Comment by Roritharr

8 years ago

Thinking about this, they're probably gonna introduce "insecure but cheap" instances for customers that don't mind the chance of data leaks and takeovers...

16 comments

Roritharr

pvarangot 8 years ago

Which is going to be everyone except customers who already have issues with cloud and need special instances because of regulations. Then we'll wee the occasional "30.000 credit cards stolen" hack every three years because of this issue and that'll be it.

It's another situation like what happened with WEP WiFi encryption ten years ago.

ofrzeta 8 years ago

That would be hard to market.

geofft 8 years ago

You could run the entire free tier there and disable it for paying customers - I'm sure there's a significant fraction of Amazon and Google's clouds, at least, that are on the free tier, and saving money on those would help everyone (they'd let people who aren't yet at a significant enough scale to care about security play around with things for free, and they'd let the cloud providers pack them very tightly).
fermienrico 8 years ago
Indeed, the idea of "Security" is not negotiable when marketing.
Imagine buying a car that says, "Save $5000 for a less safe version without airbags." Yes, I know Airbags are DOT requirement, just trying to make a point.
Edit: I think people are missing my point. I am not saying they don't sell cheaper models that are less safe. My point is that they don't ACTIVELY market them as such. Point me to an advertisement that says "Save $5000 for a less safe car!". This is in the spirit of what the GP was talking about whether cloud providers can market as "Less secure but cheaper HT option".
- ISL 8 years ago
  
  There are absolutely situations in which a substantially cheaper but less-secure/safe solution to a problem can make economic sense.
  Suppose you have $5k, you need a car in order to feed your family, and that only the following two options are available: You can buy the safe car for $10k or a less safe car for $5k.
  In that situation, less safety can be a reasonable choice.
  Indeed, there was a long period of time in which Volvos were demonstrably more safe than other lower-cost vehicles, yet people bought the lower-cost vehicles.
  In the cloud-offering world, instead of marketing servers as "less-secure", they can simply offer "more-secure" options that run on non-HT hardware. HIPAA-compliant cloud-buyers will have to upgrade, and then the cloud vendors can slowly lower the prices on both, making the less-secure option lower cost than the present day.
  
  2 replies →
- vorpalhex 8 years ago
  
  The Ford Pinto Deluxe, a beautiful car for only $10k!∞•º
  ∞ Known to cause cancer in the state of California
  • This statement not evaluated by the FDA
  º Might spontaneously catch fire and explode in minor accidents
- opencl 8 years ago
  
  Car manufactures do exactly that all the time though. Things like auto emergency braking and side airbags are still options that you can pay extra for. Airbags, anti lock brakes, backup cameras, etc. were all available as optional upgrades for decades before they got mandated.
- dumbfounder 8 years ago
  
  Yeah but they just wouldn't market it that way. It's easy enough to spin. You have the regular version, then you have the "enhanced security" version.
  
  1 reply →
- userbinator 8 years ago
  
  ...and people still buy motorcycles (which are significantly cheaper), proving that "security" or "safety" is not an absolute, nor a must-have.
  
  1 reply →
mrep 8 years ago

For private databases, sure, but I don't need that security if I am running an isolated server that only hosts public data.

pvg 8 years ago

That's always been a fundamental part of the proposition of multi-tenant VM hosting, though.