Returning to Ground from the Web's Clouds
Meanwhile, the Net beneath the Web remains decentralized: a World of Ends in which every end is a functional distance of zero from every other end. "The end-to-end principle is the core architectural guideline of the Internet" says RFC 3724. Thus, even though the Internet is a "collection of networks", what collects them are the transcendent purposes of the Net's ends, which consist of you, me, Google and every other node.
If you want to grok the problems of centralization fully, and their threat to personal freedom, to innovation and to much else, watch, listen to or read Eben Moglen's lectures titled "Snowden and the Future", given in November and December 2013 at Columbia University, where Eben has been teaching law for 26 years. The lectures are biblical in tone and carry great moral weight. For us in the Linux community, they are now in the canon.
What Eben calls for is not merely to suffer the problems of centralization, but to solve them. This requires separating the Net and the Web. For me, it helps to think of the Net as the ground we walk and drive on, and the Web as clouds in the sky, as I've illustrated with the photo in Figure 2.
Figure 2. It helps to think of the Net as the ground we walk and drive on, and the Web as clouds in the sky.
There are many possibilities for decentralized solutions on the Net's ground, and I hope readers will remind us of some. Meanwhile, I'll volunteer a pair I've been watching lately. One is TeleHash, and the other is XDI.
TeleHash is the brainchild of Jeremie Miller, father of Jabber and the XMPP protocol for instant messaging. Its slogan is "JSON + UDP + DHT = Freedom", and it is described as "a new wire protocol enabling applications to connect privately in a real-time and fully distributed manner, freeing them from relying on centralized data centers". The rest of the index page says:
It works by sending and receiving small encrypted bits of JSON (with optional binary payloads) via UDP using an efficient routing system based on Kademlia, a proven and popular Distributed Hash Table.
It's very much in the R&D stages yet, but check out hash-im for a simple demo.
The current spec is implemented in a few languages (any help here would be great!), and prototype apps are being created to test it. Questions can be directed at Twitter, or to Jeremie Miller directly.
XDI is a mostly-baked standard. Its purpose is "to define a generalized, extensible service for sharing, linking, and synchronizing data over digital networks using structured data formats (such as JSON and XML) and XRIs (Extensible Resource Identifiers), a URI-compatible abstract identifier scheme defined by the OASIS XRI Technical Committee". Wikipedia (at the moment) says:
The main features of XDI are: the ability to link and nest RDF graphs to provide context; full addressability of all nodes in the graph at any level of context; representation of XDI operations as graph statements so authorization can be built into the graph (a feature called XDI link contracts); standard serialization formats including JSON and XML; and a simple ontology language for defining shared semantics using XDI dictionary services.
XDI graphs can be serialized in a number of formats, including XML and JSON. Since XDI documents are already fully structured, XML adds very little value, so JSON is the preferred serialization format. The XDI protocol can be bound to multiple transport protocols. The XDI TC is defining bindings to HTTP and HTTPS, however it is also exploring bindings to XMPP and potentially directly to TCP/IP.
XDI provides a standardized portable authorization format called XDI link contracts. Link contracts are themselves XDI documents (which may be contained in other XDI documents) that enable control over the authority, security, privacy, and rights of shared data to be expressed in a standard machine-readable format and understood by any XDI endpoint.
This approach to a globally distributed data sharing network models the real-world mechanism of social contracts, and legal contracts that bind civilized people and organizations in the real world today. Thus, XDI can be a key enabler of the Social Web. It has also been cited as a mechanism to support a new legal concept, Virtual Rights, which are based on a new legal entity, the "virtual identity", and a new fundamental right: "to have or not to have a virtual identity".
It's early for both of these. But I know in both cases the mentality of the developers is on the ground of the Net and not lost in the clouds of the Web. We'll need a lot more of that before we all get our freedom back.
Doc Searls is Senior Editor of Linux Journal
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide
- The Death of RoboVM
- Server Hardening
- The Humble Hacker?
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- April 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- ACI Worldwide's UP Retail Payments
- Open-Source Project Secretly Funded by CIA
- Varnish Software's Hitch