You can’t empower users by targeting ads

August 19, 2012 | Leave a comment

Scott Hanselman has a great take on platforms and ownership on the web:

  • Why doesn’t someone make a free or cheap social network for the people?
  • Why can’t I control my content?
  • Why can’t I export everything I’ve written?

[...] All these questions are asked about social networks we don’t control and of companies who don’t have our best interests at heart. We are asking these questions in 2012?

[...] You want control? Buy a domain and blog there.

His whole post is worth a read. But I think this goes far beyond blogging.

The “cloud”, at least as it’s popularly thought of, is really just a user-friendly, web-based take on mainframe computing, which was super-popular in the seventies (before personal computers took off), and had a resurgence in the early nineties (through the likes of AOL, Prodigy and CompuServe). Applications are stored on servers, and you access them through thin clients (in this case, the browser). It’s been a valuable way to circumvent IT departments, stop caring about upgrades and pesky computing issues like viruses, level the playing field by making it irrelevant whether you’re using a $300 Asus or a $2000+ MacBook Pro, and bring software to the masses like never before. Unfortunately, it’s also been an opening for people to abuse the trust inherent in that relationship, and create models where users are exploited in ways they may not have foreseen.

There are some key differences between cloud computing and the mainframe model of old, even leaving aside the obvious accessibility and ease-of-use gains:

  • Anyone can build an application.
  • Anyone can run their own mainframe.

It’s certainly true that most people don’t want to build applications or run their own servers. However, it’s also true that inside any medium-to-large company you care to think of, there will be a dizzying array of string-and-blu-tack semi-applications written in things like Microsoft Access. This largely doesn’t happen on the application web: somewhere in the mix, we’ve lost the control and interactivity that allowed people to use software on their own terms.

Now, sure, typically those Access databases are a mess, are stored in hard-to-find places, and duplicate work within an organization. In every non-tech enterprise I’ve ever worked in, it’s been a terrible situation; muddled and complex. But that’s what we’re here for as technologists: to create tools that empower users and improve their lives. (Contrast that with farming users and harvesting their lives, which is becoming the dominant business model on the social web.) Where are the tools that allow users to build their own solutions and find their data, easily and on their own terms? Why are people working on ways to deliver ads instead of those problems? Why can’t a non-technical user procure a server with the applications they need, under their control, as easily as buying an app on their iPhone?

The irony is that these kinds of applications have a much higher chance of making their founding entrepreneurs billionaires than trying to be the next Instagram. They’re not as cool, perhaps, but they are the foundations of real businesses, that take money from customers and create real value in return.

I know people who are making great strides in these areas, and I’m bullish about their future success. But it’s fascinating to me that more people aren’t following suit.

In the meantime, if you want control, definitely buy a domain and blog there.

Danger in the cloud: a proposal

October 12, 2009 | 8 comments

In response to recent events, I’d like to propose a different kind of web service that overcomes the privacy and reliability issues with cloud web applications, while providing a solid business model for both application developers and service providers, as well as a seamless, easy-to-use experience for end users.

The T-Mobile storm

Over the weekend there’s been a storm surrounding the T-Mobile Sidekick, which is produced by Microsoft’s Danger subsidiary. It turns out the device stores the primary copy of data like calendar and address book information in the cloud rather than on each device; perhaps a fair proposition if you knew you could trust Microsoft’s servers. Unfortunately, said servers went down last week, and Microsoft didn’t have a working backup. Sidekick users suddenly found themselves without their personal information.

Is cloud computing safe?

Understandably, this has sparked a wider conversation about computing in the cloud. AppleInsider summed it up:

More immediate types of cloud services take away users’ control in managing their own data.

While Ina Fried over at CNet noted:

The Danger outage comes just a month before Microsoft is expected to launch its operating system in the cloud–Windows Azure. That announcement is expected at November’s Professional Developer Conference. One of the characteristics of Azure is that programs written for it can be run only via Microsoft’s data centers and not on a company’s own servers.

The issues surrounding cloud computing have been discussed for a while, and aren’t limited to these sorts of accidents; here’s a post I wrote in 2007 about the rights we ought to have over our cloud data. Partially because of the risks involved, and the risk of leaky data, some kinds of organizations and enterprises simply can’t use cloud computing services. (In the UK, for example, check out the requirements imposed by the Data Protection Act.) At the same time, the Sidekick debacle shows there are clear risks to end-user consumers too.

Despite this, the benefits of cloud computing are obvious, particularly for the organizations that can’t use them: device-independent applications and data we can access and use from anywhere.

Can we have the best of both worlds?

The personal computing model is relatively secure: you install applications on your computer, and they sit on your local hard drive, along with your data. Assuming there hasn’t been a security breach, or you haven’t explicitly provided access to your data over a network or through a direct action like emailing it, it’s safe.

On the other hand, because your applications and data are locked away on your hard drive, you generally have to have direct access to it in order to use them. There are remote desktop solutions like VNC, but these are clunky and fairly useless over a low bandwidth connection.

Web applications that store their data in the cloud overcome this obstacle, but lose the security of sitting on your own computer.

What if there was a halfway house between these two situations?

The personal web server that works

Theoretically, anyone can run their own web server, right now, that allows them to install web applications in a more secure, controlled environment and access them from anywhere. But there are some very good reasons why they don’t:

  • You need system administrator skills, usually on top of Linux skills, to do it.
  • Web applications – even relatively easy-to-install ones like WordPress or Elgg – are fiddly. There are configuration files, directory permissions and (potentially) source repositories to contend with.
  • The web applications you can install on your own server are often not as good as the ones you can get in the cloud.
  • When something breaks, it’s your own responsibility to fix it.
  • Servers are expensive.

What if we could fix all of these things at once? Enterprises, organizations and individuals could have their own, more secure environment that would allow them to use the cloud applications they needed with fewer security risks, while enjoying the ease-of-use and immediacy that the cloud provides.

One of the reasons everyone’s leaping to copy the iPhone’s app store business model is that it just works. Sure, you’re forced to delegate root control of the phone to iTunes, and the operating system places some seemingly arbitrary restrictions on what applications can and can’t do. But the handset works, and installing software is easier than on any other platform. The truth is, most ordinary users don’t care about those restrictions. Hell, I’m a computer scientist software developer entrepreneur power user, and I’m just happy the thing works. (Context: my previous phone ran Windows Mobile, which doesn’t.)

Imagine if you could get your own server environment that was as easy to use as the iPhone. It would look something like this:

Front end & business model

  • You sign up for the service, possibly for a small monthly fee, possibly for free (depending on the service provider). Alternatively, if you’re more technical / an enterprise / an organization, you install it on your own infrastructure. The platform is available for free and could be open source.
  • From a secure web-based admin panel, you can add and remove users (although the platform optionally also supports Active Directory and similar standards, as well as OpenID), and install / uninstall applications from a centralized app store with the usual features: ratings, search, similar apps, etc. Installation is one-click, and upgrades are similarly seamless. (That WordPress “what, I have to upgrade again?” problem: solved.)
  • Much like the iTunes app store, applications may be free, or may cost a small amount. Applications may impose licensing restrictions based on number of users: for example, the app costs $4.99 for up to 5 users, $19.99 for up to 25, etc.
  • As with the iTunes app store, the application store provider takes a cut – and so does the service provider. This creates a strong incentive for multiple vendors to provide hosted services for little cost. It also effectively creates a discount for enterprise, organizational and technical users, who can bypass a service provider. The payment to the web application developer also, for the first time, creates a solid commercial marketplace for high quality web application products, while the free option allows open source vendors to distribute as normal.


  • Behind the scenes, the server runs existing open source technology: Apache, Tomcat, PHP, Perl, Python, Ruby on Rails, MySQL, Postgres, etc. However, there are restrictions on how applications must be structured, behave and share their data. This allows the one-click install and upgrades to function correctly. Importantly, though, users of the system need never worry about the underlying framework.
  • The platform has a central data store that all applications may access via an API. This data store is fully exportable, allowing (for example) a datastore stored with a service provider to be moved to an internal setup as an organization expands. As with the iTunes app store, applications are linked to a store account rather than a physical machine, so the application licenses are portable too.

Of course, this wouldn’t replace standard web servers. What it does provide, however, is a simple cloud operating system that simultaneously works in a more secure, dependable way than existing services, would be more acceptable to many organizational users, and provides a genuine business model for web application developers.

The web is now an end user application platform, but still behaves like a lightweight document store. To obtain the level of software customization we all enjoy on our home PCs, a much higher level of technical competence is required. I strongly believe that this situation must change for the web to be a viable commercial application framework.