The One and the Many

Security and cloud platforms

For a long time I've been paranoid about security. In high school I was obsessed with OpenBSD for that reason.

Part of this has always meant that I've only trusted things I run myself. For example at one point I ran my own mail server.

Recently I've been more and more convinced that this isn't the best approach for security. I've been thinking about why this is, and why I think a cloud platform is superior security wise.

There are two main reasons.

First, a cloud platform makes it feasible to isolate different programs. For example, when I self host, I tend towards having servers that run a huge number of different programs and services. I would run my mail client and my IRC server and my web server and who knows what else all on one system. If one of these was compromised, in many cases it's game over for everything.

With a cloud platform, especially with tools such as Lambda or Cloud Functions, I'm able to run a program and have it be walled off from everything else. It can do very little if it's compromised. From my perspective it is in a very strong jail.

Certainly there are other ways to achieve isolation. My thinking is that with a cloud platform it is more feasible and there are great tools for it. The platform and its tools provide a jail.

Second, a cloud platform provider focusses more resources on security than I ever would. I can take advantage of their expertise by letting them run services and code for me. I can work from the premise that what they provide is secure.

When I see things such as cloud platforms proving system correctness, it's clear there is a big focus on making their services bulletproof to a whole different level.

It comes down to making a cloud provider responsible for things I run where possible. I can build on them and achieve much stronger security.

For example, if I have work that needs to be processed by several programs such as through a queue, I can isolate the programs except through their ability to use Pub/Sub topics. They can't interact with the outside world except through this secure medium that I am not responsible for.

The term cloud gets thrown around a lot as a buzzword, but there is truth to the concept being important. It's an evolution. I can go from being responsible for running a big stack of scary C code, to in many cases making that entirely gone (from my perspective). Yes there's scary stuff running underneath but it's not my responsibility.

It makes many things that used to be so important, like Linux distributions, irrelevant. If I'm running something in Lambda or Cloud Functions, what do such things matter?

Together these two aspects make running systems on a cloud platform a strong approach for security today.

Arguments against cloud platforms

The argument against cloud platforms for me has always come down to two things.

First, it means trusting a big corporation. They have access to all the data I put on their systems for example. Are they going to gleefully dig through it? I think this is not a realistic concern. If Google lets their employees run rampant through customer data, there's going to be problems for them.

There is certainly a concern that they likely provide access to things like law enforcement or spy agencies. Hopefully they are not your adversary I guess.

Second, there's a cost argument. If I buy a server and run it in my apartment, I can host things pretty cheaply. Cloud platform costs can add up quickly.

Ignoring the security aspect, there's a trade off in terms of time and effort in doing this. If something goes wrong with my server's hardware, I'm going to be in trouble and have to fix things quickly. I'm also going to be putting in effort maintaining it.

In summary

While it might seem like caving to big companies and centralisation and closed source, I feel like it is my thoughts maturing. It's been a long road to get here, and now I feel like too big a proponent of big cloud platforms sometimes, but there is a lot to be said for the benefits.

Comments