Cloud services propose to save companies money by allowing them to run new applications without having to buy new hardware. Now researchers from UCSD and MIT, including UW CSE Ph.D. alumnus Stefan Savage, have launched a “side-channel” attack on data stored in the cloud.
“‘A virtual machine is not proof against all of the kinds of side-channel attacks that we’ve been hearing about for years,’ said [UW CSE Ph.D. alumnus] Stefan Savage, associate professor with UC San Diego, and one of the authors of the paper.”
The side-channel research brings a whole new set of problems, according to UW CSE’s Yoshi Kohno, who is quoted in the article. “‘It’s exactly these types of concerns – the threat of the unknown – that is going to make a lot of people hesitant to use cloud services such as EC2.'”