I think the average company should and does trust the physical security of Amazon's datacenters more than their own. If I had a nickel for every unvetted janitor allowed to clean an office alone near an easily pickable hardware closet...
this is more about the chipset on the motherboard.
to backdoor this you need to saddle a chip or a connector onto the PCH chip and win the race to takeover the bus.
or if your intel and you send a firmware update to modify the ME behaviour /state.
it would be fairly suspect in most cases but if this was done at the factory, it would be hard to tell for most people.
What really matters is just how much of a target you might be for someone to take the effort to engage in what really amounts to industrial/corporate espianage.
how long does it take for a machine to be opened and booted up, and what sort of charade would be required to make the opportunity.
if someone flatout stole your laptop, how long would it take for you to notice its been replaced by a stand in? would someone have the opportunity to swap your real laptop back to you unnoticed?
and seriously it doesnt need to be a nation state that does this, as all you need to be capable of physically is to inject digital pulses into the bus
crafting an exploit is where the skill comes in.
some people are motivated just by the opportunity to stir a pot.
"Cloud" is merely the modern spin on "terminal in the office, mainframe at the HQ". We moved from terminals to local mini/microcomputers back then, and we will move from "cloud" to edge computing again. Notably, serverless and "installable web apps" are already a growing thing.
And no, Sun, the network is the computer will not come to pass during this cycle.
AWS makes up a massive fraction of the whole internet. That ship has absolutely not sailed. If your company doesn't own the mainframe, it doesn't control the hardware.
> And no, Sun, the network is the computer will not come to pass during this cycle.
... we are arguing about this via web browser. O365, Google docs, Dropbox, iCloud and company are common ways to work with documents, SaaS has been a wild success in business, and major players (no pun intended) are pushing game streaming. The network isn't the only computer, but for a lot of people it's the main one.
The historical mainframes usually were rented from IBM and the likes. Less sunk investment, less reasons to stick with it.
>we are arguing about this via web browser
Which works equally well for remote AND local resources. Electron is popular for a reason.
All the centralized services - online Docs, Dropbox, Github etc., - are more subject to disruption and replacement than they would want you to believe.
SaaS has been a success in the same way "bring your own device" was a success - an end-run around the ossified, slow-moving and bureaucratic ICT department. It was nimble, fast and elastic; allowed for quick iteration and experimentation. Now that the SaaS is a big game, it's subject to the very same kind of disruption.
Take a look around, you'll see people using local Git repositories, and locally hosted web-based services to get shit done. Just to avoid the hassle of procurement & upkeep of big-name SaaS. Containers let you move the data & code to unmanaged iron where it's close to the user, instead of one big managed datacenter. SaaS and datacenter computing is not nimble anymore; local is nimble, and Google Stadia delivered the eulogy.