2009-11-26

Technology stack for future freedom

Todays freedom on internet is under heavy attack. To protect us from terrorism, and children from predators, a lot of crazy legislation is forced upon us. Some say the internet summer of love has passed, and from now it will just get colder. It is easy to just get depressed and get on with life, slowly rolling downhill. But, to quote Benjamin Franklin, "He who sacrifices freedom for security deserves neither".

What I propose below is some of the infrastructure I think we need to build for the future. It is a lot, and it will take time, but it will be fun, and there are lots of people already hard at work creating the necessary building blocks.

Please tell me where I misunderstood technology or trends, and where I should spend more time reading! I need it, you need it, we all need it.

Hardware

It all starts with hardware. In size and shape all we need 10 years from now will be sized like a smartphone.

It will most likely not be an iPhone, since Apple has shown no interest in opening up their hardware or operating system. Besides, we can't depend on one single vendor. A much more promising platform is Google Android, with many vendors and a healthy ecosystem.

Processors will be wickedly fast 10 years from now. We will have persistent storage in our hands large enough to hold all music ever created in the history of mankind.

But all that power is to no avail if there's something similar to the chinese green dam software or something along the line of Microsoft's trusted computing forced into our hardware. Any step away from total hardware openness is dangerous, because it could be a way of preventing us from loading our own software on our own computers.

There is open source hardware, such as the Sparc chipset. I would prefer if it all was open source, and constantly reviewed by an army of people willing to scrutinize it from weaknesses and security vulnerabilities.

Software base

On our open and trusted hardware we'd put an open and trusted operating system, most likely BSD or Linux. It MUST be open source, or we would never trust it. Forget Microsoft and Apple. They have never shown any commitment to openness or freedom in this respect.

This base must be supported by trusted organizations, such as Apache Software Foundation, the Free Software Foundation, Debian and Canonical. We have to donate money so they can maintain a large machinery of trusted computers we can download untampered operating systems and code libraries from. This will cost us real money, but I see no other way to do this.

Encryption

On top of our operating system, or even deep inside it, we need hard core encryption. This is so important that some countries, such as USA, China and France, have tried to ban it less than 10 years ago. Some countries have managed to outlaw hard drive encryption: Afghanistan, Russia, Cuba, Haiti, Iran, Iraq, Libya, North Korea, Syria, Ukraine and Former Yugoslavia. We don't want to join them, do we? If you hear anyone proposing to ban encryption, then you know it might be a fight for our lives, because encryption is at the heart of the future of computing.

Fortunately, encryption is out of the box, thanks to GPG, OpenSSH and others, but expect governments and corporations to try to ban encryption with all sorts of phony arguments. Unfortunately, it is not too difficult to spot encrypted traffic on the internet, so if an anti-encryption law was passed, our internet service providers (ISP's) might be forced to block anything that looks like encrypted messages.

Virtual machine

Next step is a virtual machine. To my knowledge, there really are only two industrial strength alternatives. One is from Microsoft, so it has to be the other one, the Java Virtual Machine (JVM). You'd be crazy to trust Microsoft. The JVM has open source implementations and has a very good security track record. It can be trusted, and many people are willing to support it.

But 10 years from now we will probably not do most of our programming in Java anymore. The reason is because the processors will probably contain hundreds of processing cores, which will be a pain to keep busy with Java.

My bet for the future of multicore programming is Scala, a pretty new exciting language that is both object oriented and functional, runs on the JVM, is open source, and lets you reuse your Java libraries straight off. It also has a cool actor framework for multi-core computing.

But my thinking goes a little bit longer, in that we should throw the Akka, Swarm or Scalar frameworks on top of Scala.

Akka lets you create software transactional memory over your actors, so that you can do real work with several distributed actors within an in-memory transaction.

Swarm, created by Ian Clarke who created Freenet, introduces transparently distributed computation in the cloud. This means you can write your Scala programs without having to bother with scalability - your code will move around to where data is located, instead of todays paradigm where data is moved from a database to an application server for processing.

Scalar is a DSL (Domain Specific Language) written in Scala to facilitate grid computing on to of the GridGain framework.

Distributed computing sandbox

This is where internet freedom comes in again (sorry for going off on a tangent like that). On top of the hardware, operating system, encryption, JVM and Scala language (all open source) we would load a Akka/Swarm/Scalar module, much in the same way Popular Power worked. It would be a secured sandbox on your computer, open to the world. Files and data from other people could reside on a part of your hard disk owned by this sandbox. Actors in an Akka application could execute here, code in a Swarm application could migrate here, since the data it needs might be there, and computationally very expensive jobs could with Scalar be sent off to the distributed grid.

It would all be encrypted - files, data and code. Your computer would be safe from whatever happens inside that sandbox, and to you it would be mostly a black box you can't do much with, except for two things:
  • Drop your files into it for safe storage. Perhaps the Riak web database might be part of the solution?
  • Drop your jobs into it for execution, and then later collect the result.
You can turn off the sandbox if you so wish. It wouldn't matter much, because all files in the cloud of which your sandbox would be part, is replicated all over the planet, in slices and pieces much like the BitTorrent protocol works. Not much goes wrong if one sandbox disappears - the distributed file system just needs to spread some files just a little bit more. The sandbox file system would always make sure there are enough copies of your files across the cloud so that you can get your files even if whole continents slide into the ocean, or all cables across the Atlantic are chewed off by killer whales.

But if you turn off your sandbox, then you can't send your own applications and data into it, since it is the portal to the distributed computing darknet.

You wouldn't want to save your files or applications on your own machine, instead you'd sign yourself to be the owner of your files, encrypt them and send them off to the darknet where the files would be safely replicated and accessible only by you. You assign most of your hard disk to the cloud, and others do the same. Nobody cares where files resides, as long as you trust they don't ever go away.

File sharing? Well, all files that you don't encrypt are shared with all. You can claim ownership if you wish, which might make it possible to restrain how they can be used, but except for that it is just common files.

Whenever you'd want to send new versions of your applications to the darknet (agents acting on your behalf), the old ones would be replaced. Perhaps we need a new and faster machinery similar to DNS for this. We might need a replacement for DNS anyway, so perhaps it could serve several purposes.

Trusted peers

So, would you let your sandbox open to just anyone on the net? Not necessarily. I believe we'll start using network of trusted peers. You would connect with your closest friends and share encryption keys with them, so that you can communicate safely with each other through strong encryption, much like OneSwarm.

Your sandbox would communicate with their sandboxes. Your friends may have other close friends they trust, so what is stored on your disk and executes on your computer may come from a friend of a friend who you may not necessarily trust. There will perhaps be a way of fine tuning trust, so that you trust some people more than others. This is certainly not my speciality, so it would be interesting to hear more about such systems.

Potentially there might be some pixels of encrypted child porn on your disk, but you would never be able to tell, so you wouldn't really care, in the same way a mailman delivers mail without looking inside envelopes. Besides, your disk may legally be owned by you, but technically it is just part of the darknet cloud. Who cares, in 10 years it will cost barely nothing!

Key rings

The public encryption keys you get from your trusted peers, as well as your own private keys, must be saved in a safe way. Backed up on USB sticks, your watch, or otherwise. I hope we get really good software and hardware for this in the future. Perhaps it already exists?

Onions and P2P

Traffic originating from you may not go directly to an external website such as http://www.bbc.co.uk, but instead routed first to one of your trusted peers, whose sandbox may automatically at random relay it further on to its trusted peers, in a way similar to Tor. The traffic may surface unencrypted far away from you and be totally anonymous, so that censorship can be avoided altogether.

Security

This will of course need some major thinking, but it should not be too hard to make your machine safe from potential evil goings-on inside the sandbox. The Java Virtual Machine should handle this, if configured correctly.

What if someone floods the darknet with junk files, just to fill it up? Well, I envision a quota system enforced by the sandboxes, so that if you set off say 500 GB of your hard drive to your sandbox, then it will stop you from dropping more than say 100 GB of data into it (remember, all files are replicated across the net).

What if someone floods the shared computing cloud with actors consuming huge amounts of CPU? Well, the same quota system could be setup so that the longer you have had your computer open for others to use for computing, the more cycles you have saved up for your own use on other machines. The sandbox would stop you, in some way, from gobbling up too much CPU out there. But I don't see this as too much of a problem, really, since most computers are mostly just idling anyway.

What if someone is using the CPU of our machine in an attempt to crack the encryption of someones files? Well, we can use the CPU of other peoples machines to encrypt our files, so I don't think it will work. It is much much much easier to encrypt a file than trying to crack the same encryption. At least that is what current cryptology science tells us, but various government agencies may know much cheaper ways to do it that currently isn't common knowledge. Only time will tell.

So, where do we start?

Perhaps there is already an effort to do something similar. If so, let me know. It is a big task to get working, and I want to help. If there are no such efforts, why not start one now?

11 kommentarer:

  1. Great post! Seems Scala has a good distributed programming ecosystem, so maybe it will really replace Java! For the freedom's sake - I wouldn't trust Sun/Java either, but there's no other way as it seems :-(

    SvaraRadera
  2. I don't necessarily trust Sun/Java either, but their stuff is open source, so if I feel paranoid I can go and have a look myself.

    SvaraRadera
  3. An immensely inspiring and uplifting post!
    The bright future is in the darknets !
    We need no Immaterial rights, they hinder creativity and development and a open society.
    If we want to fulfill the promise ignited by the french revolution; Freedom, Equality and Brotherhood, we need the instrument of internet to be a open and free way for the people of the planet earth to interact and share and work.
    Every force working against is only the despots of the past trying to hold on to their lost gold-cow.
    We don't need superartist, supermovies, Hollywood, neither big companies of any kind.
    The future is agile and organic, small organizations, even individuals cooperating and building big and great stuff together without the need of hierarchical central controlled organisations.
    Communism was a bad political idea, and Big Companies follow the same principles; central governed systems, which basic meaning is the enrich those at the top (just as communist states enriched the leadership in the top).
    And it is Big companies who defend immaterial rights and try to stop the creative freedom internet provides.
    Since it is a threat on their dominance.
    I believe everything from software and computers to cars and furniture will be developed and manufactured by organic agile organisations on the net, with no need for central control or a few making a fortune on the work of many.
    Intrestingly enough, the maximum of freedom seems to bring on a maximum of equality aswell.
    Maybe it will strengthen Brothership too?
    All thanks to the technical achievement of internet and computers.
    Changes in the material environment has as always been the major force in all evolutionary change on earth.
    This time too.
    Goodbye earths last despots, your time is soon out.

    SvaraRadera
  4. The problem is not java or scala, the problem is JVM.
    .NET has changed its runtime 3 times, they will change more.

    SvaraRadera
  5. imho the debian-based maemo platform and the n900 hardware would be worth mentioning. it'll be interesting to see to what extent harmattan (maemo6) will remain as open as fremantle (perhaps 80% open source). in any case, much more open than android.

    SvaraRadera
  6. @iron9light I'm not sure I understand. In which way is the JVM a problem? In which way is it relevant that the .Net runtime has changed 3 times?

    SvaraRadera
  7. @thomas Thanks for interesting pointers! I'll check the out!

    SvaraRadera
  8. Very inspiring! Now, let's build! Invent the future!

    (inspirerande nog att jag känner mig lockad att posta hela din text på min blogg för maximal spridning. Jag ser förresten att du är piratpartist och skrivit vettigt på området - är du med på http://live.piratpartiet.se ? Om inte, vill du?)

    SvaraRadera
  9. @Marco Tjena! Nej, jag är inte på live.piratpartiet.se och vet inte heller riktigt vad du menar med det. Aggregerar ni RSS där från partimedlemmar?

    Såg att du också verkar vara utvecklare. Kanske träffas någon gång och spåna lite ideer?

    SvaraRadera
  10. @Mats Ja, precis. Från en särskild tagg du kan välja. Även från vissa bloggare från andra partier till och med, men de är markerade med en annan färg. Maila mig taggen så kan jag ordna in dig. Då kommer en länk till dina inlägg i den taggen hamna på Piratpartiets hemsida, och hela posten på http://live.piratpartiet.se

    En oerfaren men intresserad sådan. :) Träffas vet jag inte, vid möjlighet hade det varit kul.

    SvaraRadera