CPU as a service has come!

Paul Boddie paul at boddie.org.uk
Wed Nov 29 11:23:21 UTC 2017

On Wednesday 29. November 2017 10.01.25 Giovanni Biscuolo wrote:
> in other words (sorry if I'm stressing on this), some computing devices
> have become **virtual machines** running in a stealth host with a complete
> OS running on it; you have not root access to the host, just to the
> virtual machine (NIBM - aka not invented by me)

Right. For example, it is important that people question whether their 
smartphone's "root" mode, generously allowed by the vendor, is actually giving 
them "device root" privileges or whether it just lets them install something 
they like into a virtual machine.


> >So we need to consider all of these things, or at least many of them.
> >These days, I constantly find myself reminding people to beware of the
> >zero-sum game, as they promote their favourite things at the expense of
> >other, equally worthwhile things. This is no different.
> I'm not promoting anything, I'm just questioning the proposed solutions in
> the light of this new "discovery"

But it is irresponsible to categorise various kinds of technology as "useless" 
when they are only insufficient under certain circumstances, such as those 
where people can access your device and read your keychain as if they were 
you, for example. People may think that they and others are focusing on the 
wrong things when we can surely agree that these are also the right things to 
use and to work on.

I would formulate this as a matter of the hardware *undermining* the 
successful use of these other technologies, which may make the *application* 
of those technologies appear "useless" if the hardware's undesirable 
characteristics are exploited, but do not make the technologies themselves 
useless. With a remedy for the hardware problem, these technologies do not 
suddenly become inherently useful, because they were useful all along.

> ...not true, I'm _promoting_ a serious question: can the market alone fix
> the "CPU as a service" issue?

It depends on what measures are in place to prevent people "corrupting" the 
hardware without some kind of strong, independent regulation. It has been 
noted that adopting other CPU architectures doesn't solve this problem ("what 
about the foundries?" and so on), but that doesn't make things like RISC-V 
(which may ultimately be part of Google's way out of this) "useless" and not 
worth pursuing. The solution involves pursuing many things at once and 
recognising that they are all worthwhile.


More information about the Discussion mailing list