Dieses Wochenende ist wieder Linuxwochenende im metalab, ich werde wieder einen Vortrag zu Open Money halten, ausserdem einen Lightning-Talk zu Generierung von Morse-Code als MIDI-Datei (was für einige Anwärter auf die Amateurfunklizenz vielleicht interessant ist, auch wenn das Code-Requirement inzischen gefallen ist.)
Cloud Computing is becoming increasingly popular — and it is a danger to your freedom. But we can do something about it.
First, when the term Cloud Computing was introduced, it meant a set of low-level services like virtual machines, databases and file storage. Examples of these are Amazon Elastic Computing Cloud and related services. Since these services are quite low-level, they can be replicated by others, an example is the Eucalyptus project.
This means if you aren’t satisfied with the service one cloud computing provider offers, you either can change the provider or — e.g., using Eucalyptus — roll your own.
But increasingly cloud-computing is a relaunch of the old Software as a Service paradigm under a new name. This means that applications like Textprocessing, Spreadsheets, Wiki, Blog, Voice and Video over IP, collaboration software in general is made available as so-called “Web 2.0″ applications — now called “Cloud Applications” on the web.
When using these services, there is a severe risk of Vendor Lock-In — since the applications may not be available elsewhere, you cannot easily switch the provider. Worse: From some of the Web 2.0 Services like social networks (e.g., Xing, LinkedIn, Facebook) you can’t retrieve your own data. Xing for example has a “mobile export” for data, but this works only for paying customers and only exports address data.
And people have started to realize — e.g., in this facebook group — that multiple incompatible applications — escpecially in the social network sector — puts a large burdon on customers to update multiple personal profiles on multiple sites.
But although it has been noted by the Free Software and Open Source community (e.g., in an interview with Richard Stallman and by Eric S. Raymond in his blog) it has not been widely recognized that cloud computing or software as a service — in particular in the form called “Web 2.0″ — creates a vendor lock-in worse than for proprietary software.
For your social networks this may mean that when you retrieve your data (remember, you helped them build that data!), the social network may throw you out as it happened in that case mentioned by Henry Story and later updated here.
The solution to this problem? Don’t get trapped in a data silo. This may still mean that there can be software as a service offerings. But the software needs to be free (as in free speech). So we can still switch to another provider or decide to host our own service.
But companies won’t do it for us. As Doc Searls notes in Silos End: “These problems cannot be solved by the companies themselves. Companies make silos. It’s as simple as that. Left to their own devices, that’s what they do. Over and over and over again.”
So this can only change if customers make and demand the change. A good rule-of-thumb for software as a service is on the page of the Open Cloud Initiative in the article The four degrees of cloud computing openness. While being a customer of a closed/proprietary cloud with “no access” is clearly a bad idea, open APIs and formats don’t work too well — you don’t have the software to work with your data. So the only valid options that remain are Open APIs, Open Formats and Open Source, and in some cases Open Data.
Still most web applications — like most social network software — are of the completely closed type. There are no open formats and no open APIs. So check your dependencies: What web-applications are you depending on and what is their degree of cloud computing openness?
A word on the license to guarantee openness in cloud-computing. As mentioned in the above-cited interview with Richard Stallman, the GNU General Public License is not enough to keep software in a cloud open. The cloud provider could take the software, make own modifications (which you will depend upon) and not release the modified software to you as a customer. Again you have a vendor lock-in. To prevent this, the GNU Affero General Public License has been designed that prevents closed-source modifications to hosted applications.
Finally, for all sorts of social software — not just social network software but everything that creates more value for more people, usually by linking information — should follow a distributed peer-to-peer approach. We don’t want this data to be a siloed application hosted by a single company. And if there are multiple companies hosting the data we already see the problem with multiple social network providers.
So we need standards and distributed protocols. And the implementation should follow a peer-to-peer approach — like seen in filesharing applications today — to make it resilient to failure and/or take-down orders of hostile bodies (like, e.g., some governments). Lets call this “Web 3.0″.
Examples of such social software are of course the social network sector. We already have a distributed protocol for social networking based on the Friend of a Friend Semantic Web Ontology. With this approach everyone can publish his social networking data and still be in control of who can see what. And the data is under user-control, so it’s possible to remove something.
Another example of social software is probably Money (in the sense of micro- or macro payments in the net). Thomas Greco in the book The End of Money and the Future of Civilization asks for separation of money and the state. A future implementation of money may well be based on a peer-to-peer social software implementation.
These social software needs security solutions. We want to model trust-relationships. Parts of the puzzle are probably OpenID and a newly-proposed scheme by Henry Story called FOAF+SSL mainly used for social networking 3.0 but probably very useful for other social software solutions.
So lets work on solutions for the future.
Auf den Linuxwochen hatte ich einen Vortrag zu mISDN, Abstract und Folien auf meiner Homepage. Auf dem Linuxtag in Graz werde ich nächsten Samstag den Vortrag zu Open Money (natürlich in aktualisierter Form, es tut sich ja einiges) halten.
Some time ago at linuxwochenende I’ve outlined my current state of reading on alternative money projects and implementations. Slides (mostly english) are online http://runtux.com/events.html and there is even a video of the talk (in german, see linuxwochenende link above for torrent or html download). The funny money in the title refers to a paper by Ted Lewis, “Why Funny Money Will Have the Last Laugh”, Computer, vol. 33, no. 5, pp. 112,110-111, May, 2000 (all citations on the web seem to disagree on the page numbers I’ll have to dig out my copy and see what the page numbers really are) which is probably not very exciting today but got me interested in the subject.
Now I’ve discovered some more interesting bits I want to document here.
I’ve recently discovered OpenCoin via the peer to peer foundations feed. OpenCoin seem to be among the first who tackle money with a scientific approach to money protocols *and* release their code as open source. They’ve started by formulating requirements which are referenced in two preliminary papers on existing crypto protocols:
In these papers they outline the cryptography to use for their implementation and check these against their requirements. These reports are very preliminary (still contain serious typos for example I’m missing a “not” in section “2.2 Anonymity” in the report on Chaum’s Architecture that distorts the meaning of the whole sentence).
More serious may be that the don’t consider newer approaches to money protocols — this may be due to patent and security considerations: Chaums work is older than 20 years. Protocols that have withstood some time of not being broken might have a higher chance of not developing a serious failure in practice… but it may also be an indication that the field is very wide.
And another sad fact: The web-page of the project is not very lively — the last entries on the wiki are from march this year. Seems that they applied for funding from LGA (London Development Agency) and received that (as indicated on the main page) but never published anything after that. Or maybe they anticipated to receive a funding which never came.
Another interesting project — which actually produced software that is used in practice is Cyclos by the Dutch Social Trade Organisation STRO (used to be called Strohalm).
This is a more traditional approach to a system where a trusted organisation manages a local currency like LETS or barter systems. Also microcredit systems are managed with this system according to their web site.
I’ve recently discussed about money alternatives with Clifford — one thing we couldn’t agree on was if one needs the state as the central authority for issuing money. I argued that there are already many projects (some of the mentioned in the linuxwochenende talk above) doing this today. Cliffords answer was that they’re all backed by the existing money system. I’m undecided on this issue but tend to believe that a local community can agree on a currency without a state. It may even be possible to do something like Terra (a good intro to Terra is on p2pfoundation ). At least we can start now that the existing money system still works (Sort of. Or not. Maybe.).