Monday Aug 08, 2011

Oh, the irony! Cloud-to-Cloud Lightning!

Yesterday, in a case of extreme irony, real clouds struck back at human clouds when lightning hit a power transformer at the Amazon Elastic Cloud service in Ireland. "Full service recovery may take 24-48 hours", they said. This outage follows by a few months another significant EC2 disruption caused by a configuration update; not that these unfortunate episodes are unique to Amazon. But they do point to the serious cloud computing issue of putting so many eggs in one cloud basket...what are the availability, recovery, and liability requirements for users of large, multitenant cloud services? Clearly we still have a long way to go in this inevitable move to cloud computing. And such incidents imply that at least for now, cloud users may need to implement alternative availability and recovery technologies in order to mitigate the effects of cloud outages.

Wednesday Jun 22, 2011

New Cloud Security Book: Securing the Cloud by Vic Winkler

It's rare that I read a technical book straight through; I usually read key chapters and save the rest for later reference. But Winkler's book, written by an accomplished and highly experienced security professional, was worth a complete read, cover to cover. Of the recently published cloud security books, such as...
  • Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance, by Tim Mather, Subra Kumaraswamy, and Shahed Latif; O'Reilly Media Inc, 2009;
  • Cloud Computing: Implementation, Management, and Security, by John Rittenhouse and James Ransome; CRC Press 2010;
  • Cloud Security: A Comprehensive Guide to Secure Cloud Computing, by Ronald Krutz and Russell Vines; Wiley Publishing Inc, 2010
...Securing the Cloud is the most useful and informative about all aspects of cloud security. Clearly, through his experience, the author has thought through many practical issues of securing large, virtualized IT installations. His Chapter 6 on Best Practices and Chapter 9 with its valuable checklists are worth the price of the book. If you are among the many new cloud computing professionals, Securing the Cloud is an essential reference for your work.

Monday Jun 13, 2011

The Cloud = Skynet?

The Cloud = Skynet?

Humans tend to attribute magical properties to things they don't understand. Throughout history, this tendency has often resulted in fear of technology, admittedly sometimes justified. Hollywood movies have exploited this fear for decades, creating frightening tales of radiation-induced monsters and maniacal computers. Googling for "Cloud Computing" with "Skynet" yields more than half a million hits, including lengthy discussions of the supposed dangers of computers, the Internet, robots, Google, and the imagined future of cloud computing.

Computing industry luminaries have addressed peoples' unease with rapidly advancing technology, sometimes with a cautionary, warning approach such as Bill Joy's widely read Wired article in April 2000, Why the future doesn't need us, and sometimes positive and optimistic like Ray Kurzweil's The Singularity is Near. I think each of these represent the extremes in thinking about the risks and benefits of technologies such as cloud computing.

The popular assumption often made about the evolution of machine intelligence is that we will create a form of computer consciousness vastly superior in every way to that of humans. But even after decades of research in cognitive science, AI, and brain modeling at such leading centers as the the Krasnow Institute, and the Santa Fe Institute, scientists are a very long way from creating even the simplest simulations of anything we could reasonably call consciousness in large, complex, massively-connected systems [1]. And when they do, very likely they will produce the mental equivalent of a child, and will then have to deal with the issues of how conscious minds learn and grow, how they form opinions, beliefs, and biases, and how they make mistakes, to say nothing of how they self-maintain and self-repair, none of which we yet fully understand. Quite likely, we will not only create a very primitive kind of artificial consciousness, but along with it will come artificial stupidity, credulity, and other imperfections of the human mind.

So, no, the Cloud is not and is very unlikely to ever become Skynet. Nevertheless, I will continue to watch Hollywood's entertaining attempts to excite us with aliens, monsters, and crazy computers, and I will enjoy the dazzling special effects that modern computing enables. If I have any concerns at all, it's with our demonstrated inability to create absolutely reliable systems coupled with our increasing reliance on the Internet and the Cloud. Our complex, technology-dependent society has much more to fear from accidental and intentional connectivity failures and security issues than from any chance that the Cloud will become "self-aware".

[1] And no, IBM's Deep Blue chess-player and Watson Jeopardy-player hardly count as near-conscious entities; they are merely impressively fast and are very good at highly specific tasks like games and analyzing natural language.

Sunday May 15, 2011

Java Gets Cloudy

Most of the books I've seen so far about cloud computing are full of advice, "shoulds" and "shouldn'ts" about cloud concepts and architecture, security recommendations, and policy compliance, but are not much in the "how" department. Of course, there are multiple perspectives from which to view the cloud -- end user, IaaS or PaaS provider, services broker, and, of course, developers. So, how do you actually build "cloud applications"? And what programming languages and APIs should developers use to build them? Well, there are some answers available.

Recently published is Code in the Cloud: Programming the Google App Engine, by Mark C. Chu-Carroll of Google. He starts his book with cloud programming examples written in Python, but then jumps to Java and the Google Web Toolkit, a very useful set of Java class libraries and widgets that generate fast JavaScript-based Web applications.

But that's not all; JCP, the caretakers of the Java technical standards, recently approved the Java EE 7 Platform Java Specification Request which will enable Java EE applications to support the multi-tenant and elastic features required for cloud computing solutions. Oracle's developers and customers, along with those of IBM, Red Hat, and even SAP, are pleased to see the continuing evolution and support of Java technology into "the Cloud".

Hmmm..."Write Once, Run in the Cloud" has a nice ring to it, don't you think?

Wednesday Mar 16, 2011

The Cloud is STILL too slow!

[Read More]

Saturday Feb 12, 2011

Cloud Computing in words of one syllable

[Read More]

Monday Nov 15, 2010

Solaris 11 Express

[Read More]

Monday Sep 20, 2010

Oracle OpenWorld: Cloudy with a 100% Chance of Sun

[Read More]

Thursday Sep 09, 2010

Zombie Technologies

[Read More]

Sunday Sep 05, 2010

Cloud Security Books

[Read More]

Tuesday Aug 24, 2010


[Read More]

The purpose of this blog is to highlight and to explore general issues around "Cloud Computing" -- its benefits, risks, and component technologies -- and how they are evolving. I'll also periodically comment (of course!) on Oracle's Cloud Computing capabilities, resources, and cloud-related events. -- Harry J Foxwell, PhD, Principal Consultant for Cloud Computing, Oracle Public Sector HW


  • Oracle
« April 2014