While the rest of the world experiences performance loss after applying the security updates to protect against Intel processor vulnerabilities, Google is suggesting that it has found a way to protect its cloud customers and still retain top execution performance.
Google lays out the information in a blog titled “Protecting our Google Cloud customers from new vulnerabilities without impacting performance.”
If you’ve been keeping up on the latest tech news, you’ve undoubtedly heard about the CPU security flaw that Google’s Project Zero disclosed last Wednesday. On Friday, we answered some of your questions and detailed how we are protecting Cloud customers. Today, we’d like to go into even more detail on how we’ve protected Google Cloud products against these speculative execution vulnerabilities, and what we did to make sure our Google Cloud customers saw minimal performance impact from these mitigations.
It is interesting, though, that Google had more time to develop a patch because it actually found the flaw. According to the Google Project Zero report, the flaw was reported to Intel in June of 2017. But, the company didn’t actually announce it until early this year – even though Google’s policy has been to expose flaws 90-days after reporting it to the vendor. Google’s policy has been a point of contention between it and Microsoft several times. Why did Google wait 7 months to publicly announce this one? Possibly to give it time to develop its own patch? In the cloud industry Google is in a distant third place.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!