
The Web’s Creator Looks to Reinvent It - elie_CH
http://www.nytimes.com/2016/06/08/technology/the-webs-creator-looks-to-reinvent-it.html
======
jacquesm
It's simple: make computers secure enough that connecting one to the net won't
imply being hacked within a few days (minutes in some cases). Re-enable mail
servers to be run from home connections, make them dead simple to set up and
bullet proof. And so on. You can only wind this clock back step-by-step, a
reboot will break too much that we have come to depend on.

It all went wrong at NAT, we were supposed to be _peers_ , not producers and
consumers.

~~~
jasode
_> It's simple: make computers secure enough that connecting one to the net
won't imply being hacked within a few days_

It's not really simple. It's actually complex and having a general purpose
computer be hardened enough for non-geek homeowners not to screw up (social
engineering, security warnings fatigue, etc) is possibly an _unsolvable_
problem.

If RSA SecurID whose very business competency is _security_ can be hacked[1],
the homeowner running Dovecote/Sendmail/Qmail/etc on Linux or Linux container
has no chance at all. If uber-techno-geek Mark Russinovich can get infected
with a rootkit[2], the average homeowner has no chance.

One could supposedly burn an embedded chip with email software (a dedicated
"email server appliance") that can't be hacked -- but that also means it can't
be updated. Email technology evolves (cleartext email --> SSL email --> next
tech is ???) Also, if a vulnerability is discovered, the homeowner has to buy
a new email appliance. If you make an email server on FPGA than can be flashed
with new firmware, you've now re-opened an attack vector from social
engineering.

 _> Re-enable mail servers to be run from home connections, _

If you're talking technical issues such as ISPs opening up SMTP traffic on
port 25 for residential internet connections, that's not really the problem.
The real issue is the social dynamic of _trust_ which is affected by bad
actors and spam. Analyzing it through the lens of "technology" disguises the
true problem. The puzzle of "trust" happens in a layer above SMTP/25.

[1][http://bits.blogs.nytimes.com/2011/04/02/the-rsa-hack-how-
th...](http://bits.blogs.nytimes.com/2011/04/02/the-rsa-hack-how-they-did-it/)

[2][https://blogs.technet.microsoft.com/markrussinovich/2005/10/...](https://blogs.technet.microsoft.com/markrussinovich/2005/10/31/sony-
rootkits-and-digital-rights-management-gone-too-far/)

~~~
markdog12
Thanks for Russinovich link. I hadn't read it and it was extremely
interesting.

------
kordless
Software is the result of business models. Business models are the result of
risk management around desired outcomes. Making more money, for example.
Making more money is the reason we've had bubbles and new business layers
appear. MSPs were the precursor to SaaS, for example.

Software sucks because business models must frequently be addressed before
customer's needs are addressed. Of course this is a simplification of the
process, but no company continues writing software if their business models
for that software fail and they run out of money or is threatened with
shutdown if they don't comply with the government.

To "reinvent" the "web" (or what I call the Intercloud), business models must
be removed from the equation. New models of work storage and exchange must be
created to allow developers to write code for the people who need it. When a
user relies on a feature, there should always be a clear path for them to a)
continue using that feature for as long as they see fit and b) enter into a
contractual agreements with a developers to develop new features they need.
This should be able to be done without a corporation or business model getting
in the way.

It also implies all the software down the stack is reinvented in the same way
to support this new methodology. Deployments/installs, for example, will need
to be done differently moving forward.

This is obviously bad news for the "startup" scene, but good news for
humanity. Things are getting complicated and clearly don't scale well doing it
the old way. It's time for a change.

~~~
adevine
Wat?

> To "reinvent" the "web" (or what I call the Intercloud), business models
> must be removed from the equation.

This goes into my "and everyone gets a pony" set of solutions.

~~~
kordless
Actually, I think the entire software model needs to be peer-to-peer, no
businesses or brands involved. I spent a considerable amount of time thinking
about this and building a prototype of one solution that does immutable
software deployments using the blockchain. This may elicit another "wat?" from
you, but I assure you it's been vetted with peers and it appears to be a sound
approach. That's not to say my hypotheses are correct, or all the software is
done for this yet.

You may also want to check out IPFS and Sandstorm for other examples on this
topic.

------
anilgulecha
Efforts towards thorough decentralization are easy when dealing with static
resources(see ipfs, torrents etc).

Issues creep up when you need to support dynamic resources, which rely on :

a) user input b) stateful server

With b), a will feel more comfortable sharing data when there's trust built up
in b). This seems to go directly against legacy-web as centralization was the
solution to the trust problem.

With new technologies like bitcoin showing trust can be based in mathematics,
and ethereum showing that interactions can be based around mathematical rules,
we definitely have the technological raw power to built a scalable, trustable,
non-censorable alternative to www.

I do hope these new technologies are not too-hampered by how ubiquitous and
entrenched www is.

~~~
tim333
They managed a) user input b) stateful server with Diaspora as an alternative
to Facebook. The trouble with decentralisation is users aren't bothered with
it unless they need it to circumvent laws with things like bittorrent for
copyright laws and bitcoin for money laundering, drug dealing, cryptolocker
extortion and the like.

~~~
TheOtherHobbes
Users don't bother with Diaspora because while it makes some gestures towards
being simple and friction-free, it's essentially still a geek project for
geeks, and not a mass user project for mass users who have zero interest in
technology and just want to be social.

The distributed network idea has been around for a long time, and ideally it's
how the web will go.

But it's much more of a technical _and social_ challenge than today's server-
based web.

To win users it has to be significantly better than what's available today -
not just another way to do the same things, but with a few extra complications
and unreliabilities.

------
elcapitan
I think the way the web has been conceived once and then evolved around a
relatively small set of core concepts is amazing. I find it hard to imagine
though that after 20 years of evolution we could go back to a point where we
apply another round of centralized planning how it _actually_ should look
like. The existence of centralized services is the result of demand and
evolution, not of false planning in the beginning.

20 years is still a very short timespan, and we should probably admit that for
huge societal changes like this we simply need more experimentation and more
time. The rapid changes in technology sometimes lead people to the
misconception that everything else would move similarly fast, but our human
world is still slow. I'd rather see more people just try out different options
on the web as it is and then have the most successful win rather than putting
a bunch of clever people in a room and plan for everybody else.

~~~
cheez
One way to think about this is that these guys are going to try, they'll come
up with stuff that no one uses and it will be some nerd somewhere that comes
up with the next iteration of the web. I.e., it won't be Berners-Lee that does
it, it will be the _next_ Berners-Lee somewhere.

Satoshi (whether one person, or a group) did it with Bitcoin. The concept is
now ingrained into every architect's toolbox. While Bitcoin itself won't
revolutionize the web, it is a huge step forward in how to think of
decentralization in an environment where it is too costly (technically,
financially) to effectively decentralize.

Perhaps the next step will be combining said decentralization with anonymity.

Then in 50 years, maybe we'll all have our own anonymity-preserving "cloud
boxes" that follow us wherever we live, just like routers do now (save the
anonymity and storage).

~~~
elcapitan
Yes, that's what I would favor. Not only decentralized web, but also
dezentralized thinking and tinkering.

Maybe it's because the emphasis of the article is put on Berners-Lee and
thereby creating a notion of authority, or because the group meeting and
church-like environment somehow looks and sounds very much like design by
committee, but the article didn't really convey that path to me.

~~~
cheez
My point was to say that it doesn't matter what these guys do. The web became
centralized because that was expedient, convenient and we could pay someone
else to do the work. Anything that doesn't have these characteristics will not
replace the centralization.

------
petewailes
"People assume today's consumer has to make a deal with a marketing machine to
get stuff for 'free,' even if they're horrified by what happens with their
data. Imagine a world where paying for things was easy on both sides."

I can't see that friction is the problem. It's easy to implement payment on
the web nowadays. The issue is getting people to want to actually pay, rather
than going and looking elsewhere for the same thing for free.

The challenge with the web is as is noted at the end, not one of technology,
but one of society. Making a better web means making how people work with each
other through the web, what we expect of it, and how we want it to work
better.

Unfortunately, time and time again we've seen people prefer free, lousy web
content to even a ludicrously small payment for something really good.

How you fix _that_ (getting people to value what they get from the web and to
be willing to pay for it), I don't know. Spotify, Netflix, The FT et al have
shown that it's possible to get people to pay, but I can't imagine even the
majority of the web going that way for now. Hopefully that changes in the
future.

~~~
OscarCunningham
I think that the problem isn't paying per se, but rather just the
inconvenience. After all people already pay plenty for their web connection.
Something like Flattr might be the solution.

~~~
elcapitan
As a flattr user from both sides (site owner and site visitor), I can't say I
was entirely happy with it. Although it's well implemented.

I find it difficult that they constrained the concept to payoff =
$monthly_amount/$number_of_clicks. From both sides I would prefer to be able
to set and see prices, not arbitrary equal results for all the sites I click.
That had kept me from clicking in most cases, because I wouldn't want to give
the equal amount to go to some 1-paragraph blogpost as to a 1 hour podcast.
Even though I would want to contribute for both.

~~~
splatcollision
Potential to integrate the amount of micropayment as a star rating - think a
combined "donate & rate" action after reading / watching. Let people
contribute from 0.01 to 5.00 units of currency, in easy increments, that also
indicate how much they liked it. Automatically bill and aggregate monthly.

~~~
elcapitan
I guess the charm of their solution is that they don't have to put these
complex semantics into place. It sounds like a good idea, but rating and
paying are two very different things - in my example, I would merely want to
reward more effort (1h podcast) with more money. That doesn't mean I didn't
like the short blogpost.

------
Fice
Centralization really is a social problem. Among alternatives, most people
will mindlessly choose the most popular one, while extreme popularity of
something should instead be a reason to avoid it or at least to be very
cautious about it.

No decentralized technology is immune to this herd behavior. Even Bitcoin is
probably doomed to become dominated and effectively controlled by some popular
mining pool or online wallet provider. This will not change until new ethics
of decentralization forms in the society. And that will happen eventually, but
it could take a lot of time.

~~~
6stringmerc
So I agree with you in general and also wish to un-pack a little of what you
mention based on my personal growing up alongside internet access. As in, I
can do the 2400 baud modem handshake from memory, ran a server on a cable
modem, and now consider myself more a user/consumer of technology than a
creator/in the field.

Traditionally access to the WWW had a pretty high threshold of combined
factors: Cost for hardware and communications, time and effort to understand
how things worked, and a still pretty basic group of sites and such. Lee is
wrong in that the Web used to be 'more open' from a general social sense - it
was AOL chat rooms before Snapchat, it was GeoCities before Facebook, and on
and on and on. Large organizations like Dropbox have made it competitive and a
more intelligent decision than trying to set up a personal server and jump
through all sorts of intellectual and digital hoops to make it work.

Or, in other words, the easier something is to use, the more idiots are going
to get their hands on it and use it. The Web is simply a reflection of the
human species. Both stunningly beautiful and tragically ugly, it's certainly
evidence to me that Utopia is, fundamentally, irrational and likely impossible
without exlcusion and selection bias.

------
danmaz74
More than "reinventing the web", I would worry about finding strategies to
keep the web open against the strong pull towards (semi) walled gardens that
is coming from Facebook and others.

~~~
amelius
I'm afraid this can only be done by introducing new laws.

The network effect is just too strong, and most people don't care enough about
privacy and openness to switch to different networks.

~~~
snsr
Or by providing a more attractive option.

~~~
amelius
How? In this new economy, big corporations have structured themselves such
that they can compete with and protect against "disruptive" startups.

Also, coming up with something more attractive takes time (trial and error),
and big corporations can easily incorporate (copy) those new features in their
products in the meantime.

------
goldenkey
The end of the article said it best. It isn't an infrastructure problem. It's
a society problem; people want to use centralized services, ie. Twitter,
Snapchat, Instagram, Facebook, etc etc. Muggles don't give two fucks about
privacy - idiots aren't usually political dissidents until their food supply
gets low or their Snapchat gets filtered by the Great Firewall.

~~~
erez
People don't want to use these services. People have to use them, as there is
no other method. Had the web's been decentralized from the get-go, and someone
would come with a centralized service, you'd find the goldenkeys of the world
arguing "people want to use decentralized services".

~~~
goldenkey
The federation idea seems to be the best way to create decentralization . The
problem is that most people working on a type of website usually combine
forces and host together. ThePirateBay and Libgen have come the closest to
being federation-like. Tons of mirrors and different host names with the same
source code and content that is meshnetted across the federation. The only
thing that tpb isnt a good demonstration of is divided private data. That is
the motivator for most decentralization proponents

~~~
Fice
Federation does not solve the problem. Eventually most users will flock
towards single most popular instance of a federated service. Email is
federated, but most users betray it by choosing the most popular provider
(Gmail). And Google will happily drop email federation "to protect users from
spam" when they get enough user share as they did with XMPP.

~~~
erez
Technically email isn't federated. Like the web you have an email server that
hosts an email address and all mail to and from go to it, and while you can
IMAP to it through a client, and host a "mirror" of it, to send/recieve emails
you still need to go through the single email server.

------
combatentropy
With a computer in every pocket, we're ready for a peer-to-peer Internet. I'd
rather host my own wall and email than rely on Facebook and Google. Of course
I would still rely heavily on some good open-source software. And for most
people this open-source software would have to be packaged nice and simple,
like "apps."

Also I've read that distributed networks (or "meshes"?) are much harder to get
working well than centralized ones. I don't know much about them, though. We
might need to wait for another battery breakthrough, too, if my phone will be
doubling as a server. I guess we would also need more blockchains, sharding
and encryption like with Tor, and a greater comfort with eventual consistency.

------
alistproducer2
I don't like how the article completely left out IPFS.

------
seagreen

      “The web is already decentralized,” Mr. Berners-Lee said. 
      “The problem is the dominance of one search engine, one 
      big social network, one Twitter for microblogging. We 
      don’t have a technology problem, we have a social 
      problem.”
    
      One that can, perhaps, be solved by more technology.
    

This is a very confused article. It's a social problem! But we're going to
solve it with technology!

I'm sure Tim Berners-Lee has a great understanding of the situation, but since
it didn't come across in the article let's try to build our own description of
the problem here in the comments. To do this we'll go through the most
interesting projects in the "fix the web" space and steal their key insights.

# Camlistore - All Your Data Should Be in One Place

I probably have important data in two dozen different places. Google, FB,
Dropbox, Reddit, GitHub, Mint, Stack Exchange, Amazon, etc. This is crazy!

All my personal data should go into a personal data store. I'm not sure how
we'll ever approach a sane system without this step. Camlistore is all about
making that data store.

More info here:

[https://camlistore.org/doc/overview](https://camlistore.org/doc/overview) "
Camlistore is your personal storage system for life. "

# Urbit - Everyone Should Have a Name

Right now only techies own their names. We do it in two ways -- the total
ownership way where we make a private key and identify ourselves with it, and
the "technically renting but basically ownership" way where we buy a domain.
You can reach me at <myname>@<mydomain> today, tomorrow, and probably for the
rest of my life.

Most non-techies get by with Gmail and a FB page. This isn't the worst, but
it's not ideal.

And for every different service we use we get a different name. I don't want
20 names! I want to use my name! (Or sometimes one of my pseudonyms, which
Urbit has first-class support for).

In Urbit everyone has a name[1]. Even better, this name maps to their
computer, so if I know my friends name I can connect to their computer -- the
foundation of getting an actual peer-to-peer network back from the current
mess.

[1] Connected to a private key and human readable! But often silly, eg:
~gumdob-tumlub

# Sandstorm - Everyone Needs a Server

Servers are necessary to be real internet citizens. I think this is basically
self-explanatory. If your entire internet presence disappears when you close
your laptop lid you're basically beyond helping, and will always need some
kind of walled-garden to watch out for you.

The problem is that Linux servers are a pain to host. With Sandstorm you can
set up a server with one click. You can install apps with one click. This is .
. . basically such an obviously good idea it's hard to find more to say about
it.

If there are more interesting projects in this space please mention them, I'm
going back to coding:)

EDIT: I wasn't really sure what to write for a conclusion, but now I've
thought of one: The web evolved, what we get next will be _built_. This is
very exciting.

------
wangii
What's the killer app?

