Activity streams: not just for the cloud

April 24, 2012 | 7 comments

At the end of last year, I was asked to contribute my wishlist for Linux on the desktop for an issue of Linux Format magazine. Here’s what I submitted:

I want an activity stream for my activity on my local computer, and across my network. When, for example, I make a change to a document, I want my PC to record it on my activity stream as “Ben Werdmuller edited ‘Linux Format wishlist’ in LibreOffice Writer.” By default, those changes are private to me only, but I can set access permissions per file, application, location on disk and type of update (“status update”, “text file”, etc). In a network environment, I can share my activity streams across the network, and see the updates that other network users have allowed me to view. This stream is at an infrastructure data level, so I can choose a number of applications to view it with – although I can easily imagine Ubuntu, for example, shipping a beautiful default app.

Then, I want to be able to program against the activity stream, and the activity streams I can see on my network, using a simple API. This would allow me to sync files, status updates and other things, while not being bound to any one application or utility. It also could provide an interesting underlying basis for social web applications running on Linux servers.

This is a little convoluted, so let me explain: I want my activity on my computer, my activity across my enterprise network, and my activity on the web to be saved to a single activity stream that I control. I want to be able to conditionally share and have access to the entire activity stream – and then do stuff with it, using tools like the excellent ifttt.

Consider the following unified stream:

  • Ben Werdmuller saved Technical white paper to Work out tray 3 seconds ago
  • Ben’s mom sent you an email: A little family news to ben@benwerd.com 15 minutes ago
  • Ben’s cousin sent you a message: I’m engaged! on Facebook 1 hour ago
  • Your task: Finish technical white paper is due 3 hours ago
  • You were tagged in a photo: ElggCamp San Francisco 2012 on Flickr 4 hours ago

In the example above, the act of saving something to the folder Work out tray could automatically cause it to be uploaded to Basecamp, or emailed to a few people for review. Similarly, my being tagged in a photo on Flickr could cause it to be automatically downloaded into my local Photos folder.

Why should my activity stream just contain stuff that happened on the web? Now that we have apps like Google Drive, these separations are arbitrary at this point. What matters is that I did something, not where I did it.

The device is the conduit; the cloud is the platform

June 8, 2011 | Leave a comment

The other day, Steve Jobs stood up and announced iCloud, which replaces the PC as the hub in the iOS device ecosystem, demoting it to just another device. You no longer need to have a PC to activate or synchronize an iPhone or an iPad. This is right, and proper, and in some ways long overdue.

Meanwhile, Nintendo announced Wii U, which connects to your TV like virtually every home game console before it, but also has touchscreens embedded in the controllers. You can move a game from the TV to a controller in mid-flow, for example if someone wants to watch TV. It’s not a stretch to think that someone might be able to watch a streamed TV show on a controller while someone plays a game on the television.

A few days earlier, Microsoft previewed Windows 8′s new interface:

“It’s going to run on laptops, it’s going to run on desktops, it’s going to run on PCs with mouse and keyboard,” says Microsoft’s Jensen Harris after demonstrating the Windows 8 interface in the company video below. ”It’s going to run on everything.”

We’re moving towards a very different paradigm for personal computing. In this connected future, more than ever before, the device is a conduit. You can consume the content or applications that you want, when you want, where you want, on the device you want; content, data and applications are all untethered to any particular object.

This doesn’t have to be any less secure, any less powerful or any less customizable than what you’re already doing. Most consumers will get their computing through Apple and Microsoft, as they already do (Google have ChromeOS, but unless there are major, secret features primed for release, it suddenly looks small-scale compared to the alternatives). Linux users will continue to run Linux – on their PC, on their phone and on their personal open source clouds.

Importantly, virtually all of the cloud platforms on the market have some kind of web technology component (you’re going to be able to build Windows 8 apps in HTML and JavaScript, for example); it’s pretty clear where all of this is going.

I’m writing and posting this blog post on a six hour flight. The Internet is increasingly everywhere; by moving to the cloud, we’re allowing for lower up-front device costs backed up by ongoing subscriptions. The platform providers are going to do very well out of this. Whereas in the current paradigm they capture value by locking users into application compatibility bubbles (Windows apps won’t run on Mac OS X, etc), in the cloud-based future, the lock-in comes from who runs the cloud servers. When Bill Gates started out, his vision was of a computer on every desk running Microsoft software; if he was starting out today, his vision might be a connected device in every pocket running on the Microsoft cloud.

Although this is a step forward in my opinion, there are dangers. Think about how “cloud services” as we’ve known them to date (web tools like Facebook) have monetized; they mine user data. As we put more and more sensitive information into the cloud, the challenge will be to maintain ownership over our information, maintain privacy over our activity, and to ensure that no one company gets to control this brave new world.

Danger in the cloud: a proposal

October 12, 2009 | 8 comments

In response to recent events, I’d like to propose a different kind of web service that overcomes the privacy and reliability issues with cloud web applications, while providing a solid business model for both application developers and service providers, as well as a seamless, easy-to-use experience for end users.

The T-Mobile storm

Over the weekend there’s been a storm surrounding the T-Mobile Sidekick, which is produced by Microsoft’s Danger subsidiary. It turns out the device stores the primary copy of data like calendar and address book information in the cloud rather than on each device; perhaps a fair proposition if you knew you could trust Microsoft’s servers. Unfortunately, said servers went down last week, and Microsoft didn’t have a working backup. Sidekick users suddenly found themselves without their personal information.

Is cloud computing safe?

Understandably, this has sparked a wider conversation about computing in the cloud. AppleInsider summed it up:

More immediate types of cloud services take away users’ control in managing their own data.

While Ina Fried over at CNet noted:

The Danger outage comes just a month before Microsoft is expected to launch its operating system in the cloud–Windows Azure. That announcement is expected at November’s Professional Developer Conference. One of the characteristics of Azure is that programs written for it can be run only via Microsoft’s data centers and not on a company’s own servers.

The issues surrounding cloud computing have been discussed for a while, and aren’t limited to these sorts of accidents; here’s a post I wrote in 2007 about the rights we ought to have over our cloud data. Partially because of the risks involved, and the risk of leaky data, some kinds of organizations and enterprises simply can’t use cloud computing services. (In the UK, for example, check out the requirements imposed by the Data Protection Act.) At the same time, the Sidekick debacle shows there are clear risks to end-user consumers too.

Despite this, the benefits of cloud computing are obvious, particularly for the organizations that can’t use them: device-independent applications and data we can access and use from anywhere.

Can we have the best of both worlds?

The personal computing model is relatively secure: you install applications on your computer, and they sit on your local hard drive, along with your data. Assuming there hasn’t been a security breach, or you haven’t explicitly provided access to your data over a network or through a direct action like emailing it, it’s safe.

On the other hand, because your applications and data are locked away on your hard drive, you generally have to have direct access to it in order to use them. There are remote desktop solutions like VNC, but these are clunky and fairly useless over a low bandwidth connection.

Web applications that store their data in the cloud overcome this obstacle, but lose the security of sitting on your own computer.

What if there was a halfway house between these two situations?

The personal web server that works

Theoretically, anyone can run their own web server, right now, that allows them to install web applications in a more secure, controlled environment and access them from anywhere. But there are some very good reasons why they don’t:

  • You need system administrator skills, usually on top of Linux skills, to do it.
  • Web applications – even relatively easy-to-install ones like WordPress or Elgg – are fiddly. There are configuration files, directory permissions and (potentially) source repositories to contend with.
  • The web applications you can install on your own server are often not as good as the ones you can get in the cloud.
  • When something breaks, it’s your own responsibility to fix it.
  • Servers are expensive.

What if we could fix all of these things at once? Enterprises, organizations and individuals could have their own, more secure environment that would allow them to use the cloud applications they needed with fewer security risks, while enjoying the ease-of-use and immediacy that the cloud provides.

One of the reasons everyone’s leaping to copy the iPhone’s app store business model is that it just works. Sure, you’re forced to delegate root control of the phone to iTunes, and the operating system places some seemingly arbitrary restrictions on what applications can and can’t do. But the handset works, and installing software is easier than on any other platform. The truth is, most ordinary users don’t care about those restrictions. Hell, I’m a computer scientist software developer entrepreneur power user, and I’m just happy the thing works. (Context: my previous phone ran Windows Mobile, which doesn’t.)

Imagine if you could get your own server environment that was as easy to use as the iPhone. It would look something like this:

Front end & business model

  • You sign up for the service, possibly for a small monthly fee, possibly for free (depending on the service provider). Alternatively, if you’re more technical / an enterprise / an organization, you install it on your own infrastructure. The platform is available for free and could be open source.
  • From a secure web-based admin panel, you can add and remove users (although the platform optionally also supports Active Directory and similar standards, as well as OpenID), and install / uninstall applications from a centralized app store with the usual features: ratings, search, similar apps, etc. Installation is one-click, and upgrades are similarly seamless. (That WordPress “what, I have to upgrade again?” problem: solved.)
  • Much like the iTunes app store, applications may be free, or may cost a small amount. Applications may impose licensing restrictions based on number of users: for example, the app costs $4.99 for up to 5 users, $19.99 for up to 25, etc.
  • As with the iTunes app store, the application store provider takes a cut – and so does the service provider. This creates a strong incentive for multiple vendors to provide hosted services for little cost. It also effectively creates a discount for enterprise, organizational and technical users, who can bypass a service provider. The payment to the web application developer also, for the first time, creates a solid commercial marketplace for high quality web application products, while the free option allows open source vendors to distribute as normal.

Technology

  • Behind the scenes, the server runs existing open source technology: Apache, Tomcat, PHP, Perl, Python, Ruby on Rails, MySQL, Postgres, etc. However, there are restrictions on how applications must be structured, behave and share their data. This allows the one-click install and upgrades to function correctly. Importantly, though, users of the system need never worry about the underlying framework.
  • The platform has a central data store that all applications may access via an API. This data store is fully exportable, allowing (for example) a datastore stored with a service provider to be moved to an internal setup as an organization expands. As with the iTunes app store, applications are linked to a store account rather than a physical machine, so the application licenses are portable too.

Of course, this wouldn’t replace standard web servers. What it does provide, however, is a simple cloud operating system that simultaneously works in a more secure, dependable way than existing services, would be more acceptable to many organizational users, and provides a genuine business model for web application developers.

The web is now an end user application platform, but still behaves like a lightweight document store. To obtain the level of software customization we all enjoy on our home PCs, a much higher level of technical competence is required. I strongly believe that this situation must change for the web to be a viable commercial application framework.