Re: Middle ground
My experience with embedded dates back to 1980 and, as you point out, it is not relevant in this context. Where length/breadth of experience is relevant is in safety critical software and hardware engineering. Given that the body count started in the hundreds and no real upper limit on fiscal damage, you have to take a very restrictive approach in every assumption and requirement of the system(s). The best assurance I could ever provide was that things would fail safe. I see that salient point missing around Intel, at least in general computing.
Something else missing in the discussion is that a "Cloud Provider" must make absolutely 100% certain that the client is using only a completely up-to-date operating system for the virtual instances the client is paying for and I can't see that happening at all. That requirement completely abrogates the whole idea behind IaaS, dropping all clients to the next higher abstraction of PaaS, with the cloudy provider assuring that only certified operating systems are in use as provided by the provider themselves. And that has to be equally true of every VM in operation on a virtual server. Implementing that, I'd rather not have to see done, but it's the only thing left to do if "The Cloud" is going forward as a concept.
As someone else put, this class of bugs is the gift that will keep giving. Certainly insuring job security for those who are hunting and those who are defensively engineering solutions to those bugs identified.
Biting the hand that feeds IT
