On Jan 23, 2014, at 11:05 AM, Peter Cranstone <
">
> wrote:
Phil,
You’re now see the magnitude of the issues facing VRM.
I believe this is obvious to everybody here. Why assume that this is news to Phil — or to anybody here?
Lets forget trillions for a moment and just go with 100 million. In all likelihood you’re going to need to run these database inside a well managed cloud infrastructure, staffed by responsible knowledgable people (= cost). You’re going to need legal docs
to explain the privacy policies and processes in place to manage the inevitable breech. All this data will have to be backed up all the time with full fault tolerance and always on. (= more cost)
And that’s just to run the cloud - now for the fun part. How do you get users to type in all that data and then provide all the signaling mechanisms plus server side ‘enterprise’ ready tools to integrate with the vendors. (= lots of cost).
Can it done = Yes. Can it be done for free = No
And that’s the monster hiding under the bed here. Everybody keeps talking about Open Source like it’s the cure for cancer. It’s not - you need staff, marketing dollars, cloud infrastructure etc. With no discernible business model that generates revenue
to support that cost there’s very little likelihood of a ‘sustainable’ (operative word here) solution being around for long. Lets face it - the customers data (pCloud) is currently on the vendors servers where they maintain it and get value from it. Moving
it somewhere else might be fine until the second they can’t close a transaction due to downtime.
VRM is an awesome idea - but without a clear understanding of the cost and profit structure getting traction will remain difficult.
I need to challenge a few assumptions here.
1) Open source ≠ free of charge. Never did. There are overlapping venn circles for sure, but the overlap is not the whole thing. Nobody here (faik) is disputing the need for anybody to make money, or the importance of that. Plenty like the leverage that open source gives them, but that doesn't mean open source is anybody's whole go-to-market strategy.
2) Cloud on the personal side is still a new thing. Laying the cost and infrastructure weight of cloud management (or anything) as we know it today on personal cloud developers is like telling PC developers in 1981 that they'll all in the mainframe business. VRM developers know what the world is like, but they also know what they're trying to do that's new. This means zigging while the heavyweights zag. It also means failing most of the time. But why not at least try?
4) Everything has costs. As a Linux Journal editor, one of my favorite lines is Jamie Zawinski's "Linux is free if your time has no value." < http://www.jwz.org/doc/linux.html> He said that in 1998. Obviously, many since then have weighed the options and adopted Linux — and paid $ for it, gladly, in countless cases. But why harp on costs all the time? It's just stop-energy. Most of us are sober here, especially around money. We get it.
Doc
Peter
_________________________
Peter
J. Cranstone
303.809.7342
<PastedGraphic-2.png>
On Jan 23, 2014, at 11:06 AM, Phil Windley <
">
> wrote:
I think a more apt question is “what operating system are those clouds running?”
I think there are plenty of hardware/operating solutions that could host personal clouds and the techniques for locking them down, self- hosting, etc. are well understood. That doesn’t mean it’s easy to do, but
I don’t think that’s the central question.
The key question is does each personal cloud present as a representative of a single entity and can we assure that that entity’s data is secure.
I think it’s unlikely that every personal cloud will run on dedicated hardware. They will be on shared hardware. We’re not going to solve the security problem by going to dedicated hardware for most things and
people. The problem is there’s going to be trillions of personal clouds (yeah, with a T) and the only way that’s possible is by running them in some kind of container on shared hardware.
One key idea that makes me believe doing this securely is possible is that there’s no technical reason for the container to have access to the data. You could architect it so that the container that is hosting
multiple clouds can’t get any more access than other cloud connections.
On January 23, 2014 at 8:43:17 AM, Peter Cranstone (
">
) wrote:
Katherine,
Another follow up - and this time a general question for everyone on this list. Here’s a picture from Respect Networks web site
In it there are multiple clouds. So here’s the questions...
- What operating system and hardware are those clouds running on
- What are the security policies - need legal docs here - regarding those clouds
And perhaps the most important question of all…
- How many people’s data is stored on those cloud servers?
Here’s what i’m getting at - imagine you have a million members, all there data is stored in one place - anyone hacks that one place they get access to an incredible array of data - much more so that Target.
Hackers can target an individuals device - but the rewards are so much less than the servers that store multiple users data.
Peter
_________________________
Peter
J. Cranstone
303.809.7342
On Jan 23, 2014, at 8:26 AM, Peter Cranstone <
">
> wrote:
Correction.
You can build a VRM solution on ANY platform - what you have to understand is the limitations of that platform/OS from a security standpoint. You can then accept (or not) those limitations and build a suitable defense in depth strategy via either additional
hardware, software and or legal policies.
It all comes down to ‘risk mitigation’. Understand the business risks and make a decision. Target new the risks and accepted them - once hacked they sprang into action and limited the downside. This is just the cost of doing business these days.
Also notice that Nieman Marcus got hacked as well - they made a ‘business decision’ not to tell anyone about it until after the holidays. They didn’t want to hurt the brand and have since applied the appropriate resources to mitigate additional risks.
In this day and age there’s no such thing as perfect security unless you have an unlimited budget. You just make a business decision on how to manage the fallout. Customers are used to it now.
They just expect a little more humility from the vendor that’s all.
Peter
_________________________
Peter
J. Cranstone
303.809.7342
On Jan 23, 2014, at 7:48 AM, Peter Cranstone <
">
> wrote:
The problem is wickedly simple: How do you build a VRMy product on this foundation?
You can’t. I’ve built a secure OS - the only way it can be done is with both hardware and software, ‘Root Trust’, plus multiple ‘Rings’ along with Protection ID and compartmentalization for secure passwords. Itanium is the only architecture i know that can
support this level of security unless you have a custom chip.
VRM cannot be made perfectly secure - you need a ‘defense in depth’ strategy i.e. insurance policies.
Anything can be hacked - all you need is time or the Patriot Act.
Peter
_________________________
Peter
J. Cranstone
303.809.7342
On Jan 23, 2014, at 5:36 AM, Katherine Kern <
">
> wrote:
Wicked Shit.
The wicked thrive in complexity. The more complex, the more opportunities to adapt to turning stuff into shit – sometimes just because they can.
Been too busy building our space and website for the Creative Professional Community to contribute here lately.
But I have to chime in with one thought:
Imagine when TARGET was choosing a third party system for their POS system. The written agreement had all sorts of legal mumbo jumbo about waiving any liability for anything. BUT the sales rep reassured “our system is bullet proof – the lawyers and insurance
company make us put that stuff in there.”
That is the real world – business people who want to serve their customers with convenient, secure transaction systems. Third parties who want to provide it but can not. Lawyers trying to protect entrepreneurs from losing their house. Customers who
can only adapt to a new normal that gets lower by the day.
The problem is wickedly simple: How do you build a VRMy product on this foundation?
The business case is obvious: secure financial transactions.
Governments have formed alliances to maintain a safe Space Station. How was this accomplished?
Happy New Year,
From: Doc Searls <
">
>
Date: Monday, January 20, 2014 at 9:39 PM
To: David Brin <
">
>
Cc: William Dyson <
">
>, Peter Cranstone <
">
>,
Guy Higgins <
">
>, Tom Crowl <
">
>, ProjectVRM list <
">
>,
Andy Oram <
">
>, "Grant, Frank (Perkins Coie)" <
">
>
Subject: Re: [projectvrm] Wicked problems vs. tame ones
Somehow this also reminds me of what George Carlin said in "A place for my stuff"...
"Ever notice that your shit is stuff and other people's stuff is shit?" A fused spine corollary, perhaps. :-)
Doc
On Jan 20, 2014, at 11:09 AM, David Brin <
">
> wrote:
I find fascinating the human propensity to suffer from the political equivalent of fused-spine…the ability to notice threats in only one direction.
Americans - especially - are raised by art and films and songs that celebrate Suspicion of Authority (SoA). Moreover, we are each of us encouraged to think "I invented SoA!" Admit it, you relish
the delusion that you are the only one (maybe with a few friends... and some helpful folks in mass media) who notices what is REALLY going on! The rest of your neighbors are mostly bleating sheep. Only… it's funny how those "sheep" look at you the
same way.
The SoA reflex is fundamental in America. Liberals see Big Brother trying to arise out of conniving oligarchs and
faceless corporations. Conservatives perceive Big Brother emerging from snooty academics and
meddling bureaucrats. Both fears are well-founded! But when we focus in one direction, we tend to ignore the looming elites who are "on our side."
And those elites will encourage this tunnel vision. "Look over there!" they scream. "Keep staring over there!"
Hence the fused spine effect. And hence culture war. No, make that phase three of the American Civil War. Undermining the American genius at vigorous, can-do problem solving
pragmatism. A genius that always involved using an agile mix of methods, from individual initiative to market solutions to consensus-chosen joint projects paid for via government of the people, by the people.
We are now being talked into HATING elements of that mixed suite of tools. Gee, I wonder who would benefit from that? (Hint.
Ever look at the list of top owners of cable news outlets?)
Me? I consider myself a child of Adam Smith and Robert Heinlein. I'd be a "libertarian" except that once-noble word was hijacked by cult-followers of a mad Russian woman sci
fi author. I do want market solutions!|
I am also able to admit that, across 6000 years, 99% of societies saw their markets and freedom crushed by private owner-lord-oligarchs, the great failure
mode that destroyed human progress for 60 centuries. And failure to admit -- or even look at -- that basic fact is blatant proof that half our citizens… and some of you bright fellows -- suffer from political fused-spine syndrome.
Is socialism dangerous? Hell yes! I hated the USSR and I am scared of any politburo. But to claim that Sweden is
hell on Earth, or that skyrocketing rates of US wealth and income disparity - approaching the levels of 1789 France - aren't deadly perils to our Great Experiment? That isn't just fused-spine. It is fused brain.
"Class war" has always existed, except during the brief post-FDR heyday of the American Middle Class. Watch as that middle class returns to levels of
radicalization not seen since the 1930s, as they realize that "class war" is always waged aggressively from above.
See a chiropractor. Learn to see lurking Big Brothers in ALL directions. The Great Experiment has always been about agility and flexibility. Even plants
are able to face new directions.
Try turning your head.
From: William Dyson <
">
>
To: Peter Cranstone <
">
>
Cc: Guy Higgins <
">
>; Tom Crowl <
">
>;
Doc Searls <
">
>; ProjectVRM list <
">
>; Andy Oram <
">
>;
"Grant, Frank (Perkins Coie)" <
">
>; David Brin <
">
>
Sent: Monday, January 20, 2014 10:19 AM
Subject: Re: [projectvrm] Wicked problems vs. tame ones
So lets start with …. what is your alternative version for Healthcare ?
On Jan 20, 2014, at 9:57 AM, Peter Cranstone <
">
> wrote:
Well said.
We almost have the perfect ‘social state’. Our own laziness is contributing to the following Govt. control. On a scale of 1 to 10 apply your own judgement to each of the following 8 criteria.
1) Healthcare
2) Poverty
3) Debt
4) Gun Control
5) Welfare
6) Education
7) Religion
8) Class Warfare
As a foreigner coming to the USA 25 years ago the number i would have placed on the above would not have amounted to more than 10 out of 80. Now the number is climbing far closer to 80. Healthcare is perhaps the straw that will most affect ‘we the people’.
It’s the one thing that i can see that truly affects everyone - and it may just be where the Govt.’s reach exceeds it’s grasp.
We’ll see.
Peter
_________________________
Peter
J. Cranstone
303.809.7342
<PastedGraphic-2.png>
On Jan 20, 2014, at 9:56 AM, Guy Higgins <
">
> wrote:
I don’t think that government “by the poor” is any better than government “by the rich.” We have an excellent mechanism in place right now — democracy! The problem is that we’re too lazy to participate and so we choose the “default option” (re-elect
the incumbents) far too often, or we don’t vote at all (the new mayor of NYC was elected by something like 8% of the voters), or we vote for the person who most strikes our fancy (better looking, great sound bites, etc). None of these lead us to a good government.
People complain (on rare occasion) about how their personal data is being taken and used without their permission, but almost no one (present company excepted) actually does anything about it.
Electing the best people to govern us is the same problem faced by VRM — we have to get enough people interested in the idea (government or VRM) for them to invest their personal effort in participating intelligently. I’m not holding my breath …
Guy
From: Tom Crowl <
">
>
Date: Mon, 20 Jan 2014 08:17:46 -0800
To: Doc Searls <
">
>
Cc: Guy Higgins <
">
>, ProjectVRM list <
">
>,
Andy Oram <
">
>, "Grant, Frank (Perkins Coie)" <
">
>, David Brin <
">
>
Subject: Re: [projectvrm] Wicked problems vs. tame ones
RE: " liberating customers from systems that value holding them captive is the core challenge of VRM"
I agree... and I'm not trying to be political here (at least not in a Left/Right sense) but would add that this is a reflection of the quandary that the individual faces in relationship to large interests (both public and
private) which has existed since the birth of agriculture...
And that its that relationship that must be addressed.
This doesn't mean that wandering into the weeds of political ideology can solve it... but it does mean that stronger mechanisms for customer/citizen/user feedback to both government and private interests may be required to
secure the customer/vendor relationship as well as others.
I don't like to be a broken record... but both the micropayment and the core it requires are essential to the empowerment of the individual vis-a-vis these large sectors.
This conclusion arises out of a recognition that excessive* wealth and power concentration is (unfortunately)... a sort of natural
cancer which we see seems to almost inevitably arise in scaled human societies.
I suggest this is a 'natural' result of the altruism dilemma... which has consequences an ideological altruism may ameliorate but not eliminate.
In fact... while I don't hold my breath... rule by poor people (sortition?) would likely lessen this problem... simply because the poor WANT to be rich... so overall (and evidence supports it)...
they're fine with some making more for others... and reward for innovation and hard work... and would NOT demand a total leveling... or all become bums 'leaching off the state"....
However the rich DON'T want to be poor... and this accelerates the concentration problem which comes with the altruism dilemma... when they're in charge.
Maybe this little 'theory' sounds silly or simplistic... but I think I'm on to something.
Its not about leveling the society... its about leveling the landscape.
|