TR: If a full cryptographic solution is far-off, what would a near-term solution look like?

WD: A practical solution will have several properties. It will require an overall improvement in computer security. Much of this would result from care on the part of cloud computing providers–choosing more secure operating systems such as Open BSD and Solaris–and keeping those systems carefully configured. A security-conscious computing services provider would provision each user with its own processors, caches, and memory at any given moment and would clean house between users, reloading the operating system and zeroing all memory.

An important component of security will be the quality of the personnel operating the data centers: good security training and appropriate security vetting. A secure data center might well be administered externally, allowing a very limited group of employees physical access to the computers. The operators should not be able to access any of the customer data, even as they supervise the scheduling and provisioning of computations.

TR: Would any public-policy moves help or hurt the situation?

WD: A serious potential danger will be any laws intended to guarantee the ability of law enforcement to monitor computations that they suspect of supporting criminal activity. Back doors of this sort complicate security arrangements with two devastating consequences. Complexity is the enemy of security. Once Trojan horses are constructed, one can never be sure by whom they will be used.