Cloudy As Buzzwords
Continuing from Unstealthing, Incrementally…
I have many ideas for applications, but most of them seem to rely on similar kinds of infrastructure, in particular a distributed, secure application-level messaging system. Unfortunately, this doesn’t really exist yet, at least not in any form that meets my needs.
What am I talking about here? More colloquially, it’s a mechanism for letting applications all over the network send messages to each other, without requiring a central server, and without allowing messages to be eavesdropped upon or faked.
Let’s take it one buzzword at a time…
Distributed.
I don’t know about you, but I’m getting fed up with centralization. It happens because it’s the path of least resistance: buy a domain name, rent a server, buy more servers and stick a load-balancer up front as your user base grows. It’s solving problems by throwing hardware at them. The end result can certainly work fine, but too often it’s fragile: both technically (site goes down, ten million users get pissed off) and politically (just one domain for China to censor, one company for France to file lawsuits against.)
In social software especially, there’s an additional type of cultural fragility, since the owners, implementors and users of a big social site have different goals and massively different levels of power. Many examples have shown that this creates sites that scale up into the equivalent of planned communities, shopping malls, theme parks, marred periodically by the protests of an angry minority of users against what they see as privacy intrusions or censorship.
Unfortunately it’s hard to use the Web architecture in a distributed way. This would involve lots of small groups (or individuals) running their own Web-based services that interoperated seamlessly. There are certainly technologies that help with this interoperability, such as OpenID and web services (whether REST or SOAP), but the bottom line is that setting up any kind of Web based system is a task that’s way beyond nearly all end-users, just as it was in 1994. It just never got any easier! You still have to know about FTP uploads and file permissions and CGI-BIN directories and Apache logs and MySQL configuration, even to set up something trivial like a damn blog.
So the options for Web-based social software end up being (a) Install it yourself on your vanity domain, if you’re a total geek and don’t mind doing your own tech support; or (b) Patronize some hosted service that will take care of it for you. What happens then, as popularity of this medium increases, is that the hosted services get bigger and bigger, money pours into them, they go into arms races of feature creep and marketing, they get even bigger, and voila! It’s MySpace and FaceBook all over again.
So that leads me to distributed non-Web-based systems. Which are completely untenable because the only way you can run custom oddball software on a real server is to rent your own private server (or virtual one), which costs orders of magnitude more than the regular web hosts that just let you run CGI scripts. Or if you want to run server software on your computer at home, you find that your consumer broadband connection comes with throttled upload bandwidth, no fixed IP address, and terms of service that forbid you from running servers.
Do you see where I’m going? Peer to peer. It’s the ultimate decentralization. If you resolve the scaling problems at the protocol level, then none of the network nodes need unusual amounts of horsepower or bandwidth, and the total supply of both naturally increases along with the user base. Installation of software on desktop computers is a cut-and-dried problem: it’s as easy as downloading and double-clicking an app. And the content is completely in the hands of its creators and users: no Disneylands, no thought police, no ad beacons.
Secure.
“Secure” means a lot of things. In a messaging system, no legit user wants messages to be spoofed, tampered with, censored, read by the wrong people, or sent by the wrong people.
In the Good Old Days, no one worried about this because the net consisted of a few thousand geeks with Ph.Ds who pretty much trusted each other. (And that’s why email is so pathetically vulnerable to all the attacks I just listed.)
In the present day, developers focus on making their big monolithic servers secure from intruders, and the end users mostly trust that the developers are (a) doing a good job of that, and (b) not doing anything unethical themselves with the customers’ data. It mostly works out, I guess, although there are daily reports of embarrassing security holes, crazy new types of cross-site-scripting attacks, “creative” uses of sensitive customer data for marketing purposes, and backup tapes of millions of customer credit card numbers being accidentally left behind on the bus.
The more you think about that, the less crazy it seems to trust a peer-to-peer system where there are no authority figures handing out accounts or enforcing access privileges. Because in such a system you have to actually make everything secure by design instead of just trusting people. Want to create an identity that no one can steal? Generate your own key-pair (and keep your private key safe!) Want to keep the wrong people from reading something? Encrypt it. Want to prove you wrote something and keep anyone from altering it? Digitally sign it.
It’s not like there aren’t any known solutions to this stuff. It’s just that applying them can be tricky, and so far it’s generally been easier to just lock your big server up in a data center instead.
Application-Level Messaging.
What I mean by this is that the messages sent between users’ computers are not necessarily directly human-readable. Unlike emails or instant messages, they might not be delivered right to the screen, but rather to an application that presents them differently. For example, a message might represent a move in a chess game, a revision of a shared document, or a notification of new content stored elsewhere. Sending these as emails or IMs is awkward and relies on having the user intervene by opening file enclosures or URLs.
Next: How Cloudy Does These Things.
April 14th, 2008 at 12:23 AM
Two things.
First, you’ve got my attention.
Second, I’m totally buying a Cloudy t-shirt.
Sounds like a really, really, really interesting way to solve some fundamental problems, and potentially something that could benefit an endeavour I’ve had in the lab for a while now.
I’m eagerly awaiting the next installment.
April 14th, 2008 at 4:39 AM
I’m always trying to find easier way to build networked games, because that’s my favourite kind of application but also so very difficult. Thus, the first thing I did when I ran into the academic network library Pedro was to try to write a game in it. A few hundred lines and I had Mutable Adventure (you can’t run it, since Pedro 0.6 isn’t officially released yet :P). This is the point at which I realized that this would never become anything more than an experiment, because it’s by design utterly insecure and also possibly slow (although I haven’t properly benched it yet).
Now, you can imagine the first thing I’d like to do the second someone’d release something like what you proposed ;)
April 14th, 2008 at 4:47 AM
Nice article, but I have a little gripe: You write that virtual servers are orders of magnitude more expensive than simple web hosts. While I don’t know about America, here a virtual server (with complete root access) costs 9,99 Euros while a web host costs perhaps one or two. This isn’t an order of magnitude, I’d say…
Otherwise, nice hearing someone who doesn’t think web services are the next best thing to sliced bread…
April 14th, 2008 at 4:55 AM
Hi,
This concept looks promising, I can’t wait to read more…
April 14th, 2008 at 7:40 AM
Elliott — Cool! I hope you’ll think it remains interesting even as tawdry reality emerges from the fog of buzzwords ;-)
Joachim — I agree that networking games should be easier. I have a little board-game library that’s awaiting the ability to send moves back and forth; maybe I’ll hook it into Cloudy. Thanks for the link to Pedro, which looks fascinating. I’m going to read the docs even though the word “Prolog” still sends shivers down my spine long after a bad experience with it in college.
Jan — I agree that I was maybe exaggerating for effect. And I’m envious about 9.99-Euro a month virtual servers, even though at current exchange rates that’s probably an arm and a leg for us poor Americans. (But, um, 9.99 :: 1 is an order of magnitude!)
April 16th, 2008 at 8:37 AM
This is exciting, because it seems like recently developers get so caught up in the potential of the Web that the Internet gets forgotten.
I was twittering/thinking to myself a week ago how it seemed that a standard protocol along the gist of DNS-SD but on a user-trusted subset of the wide area network could be an amazing platform for all sorts of development, but also how it seems that well-honed standards are hard (or at least probably should be) to monetize.
If you are able to put together a marketable program while also putting together the plumbing you describe above in an open manner, that will be a fantastic feat!
June 4th, 2008 at 12:56 PM
Decentralized vs Distributed. They are subtle but distinct. Thus, I think you wanted both decentralization (of control) and distribution (of services)?
June 4th, 2008 at 5:34 PM
Anon — I don’t see the distinction the way you do, but in your terminology it’s fair to say that I want both.