I hope I understand your question correctly.
The request asks for something in protected memory and also asks for something based off a portion of the protected memory (like the first byte). The system denies access to the request then puts both results in cache.
The attacker then asks for a byte of memory similar to the second request, which the system tries to get from cache but then goes to memory since it wasn't in cache. The attacker doesn't want that result so cancels the request and asks for another byte similar to the second request. That process repeats until the system says "Hey this byte is in my cache" and gives the result back to the attacker. That let's the attacker know what the first byte of that protected memory was. The attacker then repeats that whole process until they've read the entire protected memory, which is at a rate of 1500/bytes a second.
It never gets the actual protected memory from the cache.
Containers are an abstraction that exist using cgroups and namespaces for isolation. They use the hosts' kernel, it's not virtualized. Containers are only limited by the capabilities of namespaces and cgroups, unlike vms.
You might be dismissing microservices too quickly. They do have overhead but so does any level of abstract; the benefit of them though is clear separation of responsibilities between services and residency(Swarms, clusters, etc). Both can be achieved with Vms but VMs weren't built with these goals in mind
This is a very important issue. Doctors are over prescribing and jumping to unneeded surgeries. The question is, are they doing it out of fear of a malpractice lawsuit for denying a patient what they need or is it from kickbacks, incentives and the knowledge that the persons insurance will pay them?
Just because something works doesn't mean it's not a broken system.
Suprised that no one else has commented on this article.