Todays freedom on internet is under heavy attack. To protect us from terrorism, and children from predators, a lot of crazy legislation is forced upon us. Some say the internet summer of love has passed, and from now it will just get colder. It is easy to just get depressed and get on with life, slowly rolling downhill. But, to quote
Benjamin Franklin, "He who sacrifices freedom for security deserves neither".
What I propose below is some of the infrastructure I think we need to build for the future. It is a lot, and it will take time, but it will be fun, and there are lots of people already hard at work creating the necessary building blocks.
Please tell me where I misunderstood technology or trends, and where I should spend more time reading! I need it, you need it, we all need it.
Hardware
It all starts with hardware. In size and shape all we need 10 years from now will be
sized like a smartphone.
It will most likely not be an iPhone, since Apple has shown no interest in opening up their hardware or operating system. Besides, we can't depend on one single vendor. A much more promising platform is
Google Android, with many vendors and a healthy ecosystem.
Processors will be wickedly fast 10 years from now. We will have persistent storage in our hands large enough to hold
all music ever created in the history of mankind.
But all that power is to no avail if there's something similar to the chinese
green dam software or something along the line of Microsoft's
trusted computing forced into our hardware. Any step away from total hardware openness is dangerous, because it could be a way of preventing us from loading our own software on our own computers.
There is open source hardware, such as the
Sparc chipset. I would prefer if it all was open source, and constantly reviewed by an army of people willing to scrutinize it from weaknesses and security vulnerabilities.
Software base
On our open and trusted hardware we'd put an open and trusted operating system, most likely BSD or Linux. It MUST be open source, or we would never trust it. Forget Microsoft and Apple. They have never shown any commitment to openness or freedom in this respect.
This base must be supported by trusted organizations, such as Apache Software Foundation, the Free Software Foundation, Debian and Canonical. We have to donate money so they can maintain a large machinery of trusted computers we can download untampered operating systems and code libraries from. This will cost us real money, but I see no other way to do this.
Encryption
On top of our operating system, or even deep inside it, we need hard core encryption. This is so important that some countries, such as USA, China and France, have tried to ban it less than 10 years ago. Some countries have managed to outlaw hard drive encryption: Afghanistan, Russia, Cuba, Haiti, Iran, Iraq, Libya, North Korea, Syria, Ukraine and Former Yugoslavia. We don't want to join them, do we? If you hear anyone proposing to ban encryption, then you know it might be a fight for our lives, because encryption is at the heart of the future of computing.
Fortunately, encryption is out of the box, thanks to GPG, OpenSSH and others, but expect governments and corporations to try to ban encryption with all sorts of phony arguments. Unfortunately, it is not too difficult to spot encrypted traffic on the internet, so if an anti-encryption law was passed, our internet service providers (ISP's) might be forced to block anything that looks like encrypted messages.
Virtual machine
Next step is a virtual machine. To my knowledge, there really are only two industrial strength alternatives. One is from Microsoft, so it has to be the other one, the
Java Virtual Machine (JVM). You'd be crazy to trust Microsoft. The JVM has open source implementations and has a very good security track record. It can be trusted, and many people are willing to support it.
But 10 years from now we will probably not do most of our programming in Java anymore. The reason is because the processors will probably contain hundreds of processing cores, which will be a
pain to keep busy with Java.
My bet for the future of multicore programming is
Scala, a pretty new exciting language that is both object oriented and functional, runs on the JVM, is open source, and lets you reuse your Java libraries straight off. It also has a cool
actor framework for multi-core computing.
But my thinking goes a little bit longer, in that we should throw the Akka, Swarm or Scalar frameworks on top of Scala.
Akka lets you create software transactional memory over your actors, so that you can do real work with several distributed actors within an in-memory transaction.
Swarm, created by Ian Clarke who created
Freenet, introduces
transparently distributed computation in the cloud. This means you can write your Scala programs without having to bother with scalability - your code will move around to where data is located, instead of todays paradigm where data is moved from a database to an application server for processing.
Scalar is a DSL (Domain Specific Language) written in Scala to facilitate grid computing on to of the
GridGain framework.
Distributed computing sandbox
This is where internet freedom comes in again (sorry for going off on a tangent like that). On top of the hardware, operating system, encryption, JVM and Scala language (all open source) we would load a Akka/Swarm/Scalar module, much in the same way
Popular Power worked. It would be a secured sandbox on your computer, open to the world. Files and data from other people could reside on a part of your hard disk owned by this sandbox. Actors in an Akka application could execute here, code in a Swarm application could migrate here, since the data it needs might be there, and computationally very expensive jobs could with Scalar be sent off to the distributed grid.
It would all be encrypted - files, data and code. Your computer would be safe from whatever happens inside that sandbox, and to you it would be mostly a black box you can't do much with, except for two things:
- Drop your files into it for safe storage. Perhaps the Riak web database might be part of the solution?
- Drop your jobs into it for execution, and then later collect the result.
You can turn off the sandbox if you so wish. It wouldn't matter much, because all files in the cloud of which your sandbox would be part, is replicated all over the planet, in slices and pieces much like the
BitTorrent protocol works. Not much goes wrong if one sandbox disappears - the distributed file system just needs to spread some files just a little bit more. The sandbox file system would always make sure there are enough copies of your files across the cloud so that you can get your files even if whole continents slide into the ocean, or all cables across the Atlantic are chewed off by killer whales.
But if you turn off your sandbox, then you can't send your own applications and data into it, since it is the portal to the distributed computing
darknet.
You wouldn't want to save your files or applications on your own machine, instead you'd sign yourself to be the owner of your files, encrypt them and send them off to the darknet where the files would be safely replicated and accessible only by you. You assign most of your hard disk to the cloud, and others do the same. Nobody cares where files resides, as long as you trust they don't ever go away.
File sharing? Well, all files that you don't encrypt are shared with all. You can claim ownership if you wish, which might make it possible to restrain how they can be used, but except for that it is just common files.
Whenever you'd want to send new versions of your applications to the darknet (agents acting on your behalf), the old ones would be replaced. Perhaps we need a new and faster machinery similar to DNS for this. We might need a replacement for DNS anyway, so perhaps it could serve several purposes.
Trusted peers
So, would you let your sandbox open to just anyone on the net? Not necessarily. I believe we'll start using network of trusted peers. You would connect with your closest friends and share encryption keys with them, so that you can communicate safely with each other through strong encryption, much like
OneSwarm.
Your sandbox would communicate with their sandboxes. Your friends may have other close friends they trust, so what is stored on your disk and executes on your computer may come from a friend of a friend who you may not necessarily trust. There will perhaps be a way of fine tuning trust, so that you trust some people more than others. This is certainly not my speciality, so it would be interesting to hear more about such systems.
Potentially there might be some pixels of encrypted child porn on your disk, but you would never be able to tell, so you wouldn't really care, in the same way a mailman delivers mail without looking inside envelopes. Besides, your disk may legally be owned by you, but technically it is just part of the darknet cloud. Who cares, in 10 years it will cost barely nothing!
Key rings
The public encryption keys you get from your trusted peers, as well as your own private keys, must be saved in a safe way. Backed up on USB sticks, your watch, or otherwise. I hope we get really good software and hardware for this in the future. Perhaps it already exists?
Onions and P2P
Traffic originating from you may not go directly to an external website such as http://www.bbc.co.uk, but instead routed first to one of your trusted peers, whose sandbox may automatically at random relay it further on to its trusted peers, in a way similar to
Tor. The traffic may surface unencrypted far away from you and be totally anonymous, so that censorship can be avoided altogether.
Security
This will of course need some major thinking, but it should not be too hard to make your machine safe from potential evil goings-on inside the sandbox. The Java Virtual Machine should handle this, if configured correctly.
What if someone floods the darknet with junk files, just to fill it up? Well, I envision a quota system enforced by the sandboxes, so that if you set off say 500 GB of your hard drive to your sandbox, then it will stop you from dropping more than say 100 GB of data into it (remember, all files are replicated across the net).
What if someone floods the shared computing cloud with actors consuming huge amounts of CPU? Well, the same quota system could be setup so that the longer you have had your computer open for others to use for computing, the more cycles you have saved up for your own use on other machines. The sandbox would stop you, in some way, from gobbling up too much CPU out there. But I don't see this as too much of a problem, really, since most computers are mostly just idling anyway.
What if someone is using the CPU of our machine in an attempt to crack the encryption of someones files? Well, we can use the CPU of other peoples machines to encrypt our files, so I don't think it will work. It is much much much easier to encrypt a file than trying to crack the same encryption. At least that is what current cryptology science tells us, but various government agencies may know much cheaper ways to do it that currently isn't common knowledge. Only time will tell.
So, where do we start?
Perhaps there is already an effort to do something similar. If so, let me know. It is a big task to get working, and I want to help. If there are no such efforts, why not start one now?
