Pervasive Computing: Microsoft, MIT And The Future

illuin writes: "There's an interesting article over on BetaNews with a potential take on Microsoft's vision of the future internet, and internet based applications. Of course, it sounds quite a bit like Project Oxygen (press release,) currently being pursued by MIT's Laboratory for Computer Science." The recent "dot-Net" announcement by Microsoft throws a new light on Oxygen, and on other distributed projects like Gnutella and Freenet. Project Oxygen and Microsoft may have radically different views on how all this diffuse computing ought to act and be organized (read "Who pays, how much, to whom?"), but the fact of widely disseminated files and an increase in ASP-style distribution seems inevitable.

Hyperion. [POSSIBLE SPOILER]

[(void*)]

Ubiquitious computing sounds really good. And it might actually sweep our whole society towards it, what with MIT, Microsoft and other tech companies behind it.

This is the future? Can't we have something else? What are the alternatives?

For a very good, poetic rant against this vision, I recommend Dan Simmon's Hyperion and The Fall of Hyperion. Highly recommended reading. If you haven't read it, be warned of spoilers.

In brief, Dan Simmons paints a world where computers control everything, and are truly ubiquitious. With help of their invention, Mankind colonizes the stars, using farcaster portals. But there is a price for this technology. Humankind becomes enslaved, dependent on ubiquitious compuetrs. So much so that they cannot fight an interstellar war. What does the novel offer as an alternative? Real starships. "Real" tech in the form of FTL ships and weapons.

Regardless of whether you agree or not, this is but one of the many threads in the Hyperion story. For those overtly enamored about ubiquitious computing, thinking it will liberate us, this novel is a very good antidote against that.

But like all Sci-Fi, things will never truly happen this way. The novel may be presenting a false dilemma. A good read and interesting viewpoint, nevertheless.

Internet Security Model?!?

[Carnage4Life]

What the hell are you talking about? The email bugs are due to MSFT's faulty security model. Shit, I have friends at MSFT who have admitted that the Outlook team got chewed out for not implementing a sandbox model after the I LOVE YOU virus got out. The virus wouldn't have spread if the developers at MSFT had chosen security over perceived usability.
Secondly, what exactly do you mean by internet Security Model? Do you mean a restructuring of TCP/IP with security in mind or the use of routers to block certain packets (how this would have stopped I LOVE YOU is beyond me). Frankly both your posts seems like the ravings of a clueless non-techie who is pro-MSFT simply because he has bought the hype. Watch this... I LOVE YOU, Melissa and the others were emails sent by users carrying attachments... No Internet Securiy Model will suddenly be able to tell between programmatically sent email and user created email, unless of course you believe some central authority will be able to direct all the mailservers on the 'net to filter certain emails dynamically. Then what happens when some other 'net protocol becomes widely used for proliferating viruses, e.g. MSFT's .NET .

Finally about your little crack about Joel Klein and billions of dollars, what exactly is your point? MSFT got where it was by commiting crimes and breaking federal laws. The fact that it was making money for a few investors should not change the fact that they should be punished for their crimes. If you're trying to pin the fall of NASDAQ on MSFT...Get a clue. The fall of NASDAQ can be blamed on the fact that the Dot Comm Bubble Has Officially Burst, film at 11.

Thank The Pirates For This.

[istartedi]

ASP model is all about piracy prevention. You can't pirate a service as easily as you can pirate a product. Will it benefit the consumer? Of course not. Thank the pirates. Welcome to the future, where you will here people saying "I can't use my word processor, the network is down".

You might want to thank the Free Software movement too. You can't really sell free software. You can sell a service. Software vendors pressured by falling values for software sold in the traditional manner will do what they can to follow the ASP model.

#VRML V2.0 utf8

Holy Mother of Big Brother! Consider privacy!

[orpheus]

I can't believe no one has mentioned the privacy implications of this. 1) you an encode as much as you want during transmission, but there is currently no way to work on the data without decoding first. The main CPU (and the 'rented' progfgram) sees all your personal data, and it's not under your control 2) If you trust all commercial CPU cycle providers (I don't), what about cracked/compromised systems? But more importantly, what evidence do we have that commercial enterprises can be trusted in this fashion? Even EU privacy laws hace limited utility against a US server. 3) Consider this as well... if your apps are following you around, running on whatever machines are nearby, and those machines are programmed to configure themselves to your custom settings, then trojan/virus/macro checking becomes tougher. Each machine can only (at best) detect the known public viruses. Meanwhile that custom reporting macro your employer put in a 'petty cash' template, follows you from bar to bar, to the house of your college friend (who has had more social diseases than Don Juan's taste-tester; and eighteen misc. misdemeanor arrests for DUI, drug possession, disorderly conduct, and trolling /.) Etc. Etc. You can *know* the proper configuration on your home/office machine. An anonymous machine can't recognize what 'belongs' -- And (you heard it here first) what about a macro that is set *not* to load from the server to your home/work machine? One that effectively lives outside your door and follows you only when you're out? Sorry, I'll stick with my private hardware, running my privately owned copy of software -- and the PDA with electrical tape over the IR port

Re:Every security protocol is vulnerable?

[Alik]

This is sheer and utter nonsense. A virtual machine can easily be simple enough to be bug-free and handle every kind of overflow without hurting the machine it's running on.


Oh? So you're willing to sign an affadavit certifying that this virtual machine is absolutely free of security holes and cannot be compromised? No buffer overflows? No hidden back doors? No chance of somebody inserting malicious code into the machine so that when I say "What's the VA stock price" the car-computer gets sent "Set cruise control to 5 trillion miles per hour. Set steering to target that cliff over there. Lock controls, set unlock password to '!seineew era sreenigne droF'"?

Every security model has a vulnerability, be it in the trust model, the underlying implementations, or an actual protocol flaw. There is no such thing as a 100% secure system; all there is is a system which is very hard to break into and which thus discourages most crackers. Unfortunately, given enough time, you will run into a true hacker out to cause you grief, and then your system is going down.

This, IMHO, is another reason why the "network is the computer" philosophy is bad. Removing the net connection from a computer almost always decreases vulnerability by orders of magnitude.

Who provides the cycles? (and other ranting)

[Alik]

I'm personally not convinced that voice-rec is the way to go for mobile computing. If I'm on the bus or anywhere else where someone can hear me, I don't want them to know what I'm saying to my computer. OTOH, if you're actually the one driving the car, it does make sense.

More importantly, though, is this vision that most mobile machines will stream all their data to nearby big iron which will crunch the numbers and stream back finished product. Let's pretend for a bit that the bandwidth issues can be worked out. Who's going to actually be running the machines that provide all these spare cycles? Are we going to have companies which simply maintain large computers for performing standard tasks like voice recognition and Web searching on behalf of mobile users? I personally wouldn't want to be in charge of maintaining a machine which is set up to accept and execute arbitrary tasks from passing users. (Yes, you can use sandboxing and other such strategies, but every security protocol is vulnerable.)

I did mobile-code research for a few years, and the resource question was always coming up. There were some papers written by a grad student with a background in economics, and some modeling was done, but it was never quite proven that this could work. (One can't really model all the various kinds of automated maliciousness that could occur.)

Finally, I'll add the standard gripe that I think ASPs are a step in the wrong direction. I don't want to be continually dependent on a manufacturer for access to an application. Let someone arbitrarily deny me word-processing services because they don't like what I write? Be forced to use a new version of software which adds features I hate and removes the ones I love? No thank you. If I want to take my laptop to Mars and do my word-processing there, I want to do so without interplanetary network lag.

Of course, if played right, this could be a big win for Linux and other free-software projects. I believe that once users get bitten by the ASP model, they will want to get away from it. Obviously, the big companies won't let them. If, however, they can just switch to a purely-local free-software office suite, we might see a large jump in the use of free systems.

The network is not the computer, the computer is not the network, and as far as this user is concerned, there are times when I'd like the network to fuck off and leave me alone with a completely functional machine.