EKR: February 2008 Archives


February 28, 2008

One of the main reasons to have a blog is to call a bad idea a bad idea. Here's one. Former FBI Agent Patrick J. Dempsey suggests:
It's obvious that the Internet requires some type of governance. But it is just as obvious that trying to establish this governance through the numerous legal systems might not be practical. The other possibility for governing the Internet, and, more specifically, the criminal activity that occurs on the Internet, would be to change the structure of the Internet. Although I don't support ideas like the "national firewalls" put in place by some countries, this type of solution does afford some level of control over Internet traffic flowing through said country.

However, knowing all the possibilities with disguising or "spoofing" one's information on the Web, I'm not sure that there is a way to truly "protect our borders" when it comes to the Internet. The solution might be to establish two Internets -- the current Internet and a new, more secure Internet where users would be required to register prior to gaining access. Once again, though, we're confronted with the issue of what would be the governing body that would manage the user registrations? Would it be an organization similar to the IANA (Internet Assigned Numbers Authority) or InterNIC that would manage user registrations on the "new" Internet, or do we need to establish an entirely new entity to manage a more secure Internet?

The problem with this idea is it's totally confused about the security problem with the Internet, which has a lot more to do with stupid users and insecure software than it does with failing to authenticate everyone with a modem.

Let's play this out: you set up your new secure Internet. There's already an Internet 2, so let's call it Internet 3 or I3. Anyway, we've got I3 up and running and before they'll give you a connection you have to give them your fingerprint, irisprint, a blood sample and the keys to your car. Of course, if if you want I3 to be useful, you have to let pretty much anyone on, so just like the Internet, I3 is full of hackers. And since your software isn't any more secure than it was before, you're still just as likely to have your machine compromised. Now, it's true that having positive identification for each user might forensics a tiny bit easier: once you've managed to track the user down to the account they initially logged in from, you know who to arrest. But of course, hackers use compromised machines as stepping stones, so tracking them down isn't easy, and of course it's not exactly difficult to steal people's account information and log in as them instead of yourself.

Even if we somehow were able to create an I3 without any hackers on it, it wouldn't stay that way for long. I3 is one big sterile area, so as soon as any significant number of compromises happen it's game over. Initially, I3 is going to be pretty lame, so people are going to use both the Internet and I3. And since the Internet is full of hackers and their machines are compromised and they're going to use the same machines for both the Internet and I3, it's not going to be long before plenty of I3 credentials are circulating in the hacker community. Creating isolated networks is really hard even when you're working in real high security environments. It's basically impossible when you're dealing with millions of people, many of whom are willing to run any random .exe file you send them.


February 27, 2008

C. Jennings, B. Lowekamp, E. Rescorla, J. Rosenberg, S. Baset, H. Schulzrinne, REsource LOcation And Discovery (RELOAD), draft-bryan-p2psip-reload-03.txt.

D. McGrew, E., Rescorla, Datagram Transport Layer Security (DTLS) Extension to Establish Keys for Secure Real-time Transport Protocol (SRTP), draft-ietf-avt-dtls-srtp-02.txt.

J. Fischl, H. Tschofenig, E., Rescorla, Framework for Establishing an SRTP Security Context using DTLS, draft-ietf-sip-dtls-srtp-framework-01.txt.

E. Rescorla, Keying Material Extractors for Transport Layer Security (TLS), draft-ietf-tls-extractor-01.txt.

T. Dierks, E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.2, draft-ietf-tls-rfc4346-bis-09.txt.

One of the first rules of crypto is that if there's a crypto primitive that's possible to build, no matter how stupid, someone will eventually build it. Nothing wrong with that—that's what cryptographers are supposed to do. But just because something is possible doesn't mean it's useful. Case in point, identity-based signatures. You may have heard of Identity-Based Encryption, in which the public key and private key are derived from your identity (e.g., your email address). Anyone can compute the public key, but you need to get the private key from a key generating authority (KGA) which serves a similar role to the CA in a PKI system. The value proposition here is that you don't need a copy of someone's certificate in order to encrypt a message to them—you can compute their public key knowing only their identity (and which KGA they use). More on this here. This means that there's no need for a certificate directory, which has historically been one of the inconvenient parts of PKI.

Unsurprisingly, IBE has a signature variant, known as Identity-Based Signatures. The basic concept here is the same: the public key is derived from your identity and you get your private key from the KGA. The value proposition is the same too: anyone can verify your signature without having your certificate. The problem is that it doesn't really add much value. In a PKI system, when you send a signed message you send (Message, Signature, Certificate). In an IBS system, you sent (Message, Signature, Identity). Otherwise, the data flow is the same. Basically, IBS is just a fancy (OK, really fancy) way of compressing the signer's certificate. 1

So, why am I going on about this? Someone just suggested using IBA in the IETF SIP WG. (draft here, mailing list discussion here, starting with my review.).

1. Indeed, as Hovav Shacham pointed out to me, the difference between an ordinary PKI system and an IBS system is to some extent a matter of semantics. Think of the certificate as part of the signature and certificate verification as part of the signature verification. It's true that the signature isn't deterministic, but then plenty of signature schemes (e.g., DSA), aren't.


February 25, 2008

Blake Ramsdell alerted me to this lawsuit over Network Solutions whois domain locking policy:
LOS ANGELES, Feb. 25 /PRNewswire/ -- Network Solutions has forced millions of people to buy Internet domain names from them instead of cheaper competitors through a scheme that's netted the firm millions of dollars, a federal class action lawsuit filed today by Kabateck Brown Kellner, LLP states. ICANN, whose policies facilitate the scheme, is also named in the suit, filed in U.S. District Court, Central District of California.


Whenever someone searches for the availability of a domain name through Network Solutions' website, the company immediately registers the name for itself, preventing other companies from selling it and forcing consumers to pay Network Solutions' expensive fees.

If a consumer were to go to another, cheaper site to register the name, they would find the name is "unavailable." Consumers are never informed that inquiring as to a name's availability through Network Solutions results in the company holding a monopoly on selling that name.

I'm not too surprised to see someone suing NSI over this, but what's interesting is that they're suing ICANN. Based on ICANN's contract with NSI, it looks like ICANN can promulgate rules that would forbid NSI from doing this name locking trick (though it would require the creation of a "Consensus Policy"). But that doesn't necessarily mean that you can sue ICANN to require them to promulgate such a policy—or rather that you can prevail.


February 21, 2008

Check out this report from Seton Hall, published two weeks ago. They FOIAd a bunch of documents an uncover some, stuff that is not widely known (þ Slate):
I. A report issued by a Lieutenant General of the United States Army indicates that more than 24,000 interrogations have been conducted at Guantánamo since 2002.

II. A second report, produced almost simultaneously by the Surgeon General of the United States Army, reveals that all interrogations conducted at Guantánamo were videotaped. Thus, many videotapes documenting Guantánamo interrogations do or did exist.

This has the potential to become interesting pretty fast.


February 20, 2008

Cayman bank Julius Baer Bank and Trust has convinced a federal judge to shut down DNS service for wikileaks.org.
On Friday, Judge Jeffrey S. White of Federal District Court in San Francisco granted a permanent injunction ordering Dynadot, the site's domain name registrar, to disable the Wikileaks.org domain name. The order had the effect of locking the front door to the site -- a largely ineffectual action that kept back doors to the site, and several copies of it, available to sophisticated Web users who knew where to look.

Domain registrars like Dynadot, Register.com and GoDaddy .com provide domain names -- the Web addresses users type into browsers -- to Web site operators for a monthly fee. Judge White ordered Dynadot to disable the Wikileaks.org address and "lock" it to prevent the organization from transferring the name to another registrar.

The feebleness of the action suggests that the bank, and the judge, did not understand how the domain system works, or how quickly Web communities will move to counter actions they see as hostile to free speech online.

The site itself could still be accessed at its Internet Protocol address ( -- the unique number that specifies a Web site's location on the Internet. Wikileaks also maintained "mirror sites," or copies usually produced to ensure against failures and this kind of legal action. Some sites were registered in Belgium (http://wikileaks.be/), Germany (http://wikileaks.de) and the Christmas Islands (http://wikileaks.cx) through domain registrars other than Dynadot, and so were not affected by the injunction.

There's also a mirror at cryptome.

For those of you who don't know how this all works, there's registries, who actually run the domain name (.org in this case) and then there are registrars, who actually deal with the customers. Any given top level domain typically has multiple registrars that service it, all of whom populate the same database, operated by the registry. So, the locking thing stops Wikileaks from transferring their domain to another registrar who would then reactivate it.

OK, so this order controls the registrar. But can Wikileaks just go to the registry and get them to move it to some other registrar, locking notwithstanding? In this case, Wikileaks is under .org, which is run by the Public Interest Registry. Operationally, the PIR is run by Afilias. Both of these are based in the US, so presumably the injunction could be expanded to include them as well. On the other hand, as the article notes, there are plenty of registries with no US connection and the only way for a US judge to take down them domains under them would be to go after ICANN, which, despite complaints about the US running the DNS seems pretty unlikely.

As you may be gathering at this point, this is all pretty pointless. It's basically impossible to censor stuff like this once it gets out. We're seeing the first level of countermeasure here, but even if by some miracle the judge managed to shut down every domain name serving the contraband material (and since the decision loop for spreading those domain names is a lot faster than your average judge's decision making process), people can just move to IP addresses published by some other means (like other people's web sites). And there are about three levels of escalation up from there, all of which are progressively harder to censor.

It will be interesting to see if JBBT goes after cryptome.org, though.


February 16, 2008

The EFF has obtained a document under FOIA describing an incident in which an email provider which was served by an NSL for some email communications and accidentally sent far too much information to the FBI:
In late February 2006, a surge in data being collected by the FBI's Engineering Research Facility (ERF) was identified by ERF personnel. As a result ERF investigated the issue and recognized that the collection tools used to collect email communication from the subject of the investigation were improperly set and appeared to be collecting data from the entire email domain. due to an apparent miscommunication, the private internet provider accidentally collected mail from the entire domain and subsequently conveyed the email to ERF.
(NYT story here).

I'm sort of curious what kind of tools the ISPs are using here. You certainly can reconfigure your mailer to forward copies of emails to certain addresses to somewhere else, though mail going out is a little trickier. In any case, I'd be a little surprised if the FBI expected something quite so DIY. Maybe when they send you an NSL it comes with a pamphlet telling you how to reconfigure Outlook.

Apparently, this happens reasonably often. The FBI calls it "overproduction":

A report in 2006 by the Justice Department inspector general found more than 100 violations of federal wiretap law in the two prior years by the Federal Bureau of Investigation, many of them considered technical and inadvertent.


In the warrantless wiretapping program approved by President Bush after the Sept. 11 terrorist attacks, technical errors led officials at the National Security Agency on some occasions to monitor communications entirely within the United States -- in apparent violation of the program's protocols -- because communications problems made it difficult to tell initially whether the targets were in the country or not.

Past violations by the government have also included continuing a wiretap for days or weeks beyond what was authorized by a court, or seeking records beyond what were authorized. The 2006 case appears to be a particularly egregious example of what intelligence officials refer to as "overproduction" -- in which a telecommunications provider gives the government more data than it was ordered to provide.

The problem of overproduction is particularly common, F.B.I. officials said. In testimony before Congress in March 2007 regarding abuses of national security letters, Valerie E. Caproni, the bureau's general counsel, said that in one small sample, 10 out of 20 violations were a result of "third-party error," in which a private company "provided the F.B.I. information we did not seek."

To quote Broken Arrow, " I don't know what's scarier, losing a nuclear weapon or that it happens so often there's actually a term for it." Outstanding!


February 15, 2008

Now that the House has at least temporarily refused to pass the extension of the administration's warrantless wiretapping power, there's a lot of talk about how it's destroying the security of America. For instance, here's President Bush:
"Our intelligence professionals are working day and night to keep us safe," Mr. Bush said, "and they're waiting to see whether Congress will give them the tools they need to succeed or tie their hands by failing to act."

Obviously this could be true, but we have no way to tell whether it is or not because from the beginning the Bush Administration has kept pretty much all the details about the program, including whether it's done anything useful, secret, even from Congress:

(CBS/AP) With legislation that would legalize President Bush's eavesdropping program entangled in a battle over the side issue of corporate immunity, the White House sought to move the process forward by acceding to requests from the Senate Judiciary Committee to view classified documents its members have long demanded.

However, the White House continued to draw a line between Senators and House members.

Senate Judiciary Committee Chairman Patrick Leahy, D-Vt., had demanded that other members of the panel have the same access to the same documents before he considers giving immunity to telecommunications companies that may have tapped Americans' telephones and computers without court approval. The measure is an amendment in the Senate's version of the bill rewriting the Foreign Intelligence Surveillance Act (or FISA).

White House Counsel Fred Fielding had offered to let Chairman Patrick Leahy and ranking Republican Arlen Specter see documents that might persuade them to include liability protection for telephone companies, but initially only to them.

Later Thursday, the White House agreed to expand the documents' distribution.

I'm not saying that this program isn't essential. The problem is that we have no way of knowing because the administration has deliberately denied the public the information it would need to assess what the program is and how and whether it works. We're told that that information is classified and that it's strongly implied that if we did have the information we would agree that it was important.

Again that could be true, but I remember back in the 90s when the debates over cryptography export controls were going on and we were told almost exactly the same thing, namely that wiretapping was really important and that if we just could see the classified information we would be in favor of keeping them. There was widespread skepticism about these claims on the not entirely implausible theory that the NSA might not be entirely objective about the tradeoffs between their desire to listen in on everyone's communications and people's desire to keep them private, and that just maybe it was a lot easier for them to make their case if, you know, the public didn't know anything. Anyway, when the NRC committee studying crypto policy investigated them they concluded that"

This unclassified report does not have a classified annex, nor is there a classified version of it. After receiving a number of classified briefings on material relevant to the subject of this study, the fully cleared members of the committee (13 out of the total of 16) agree that these details, while necessarily important to policy makers who need to decide tomorrow what to do in a specific case, are not particularly relevant to the larger issues of why policy has the shape and texture that it does today nor to the general outline of how technology will and policy should evolve in the future.

The basic problem here, as with the cryptography issue, is that there's a conflict of interest when the people who favor some particular policy also control the supply of information about the merits of that policy—they have a natural incentive to characterize the evidence in the way most favorable to their position. This is of course natural, but it should make you pretty suspicious when you're told that you can't have the information you would need to make an informed decision.


February 14, 2008

The NYT reports on an interesting concept, making synthetic fuel from atmospheric CO2:
Scientists there say they have developed a way to produce truly carbon-neutral fuel and useful organic chemicals at large scale using water and carbon dioxide removed from the air as raw materials. There are plenty of schemes brewing to capture carbon dioxide, both directly from the atmosphere and from the stacks of power plants. All of them, for the moment, are costly or hard to envision at the billion-tons-a-year scale that would be needed to blunt the buildup of carbon dioxide in the atmosphere coming mainly from fuel burning.

UPDATE: 2/13, 5 p.m.: This plan has a minor hurdle, too; the electricity for driving the chemical processes, according to a white paper describing the overarching concept, would come from nuclear power. The proposal says it'd be worth it to have a payoff of steady, secure streams of methanol and gasoline with no carbon added to the atmosphere (and a price for gasoline at the pump of perhaps $4.60 a gallon -- comparable to petroleum-based fuels as oil becomes harder to find).

So, I don't know if this particular plan makes sense, but there's an important underlying concept here: gasoline (any fossil fuel, for that matter) serves two purposes: it's both a source of stored energy that we can extract and an energy transportation medium. From a physics perspective, energy is energy, but since batteries have a fairly low storage capacity and you don't want to tow a power line behind your car, chemical fuels are pretty much the only game in town. That's why people are interested in hydrogen power, since it's plausible that you can synthesize it from common materials (e.g., water) by application of energy. Hydrogen's not an energy source in itself, but it's at least a plausible carrier.

Unfortunately, it's not really that plausible a carrier. The problem is that it's not really compatible with our current storage and distribution infrastructure. On the other hand, if you had some way to efficiently synthesize liquid fuels that were compatible with the existing infrastructure, then you could synthesize it centrally without changing anything else. Moreover, this would give you flexibility to use any energy production mechanism that was convenient or practical (wind, solar, nuclear, etc.)

Based on this article, I can't tell if this method actually is practical and of course it doesn't solve the problem of aggregate energy supply. However, a practical version of something like this would allow you to separate the fuel problem from the energy problem, which seems like a good first step.


February 12, 2008

Via Matthew Yglesias and Feministing, Time on facial hair throughout the years:
Goatee First seen on rebels like Johnny Depp, this quietly defiant display of masculinity may have been part of a backlash to feminism.

Uh, huh. Yglesias's commenters home in on the real reasons:

I thought people grew those to camouflage their double chin, or to compensate for balding.


The goatee is the combover of the internet age.

Sounds about right to this bald guy with a receding chin...


February 10, 2008

Watching the election on Super Tuesday it was interesting to see the enormous gap between Clinton and Obama at the beginning of the night and watching it narrow as more results were counted. Given that these early returns showed high percentages for Edwards, who ended at 4.1%, I speculate that they reflected early vote-by-mail/absentee votes. This matches up with pundit predictions that the early votes (pre-Obama surge) would be substantially more for Clinton.

Oregon already conducts all their elections by mail and according to Wikipedia, all but two of Washington state's counties are vote-by-mail. It's also one not uncommon reaction to concerns about the security of electronic voting systems (I'm not saying it's a good reaction.) As we're seeing here, one interesting impact of vote-by-mail is that it significantly affects the election timeline in two ways:

  • It increases latency because people need to decide on how they're going to vote well in advance of the election (even if there's a way to retract your ballot, it seems doubtful that most people will do so unless conditions really change.)
  • It decreases the temporal coherency of the election. In a standard election, everyone votes on the same day, but in vote-by-mail, people submit their ballots over the days and weeks before.

This seems like a small change, but I'd expect it to really modify required electoral strategies. A last minute attack ad is a lot less effective if people have already voted, and if there's no distinct election day, then it's hard to know when to time your ad buys/media events, etc. In general, it seems like a mass transition to vote-by-mail would greatly increase electoral intertia. Whether that's a good or bad thing depends on you're the frontrunner.

Obviously, this is pretty handwavy. If any EG readers know of some more formal analysis of, please let me know.


February 9, 2008

Lutsey, Steffen, and Stevens report study of dietary intake and "metabolic syndrom" (MetSyn), described as "a cluster of cardiovascular risk factor abnormalities associated with increased risk of type 2 diabetes mellitus, cardiovascular disease, and all-cause mortality." Here's what they found:
Background--The role of diet in the origin of metabolic syndrome (MetSyn) is not well understood; thus, we sought to evaluate the relationship between incident MetSyn and dietary intake using prospective data from 9514 participants (age, 45 to 64 years) enrolled in the Atherosclerosis Risk in Communities (ARIC) study.

Methods and Results--Dietary intake was assessed at baseline via a 66-item food frequency questionnaire. We used principal-components analysis to derive "Western" and "prudent" dietary patterns from 32 food groups and evaluated 10 food groups used in previous studies of the ARIC cohort. MetSyn was defined by American Heart Association guidelines. Proportional-hazards regression was used. Over 9 years of follow-up, 3782 incident cases of MetSyn were identified. After adjustment for demographic factors, smoking, physical activity, and energy intake, consumption of a Western dietary pattern (Ptrend=0.03) was adversely associated with incident MetSyn. After further adjustment for intake of meat, dairy, fruits and vegetables, refined grains, and whole grains, analysis of individual food groups revealed that meat (Ptrend<0.001), fried foods (Ptrend=0.02), and diet soda (Ptrend=< 0.001) also were adversely associated with incident MetSyn, whereas dairy consumption (Ptrend=0.006) was beneficial. No associations were observed between incident MetSyn and a prudent dietary pattern or intakes of whole grains, refined grains, fruits and vegetables, nuts, coffee, or sweetened beverages.

Conclusions--These prospective findings suggest that consumption of a Western dietary pattern, meat, and fried foods promotes the incidence of MetSyn, whereas dairy consumption provides some protection. The diet soda association was not hypothesized and deserves further study.

(Full article behind a paywall, but I have sources).

So, working through the actual analysis, it looks like what they did was cut the level of consumption of each pattern or individual food group into quintiles and then compare the relative risks in each quintile. So, for instance, the highest quintile of the Western diet has an 18% (1.03 - 1.37) higher risk of MetSyn than the lowest quintile. At some level, this is good news if you tend to eat an "unhealthy" diet. An 18% increased risk really isn't that much, and you might well be willing to absorb it in order to keep eating stuff you like all the time, especially because the second quartile has a 13% increased risk, so you'd need to make pretty dramatic changes in order to see much improvement.

One question I'm having trouble extracting here is the extent to which the effect of the "Western Diet" is dominated by consumption of meat and fried foods (the only factors tha are significant in this model.) It's certainly possible that you could get away with eating all the sugar you wanted as long as you stayed off the chicken fried steak. On the other hand, it doesn't look like eating your vegetables helps at all.

The other result that's gotten a lot of press here is the association between diet soda consumption and MetSyn (34% in the highest tertile). As the authors say, it's hard to know if this is a cause or an effect, and needs some more study.


February 7, 2008

There's turning out to be a problem with LA County's optical scan voting system. This is an interaction between California's open primary and optical scan balloting. The backstory here is that California's Democratic and American Independent primaries allows voting by "decline-to-state" voters, but they need to fill in a bubble on the ballot to indicate which primary they want to vote in.(sample ballot here).

LA County uses a system called InkaVote Plus, made by ES&S. This isn't one of the systems we worked on in the TTBR. What it is is a centrally counted optical scan with a local checker. The way that this works is that the voters vote on paper ballots which are then checked by a local checking machine, called the precinct ballot reader (PBR). If there is something wrong, it spits the ballot out with some sort of warning (it's hard to tell from the video how good the warnings are). If the ballot checks, it drops into the ballot box. At the end of the election, the ballots get shipped back to county central, where they're counted in central optical scanners.

The nice thing about this design is that it's fairly resistant to technical attacks on the computerized part of the system—all the authoritative counting is done in scanner where access can be restricted to state employees. But because there is checking at the polling place, in principle you can catch voter errors. What's interesting is that it apparently didn't catch them here. It's possible that there are areas that aren't using the ballot check feature, but more likely the PBRs are only programmed to detect overvotes, not undervotes, and this just looks like a particularly egregious undervote.

The thing that I don't quite get here is that reading the coverage it sounds like decline-to-states and Democrats (or AIs) get the same blank ballot, so how does the central scanner know whether you're a registered Democrat or night (registered Democrats don't need to fill in the bubble)? Do they go in different bin or is there some other mark that indicates that they are decline-to-state voters or what?

UPDATE: Fixed link to sample ballot. Thanks to Steve Bellovin for pointing this out.


February 4, 2008

As you may have heard, the first MacBook Airs become available today. Gigantic Apple Fanboy Terence Spies has been waiting for weeks to buy one, so naturally when we heard they might be available we hoofed it over to Apple Store Palo Alto.1 They didn't have any SSD Airs in stock, but plenty of hard drive ones, and since the imperative here was to get something, anything, and there is a $999 price premium for the SSD, Terence went for the hard drive.

Anyway, I got to spend about 2 minutes with the gadget before Terence whisked it away to his next meeting. Based on that experience, I'm totally unqualified to say anything useful about it other than it's incredibly thin and light, and the screen looks pretty good too. On the other hand, unlike the iBook I'm typing it on, it's got this creepy third eye thing going on in the top center of the LCD bezel. If I buy one of these suckers, I'm definitely going to need to invest in some electrical tape.

1. Actually, I called first, but just got some sort of IVR and then no answer. This is actually a bit surprising, since you'd expect that their IVR would automatically recognize from caller-id that I was an iPhone early adopter and automatically transfer me to the the "Apple Sucker MacBook Air availability hotline."


February 3, 2008

I don't claim it's any kind of statistically significant sample, but on my run today, I saw 5 Obama lawn signs and 0 for anyone else.

February 2, 2008

The NYT describes some pretty cool research by Yorobyev and Guo where they use a femtosecond laser to restructure the surface of a metal and change its optical properties. Here's their abstract. The article is behind a paywall, but here's the NYT summary:
The result is that pure aluminum looks like gold, and the appearance is literally skin deep.

"I cannot tell it's not gold," Dr. Guo said. "It looks very pretty."


The laser bursts -- each lasting only about 60 millionths of a billionth of a second -- melt and vaporize metal atoms near the surface, which then reassemble in minuscule structures including pits, spheres and rods that are a fraction of a millionth of a meter in size.

By changing the length, strength and number of pulses, the researchers found they could vary the resulting color.

In some cases, the change causes the structures to absorb a range of colors so that they cannot be seen. But the colors that are not absorbed are still reflected, and thus visible, resulting in gold aluminum or dark blue tungsten.

That's some clever stuff. Not quite programmable matter, but still pretty cool.


February 1, 2008

Writing about Microsoft's acquisition offer for Yahoo (everyone has a clever proposed name for this, mine is MiHoo, pronounced my-hoo), Chris Wilson says:
As access to the Internet has become ubiquitous, computer users have increasingly gone to the Web for what were once offline tasks. In the near-future, it will become more efficient to run an application, like a word processing program, off of a central network of computers rather than an individual hard drive. The concept is known as "cloud computing": Documents will begin and end their lives on a server rather than a personal computer, and users will be able to access their personal documents and favorite programs wherever they are with any networked device.

Wilson is certainly right to observe that there is real interest in moving functionality from the machines on people's desks to servers, but of course we've been around this cycle a number of times before (remember mainframes? minis? XTerminals? the SunRay?) so it's not like conditions here are unique. What's semi-unique is that the we're returning to the really early days of computing where (at least sometimes) clients from multiple organizations connect to a central server owned by some other organization. Back in the day, it was because computers were so expensive, now it's driven by networks and computers being cheap, but management being expensive. (As Tech Ennui observes, this is related to, but not the same as Myers and Sutherland's wheel of reincarnation).

It's also not really clear how much Web apps like the ones Google is building are really going to take off. People are really pretty committed to their desktop word processing apps, spreadsheets, etc. It remains to be seen if they're really going to be willing to outsource them to Google, Microsoft, whatever.

Interestingly, in order to move the nominal location of services into the cloud, we're moving processing onto the desktop (this is different from say XTerminals, where nearly all the processing was on the server (the X client)). Classic Web apps use the client as a dumb display engine but Web 2.0 AJAX-style apps move processing onto the client using JavaScript. In fact, if you squint hard enough, AJAX looks a tiny bit like NeWS.