Hello and welcome to Protocol Enterprise! Today: How enterprise tech companies are making decisions about operating in Russia, those side-channel chip vulnerabilities were not as buttoned up as we thought and the rise of the AI-fueled pizza factory.
Spin up
It’s a good time to be in the cloud business, as well as the cloud-spending management business. According to Flexera’s State of the Cloud report, cloud customers are over budget by an average of 13%, but 29% still plan to spend more next year.
The costs of doing business
As the fallout from Russia’s brutal invasion of Ukraine spreads throughout the world, enterprise tech companies at the lower level of the infrastructure stack are facing difficult questions about how they provide services to Russian companies.
The parade of tech companies that have stopped doing business in Russia is quite long at this point, thanks to the international outrage over the invasion and the fact that Russia’s economy has been reduced to shambles in less than two weeks. There's been no shortage of enterprise tech companies that have followed suit, but to varying degrees.
- AWS and Microsoft have stopped selling services to Russian companies or individuals, but they appear to still be allowing existing customers to use their cloud services. Google Cloud also still appears to be online in Russia.
- On the SaaS side, Salesforce, SAP and Oracle all said they too would stop selling their services in Russia, but it’s not clear how they continue to provide support for existing customers, which is a rather important part of the software business.
- And at the lowest level of the stack, networking companies Cogent Communications and Lumen have disconnected their backbone pipes to Russian networks, although redundancies will ensure that Russians will still have contact to the outside internet.
Other vendors, like Cloudflare and Akamai, have been more direct about their plans to continue providing their services to Russia.
- “Indiscriminately terminating service would do little to harm the Russian government, but would both limit access to information outside the country, and make significantly more vulnerable those who have used us to shield themselves as they have criticized the government,” Cloudflare CEO Matthew Prince wrote in a post Sunday.
- “Consistent with our mission to power and protect life online, we have made a deliberate decision to maintain our network presence in Russia,” Akamai said in a similar statement.
- And despite calls from Ukrainian officials to cut Russia completely off the internet, ICANN made it pretty clear early in the conflict that it would not take that step.
We’ve been using the term “unprecedented” a lot the last few years, but this is indeed new territory for enterprise tech companies built around cloud services.
- Other major global conflicts over the last 15 years have not involved countries home to big users of their services, or took place before those services gained traction as a new way of doing business on the internet.
- The financial impact of these decisions will not be missed; Microsoft CFO Amy Hood estimated Russia accounted for about 1% of Microsoft revenue, and while 1% of Microsoft’s revenue is still a pretty big number it’s likely not material.
- But the long-term impact could be profound: How will these companies react during future conflicts? What would it take to make them bow to pressure from the outside world to cut all ties to Russia?
However horrified enterprise tech companies and workers are by the events of the last two weeks, these are not easy decisions. And this war is far from over.
A MESSAGE FROM ADOBE
Get inspired as we make the digital economy personal at Adobe Summit 2022. Explore the top industry trends and insights, expand your skills, discover the latest innovations from Adobe Labs, and connect with peers and experts from around the world.
Spectre is back! (kinda)
AMD, Arm and Intel issued security advisories and recommendations Wednesday, warning of an exploit that bypasses some of the defenses developed to shore up one of the most notorious vulnerabilities in modern chips.
Researchers at the Vrije Universiteit Amsterdam said in a post they had developed a method to circumvent some security measures developed since the Spectre and Meltdown vulnerabilities were disclosed in January 2018. Using a novel attack method, the researchers said that they were able to get a core part of the Linux OS to leak critical system data, such as the root password.
The vulnerabilities the security researchers outlined center around a technique called speculative execution that many modern chips use to increase performance. Using spare resources, a chip will perform some processing ahead of when the task is actually needed in order to improve overall performance, but savvy attackers can exploit that technique using precise timing to read data that's unprotected before it is actually executed.
Security researchers discovered in 2017 that it was possible to exploit chips that used speculative execution, which was widely used in modern processors, and disclosed their findings in early 2018. The vulnerability, called Spectre, affected computers using Intel or AMD chips as well as Arm-based designs and forced the industry to quickly develop a series of fixes.
Pizza factories, thanks to machine learning
Zack Fragoso, manager of data science at Domino’s Pizza, oversees machine-learning operations at the pizza chain that famously has considered itself to be a tech company for years. With 68 data scientists and five machine-learning engineers on staff running analytics and building AI, keeping track of algorithmic models used for things like delivery logistics and tracking in-store pizza prep is no small task.
“I look at Domino’s as having 6,000 factories that make pizza,” Fragoso told Protocol last week.
Today, some of those “factories” are testing new ways to speed up the pizza-making process, which affects those ML models. “That’s an example of ground truth change,” Fragoso said. “That’s when the model needs to be updated.”
Around the enterprise
A secret U.S. effort to bolster Ukraine’s cyber defenses might be one of the reasons why we saw fewer cyberattacks than expected last week, according to the Financial Times.
However, Ukrainian officials are still making plans to move the government’s sensitive dataout of the country should the capital fall in the coming days or weeks.
Databricks introduced a version of its data lakehouse technologydesigned specifically for health care customers.A MESSAGE FROM ADOBE
Get inspired as we make the digital economy personal at Adobe Summit 2022. Explore the top industry trends and insights, expand your skills, discover the latest innovations from Adobe Labs, and connect with peers and experts from around the world.
Thanks for reading — see you tomorrow!