The randomization can be (and should be) performed on the user's OWN MACHINE by appropriate software, so that the server is NEVER obtaining real data. All you have to trust is that the client-side implementation of the randomization scheme is doing the appropriate thing. Open source versions could be provided that would allow anyone to verify this easily.
You (and MANY others in this discussion) are completely missing the point.
The scheme allows randomization to be performed on the CLIENT side of the wire (that is, your own machine) so that the company/companies NEVER ever sees the real data.
Yes, deploying this properly requires some client-side software to achieve this processing. But given this software, all you have to trust is that the client side implementation is properly implementing the scheme. You enter your real data into the client-side software once, and then forget about it. Server-side software interacts with this client-side software to obtain ONLY the appropriately randomized data. Your privacy is preserved, but companies you interact with can perform meaningful aggregate computations in order to better optimize their services.
Hey, I never said OSS is better than Microsoft with respect to usability. Indeed, from a usability standpoint I agree it's often much worse. My point is simply that we don't have to accept it. There are non-Microsoft non-open-source systems and software that prove software (and hardware) can be easy to use. PalmOS is a widely used example that comes to mind.
"Computers are complicated" is a cop out, though a common one thanks to the current status quo in software quality (for which Microsoft is mostly to blame). Software & computers don't have to be complicated. Read the report -- the problem could be solved by simple usability improvements to the GUI. Ignorant users will always be a given, and software should be engineered to deal with this fact.
Then you replicated/mirror content across all machines. With uServ you just type in the names of the other machines you want to replicate to/with (e.g. see here). With other webservers you can use other disk synchronizing systems (e.g. rsync).
I run a webserver on my laptop and keep the content replicated with an always-on server. When I go offline, the server handles any web requests, but I still have a local copy of all my files for plane trips, etc..
There's this great standard for sharing files over the internet called the World Wide Web. Perhaps you've heard of it?
Seriously -- run a webserver + WebDAV on each of your machines. Then you can read/write from anywhere, and with any platform.
Systems like YouServ/uServ provide a webserver, access control, and mirroring/replication support in a single package. This way as long as only some of your machines are online, the data from every machine remains accessible. Unfortunately the system is not available for general public use, but the system may be in open source soon.
I work on the YouServ (formerly uServ) project and right now we're experimenting with setting it up at Carnegie Mellon University to see what kind of (if any) web community might evolve around this network.
Unlike standard file sharing networks, your identity (by way of your university e-mail address) is clearly tied with your content, so the theory:-) is that should discourage blatant piracy and encourage sharing of "commnity oriented" content. Unfortunately we launched it right before summer break so users are slow in coming, but we hope interesting things (other than rampant piracy:) will happen...
IMO this is a much better example of "community web" since each user has as much control as any other member of the community as to what content is published. Of course this is also rather anarchistic, but that's not necessarily a bad thing.
This is kind of what uServ is intended for, provided your own bandwidth (+ that of your friends) is sufficient for the kind of traffic you're expecting.
Do some ISP's targetted at end users really have outbound bandwidth quotas? Never heard of any myself, but then what do I know?!
Any "real world" implementation would undoubtedly exploit the concept of a super-peer, that is, allow only relatively powerful systems with decent bandwidth to serve as non-leaf nodes. Firewalled or NAT'ed nodes can't be anything but leaves in this system without some protocol extensions.
The system as described seems perfectly adequate for deploying on a LAN, but as you suspect would need some tweaking for a heterogeneous network. These tweaks would be nothing beyond what systems like Morpheus and next-generation Gnutella nets are already doing though.
The thing that I find refreshing about the work from this particular group at Stanford is much of it has immediate applications. It's tough to say that about Chord (MIT), Oceanstore (Berkeley), and several other academic P2P research projects.
Bullshit. I tried Mozilla and Netscape 6.2 last week, hoping they would at last provide me an alternative to Netscape 4 or IE. Unfortunately within a few minutes of use it was apparent that they still suck -- bugs everywhere and SLOW as hell. I also tried K-Meleon, the only one I actually left installed. Unfortunately it's also pretty buggy and lacks many important features.
Disagree strongly. On the internet I can see this being heavily used for sharing family photos with friends, porn, MP3's/multimedia, and simple web pages. Most people could care less if the content is encrypted or authenticated.
Either way there is a (somewhat incomplete) section in the research report discussing how to make it secure if desired via TLS and a Microsoft Passport-like single sign-on scheme.
This is addressed directly in the paper: preserves content availability even after your machine is off the 'net, focus on ease of use / install (for mass appeal), built in dynDNS, works with firewalls or even if you run other webserver software, etc.
Disadvantadges include no scripting / cgi support, but the target audience for this technology could care less.
So if you have a 24/7 connection and have taken the time to set up apache and a dynDNS service to go with it, then there's not much advantage. But I would venture that most people would rather run a 5 minute uServ install to get all these features.
IBM is backing it up only in that they are allowing a very small team (right now pretty much one person) in Research to work on it. Not exactly a huge committment, but it's a step in the right direction. Companies can use this sort of thing to keep large attachments off of overloaded mail servers, so you can justify it in terms of bottom line costs to keep them from pulling the plug:)
uServ lacks a dynamic search capability -- one would therefore think it can't be targetted by lawsuits any more than a traditional web hosting service could. (Though RIAA might have another opinion:).
This is only a research project with a headcount of 1.69 at the moment. In other words, IBM has not made any committments to the project other than letting some people who thought it would be cool to work on it for a bit.
No one has tried it yet (that I am aware of), but it runs on Linux and AIX just fine.
In other words, there's no reason it shouldn't, though it's been somewhat tailored to Win32 (since that's what most of the people around IBM are running).
Slashdot Mirror
The randomization can be (and should be) performed on the user's OWN MACHINE by appropriate software, so that the server is NEVER obtaining real data. All you have to trust is that the client-side implementation of the randomization scheme is doing the appropriate thing. Open source versions could be provided that would allow anyone to verify this easily.
The scheme allows randomization to be performed on the CLIENT side of the wire (that is, your own machine) so that the company/companies NEVER ever sees the real data.
Yes, deploying this properly requires some client-side software to achieve this processing. But given this software, all you have to trust is that the client side implementation is properly implementing the scheme. You enter your real data into the client-side software once, and then forget about it. Server-side software interacts with this client-side software to obtain ONLY the appropriately randomized data. Your privacy is preserved, but companies you interact with can perform meaningful aggregate computations in order to better optimize their services.
Hey, I never said OSS is better than Microsoft with respect to usability. Indeed, from a usability standpoint I agree it's often much worse. My point is simply that we don't have to accept it. There are non-Microsoft non-open-source systems and software that prove software (and hardware) can be easy to use. PalmOS is a widely used example that comes to mind.
"Computers are complicated" is a cop out, though a common one thanks to the current status quo in software quality (for which Microsoft is mostly to blame). Software & computers don't have to be complicated. Read the report -- the problem could be solved by simple usability improvements to the GUI. Ignorant users will always be a given, and software should be engineered to deal with this fact.
Then you replicated/mirror content across all machines. With uServ you just type in the names of the other machines you want to replicate to/with (e.g. see here). With other webservers you can use other disk synchronizing systems (e.g. rsync).
I run a webserver on my laptop and keep the content replicated with an always-on server. When I go offline, the server handles any web requests, but I still have a local copy of all my files for plane trips, etc..
There's this great standard for sharing files over the internet called the World Wide Web. Perhaps you've heard of it?
Seriously -- run a webserver + WebDAV on each of your machines. Then you can read/write from anywhere, and with any platform.
Systems like YouServ/uServ provide a webserver, access control, and mirroring/replication support in a single package. This way as long as only some of your machines are online, the data from every machine remains accessible. Unfortunately the system is not available for general public use, but the system may be in open source soon.
Unlike standard file sharing networks, your identity (by way of your university e-mail address) is clearly tied with your content, so the theory :-) is that should discourage blatant piracy and encourage sharing of "commnity oriented" content. Unfortunately we launched it right before summer break so users are slow in coming, but we hope interesting things (other than rampant piracy :) will happen...
IMO this is a much better example of "community web" since each user has as much control as any other member of the community as to what content is published. Of course this is also rather anarchistic, but that's not necessarily a bad thing.
This is kind of what uServ is intended for, provided your own bandwidth (+ that of your friends) is sufficient for the kind of traffic you're expecting.
Do some ISP's targetted at end users really have outbound bandwidth quotas? Never heard of any myself, but then what do I know?!
Any "real world" implementation would undoubtedly exploit the concept of a super-peer, that is, allow only relatively powerful systems with decent bandwidth to serve as non-leaf nodes. Firewalled or NAT'ed nodes can't be anything but leaves in this system without some protocol extensions.
The system as described seems perfectly adequate for deploying on a LAN, but as you suspect would need some tweaking for a heterogeneous network. These tweaks would be nothing beyond what systems like Morpheus and next-generation Gnutella nets are already doing though.
The thing that I find refreshing about the work from this particular group at Stanford is much of it has immediate applications. It's tough to say that about Chord (MIT), Oceanstore (Berkeley), and several other academic P2P research projects.
Slow comapared to what? C / C++? Sure.
Far faster (3-4x) than Perl & Python though, at least for the server-side tasks for which I've conducted formal comparisons.
Bullshit. I tried Mozilla and Netscape 6.2 last week, hoping they would at last provide me an alternative to Netscape 4 or IE. Unfortunately within a few minutes of use it was apparent that they still suck -- bugs everywhere and SLOW as hell. I also tried K-Meleon, the only one I actually left installed. Unfortunately it's also pretty buggy and lacks many important features.
Disagree strongly. On the internet I can see this being heavily used for sharing family photos with friends, porn, MP3's/multimedia, and simple web pages. Most people could care less if the content is encrypted or authenticated. Either way there is a (somewhat incomplete) section in the research report discussing how to make it secure if desired via TLS and a Microsoft Passport-like single sign-on scheme.
This is addressed directly in the paper: preserves content availability even after your machine is off the 'net, focus on ease of use / install (for mass appeal), built in dynDNS, works with firewalls or even if you run other webserver software, etc. Disadvantadges include no scripting / cgi support, but the target audience for this technology could care less. So if you have a 24/7 connection and have taken the time to set up apache and a dynDNS service to go with it, then there's not much advantage. But I would venture that most people would rather run a 5 minute uServ install to get all these features.
IBM is backing it up only in that they are allowing a very small team (right now pretty much one person) in Research to work on it. Not exactly a huge committment, but it's a step in the right direction. Companies can use this sort of thing to keep large attachments off of overloaded mail servers, so you can justify it in terms of bottom line costs to keep them from pulling the plug :)
uServ lacks a dynamic search capability -- one would therefore think it can't be targetted by lawsuits any more than a traditional web hosting service could. (Though RIAA might have another opinion :).
This is only a research project with a headcount of 1.69 at the moment. In other words, IBM has not made any committments to the project other than letting some people who thought it would be cool to work on it for a bit.
No one has tried it yet (that I am aware of), but it runs on Linux and AIX just fine. In other words, there's no reason it shouldn't, though it's been somewhat tailored to Win32 (since that's what most of the people around IBM are running).