As for the Cloud == Elastic, I would say elasticity is definitely one of the key properties of cloud computing. I am not sure how I was contradicting myself. My point is that using the cloud for password cracking is a good testament of the elasticity of the cloud, but not a security benefit of the cloud.

You seem to be assuming that virtualization implies storage on demand. In my experience this isn’t the case - provisioning cannot be taken for granted - additional storage or CPU isn’t available on tap (or if it is, the tap runs dry when there are multiple requests). So if I want to test security patches, I can’t assume I have double the diskspace available (or triple if I’m testing combinations). Maybe I do, maybe I don’t but its not predictable. With the Cloud I can assume that (or its broken ;-). The point I’m trying to make here is its the coupling of virtualization and pay per drink (read: instant availability and metered resourcing) that gives rise to many of these benefits; i.e. the Cloud. As an example, when you write that the password cracking benefit isn’t a benefit of the cloud per se, rather of the elasticity property of the cloud, aren’t you kinda contradicting yourself in the sense that Cloud == Elastic?

Also, re: “the flip side”….if you are going to quote me, at least quote the whole sentence :-). I wrote: “Also, for space reasons, I’m purposely not including the ‘flip side’ to these benefits, however if you read this blog regularly you should recognise some.” If you read the rest of the blog you’ll find I mostly comment on the flip side ;-).

P.S The ‘potential’ in potential benefits was not a disclaimer - it was a call to action. These benefits are not implied by default - some you have to take action to gain entitlement (e.g. forensics).