, Data Security, Infosecurity, MustRead, TechBuddha
Tags: Cloud Computing, TechBuddha, Why We Pay Attention to Amrit Williams

Comments are closed.

« VMware Announces New Security Advisory FBI: Copper Theft Threatens U.S. Infrastructure »
  • Latest
  • Random
  • Bookmarks
  • Archives
  • Oracle Patches Critical WebLogic Flaw
  • Lisa Benson: Beanstalk
  • USB Electronic Key Impressioner – Open Sesame
  • Sherffius: Bacterial-Laden
  • Firefox Malware Extensions Discovered
  • Holbert: Trillion Dollar Stuck Pedal
  • But Wait, There’s More – 13 Critical Security Patches Queued For Microsoft’s PatchTuesday
  • Thach Bui: Monumental Upgrades
  • New, Critical Internet Explorer Vulnerability – Nearly All Versions Affected
  • Lisa Benson: Health Care Reform R.I.P.
  • Dilbert: Bitspew
  • Dinosaur Comics: Baloney
  • Oracle Patches Enterprise Linux, Fixes for UP2DATE, OCFS2
  • XKCD: Decline
  • Windows 7 Pirates – No Soup For You
  • Ubuntu Announces OpenSSH Patch
  • Dilbert: Award
  • XKCD: Papyrus
  • Linus: Security Circus – Admission Is Free
  • Apple DNS Patch Problem: No Fix For MAC Clients!
  • Apple
  • BSD
  • Closson
  • Darknet
  • Debian
  • Finnigan
  • ha.ckers
  • Hoff
  • Insecure
  • Krebs
  • Layer8
  • MSRC
  • Network Security Blog
  • NSA SEL
  • openSUSE
  • RedHat
  • SANS
  • Schneier
  • Security Eunoia
  • Securosis
  • Shimel
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
Subscribe

Featured Blog - Blogs.com SANS Security Reading Room KnotOriginal: fine art to hang on your body and walls Member - Security Bloggers Network

Dilbert

Sponsored Links

KnotOriginal

Featured Video

RSS Cryptography

  • Microscope-wielding boffins crack cordless phone crypto 2010/02/08
  • Making packet processing more efficient with network-optimized multicore designs: Part 2 2010/02/08
  • New Attack on Threefish 2010/02/07
  • So I deleted it without reading it. 2010/02/06
  • Kaspersky: Google hack takes spotlight from Russia 2010/02/05
  • IP Cores, Inc. Announces an Update of its Elliptic Curve Crypto Accelerator 2010/02/05
  • SMIC, SSHIC deliver smart card IC using 0.162 m EEPROM 2010/02/04
  • Revere Security Appoints Co-Inventor of Public-Key Cryptography... 2010/02/03
  • Data defenders: Researchers try to ward off increasingly sophisticated cyber attacks 2010/02/02
  • IP Cores Selects Phoenix Technologies for Israel 2010/02/02

RSS Security Bloggers Network

  • My Blackhat DC Paper, Slides, and Video are available 2010/02/08 IBM Internet Security Systems Frequency X Blog
  • Is Your BlackBerry Spying On You? 2010/02/08 spinman
  • The 800-lb Dragon’s APTitude 2010/02/08 Bill Wildprett
  • Wrapping insecure web apps with Apache 2010/02/08 Asmodian X
  • Oracle Patches Critical WebLogic Flaw 2010/02/08 Marc Handelman
  • Lisa Benson: Beanstalk 2010/02/08 Marc Handelman
  • Week 5 in Review 2010/02/08 glenn
  • Google Street View Car Gets GPSed by F.A.T. Pranksters 2010/02/08 Devin McDonald

RSS SANS ISC

  • Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html, (Tue, Feb 9th) 2010/02/09
  • When is a 0day not a 0day? Samba symlink bad default config, (Tue, Feb 9th) 2010/02/09
  • When is a 0day not a 0day? Fake OpenSSh exploit, again. , (Mon, Feb 8th) 2010/02/08
  • Mandiant Mtrends Report, (Sun, Feb 7th) 2010/02/07
  • LANDesk Management Gateway Vulnerability, (Sat, Feb 6th) 2010/02/06
  • tweaked ISC layout. Please submit screen shot and browser details if things don't look right., (Sat, Feb 6th) 2010/02/06
  • Oracle WebLogic Server Security Alert, (Sat, Feb 6th) 2010/02/06
  • New version of Andreas Schuster's Evtx Parser released http://computer.forensikblog.de/en/2010/02/evtx_parser_1_0_2.html, (Sat, Feb 6th) 2010/02/06
  • Memory Analysis - time to move beyond XP, (Fri, Feb 5th) 2010/02/06

RSS Oracle

  • Oracle to Acquire AmberPoint 2010/02/09
  • Bookmarkable page with parameters 2010/02/09
  • 32-bit to 64-bit database migration tips: OLAP upgrade 2010/02/08
  • ADF Coding Ninja 2010/02/08
  • Case Study: Swedish Rail Operator SJ Increases Revenue and Customer Satisfaction Using CRM 2010/02/08
  • Random Things: Volume #13 2010/02/08
  • v-Commerce? 2010/02/08

RSS MySQL

  • A deep look at MySQL 5.5 partitioning enhancements 2009/12/24
  • Sun "Tech Days" Conference World Tour Kicks Off in Brazil 2009/12/07
  • Tino Rachui: Using MySQL Cluster in Sun's Virtual Desktop Infrastructure 2009/11/10
  • MySQL Database Analytics with InfiniDB from Calpont – Part 2 2009/10/28
  • MySQL Database Analytics with InfiniDB from Calpont – Part 1 2009/10/27
  • What's New in the MySQL Enterprise Fall 2009 Release? - Interview with Mark Matthews and Andy Bang 2009/09/08
  • Introducing the MySQL Librarian 2009/07/14

RSS Linux

  • Oracle Drops Sun's Commitment To Accessibility - Slashdot 2010/02/09
  • LinuxCon Puts Out Call for Papers Ahead of Summer Event - OStatic (blog) 2010/02/09
  • How To Reverse Engineer A Motherboard BIOS - Benchmark Reviews 2010/02/09
  • Oracle Patches Dangerous WebLogic Server Flaw - eWeek 2010/02/09
  • Unix ENGINEER - TRADING - SYDNEY CBD! - Australian Techworld 2010/02/09

RSS MAC OSX

  • Anti-DRM Protest Against The iPad Grows 2010/02/08 Eli Milchman
  • Amazon to Hike Ebook Pricing as iPad Ships 2010/02/08 Ed Sutherland
  • Daily Deals: iPhone Acces. Bundle, External Superdrive, App Store Freebies 2010/02/08 Ed Sutherland
  • Mock Up Your iPad Ideas With IA’s Omnigraffle Template 2010/02/08 Giles Turnbull
  • The inevitable DIY iPad papercraft mockup 2010/02/08 John Brownlee
  • Apple to app devs: don’t use Core Location “primarily” for advertising 2010/02/08 John Brownlee
  • Report: Carriers to Subsidized iPads for 2-Year 3G Contracts 2010/02/08 Ed Sutherland

RSS Microsoft

  • February 2010 Bulletin Release Advance Notification 2010/02/04 MSRCTEAM
  • Security Advisory 980088 Released 2010/02/03 MSRCTEAM
  • January 2010 Out-of-Band Security Bulletin Webcast 2010/01/22 MSRCTEAM
  • Bulletin MS10-002 Released 2010/01/21 MSRCTEAM
  • Security Advisory 979682 Released 2010/01/21 MSRCTEAM
  • Advance Notification for Out-of-Band Bulletin Release 2010/01/20 MSRCTEAM
  • Security Advisory 979352 – Going out of Band 2010/01/19 MSRCTEAM

RSS Network

  • Europe lagging behind on fibre broadband adoption 2010/02/08
  • LG NAS N4B1 review 2010/02/08
  • VoIP patent under review by Patent Office 2010/02/08
  • YouTube now supports IPv6 2010/02/08
  • Where do web giants stand on IPv6? 2010/02/05
  • Intel details vPro for Core i5, i7 processors 2010/02/05
  • Microsoft IE still popular, researcher says 2010/02/05

Daily Posts

February 2010
S M T W T F S
« Jan    
 123456
78910111213
14151617181920
21222324252627
28  
Creative Commons License
The Infosecurity.US Blog is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Find the best blogs at Blogs.com.

Creative Commons Attribution-Share Alike 3.0 U.S. License ©2010 Infosecurity.US

Subscribe