Here is a scary thought. Suppose the Humane Society one day came along and reclaimed your favorite adopted pet under some obscure law allowing it to do so. Then in some lab, the Society biologically de-engineers your pet into its primitive, slathering, ancestral form from epochs ago. If you had a kitty, it would be genetically devolved into a sabre-toothed tiger. If you once had a doggie, it gets de-engineered into a small bear, for example. Your pets are still your pets underneath, it's just that they've taken on a new, primitive form.
Then one day, the Society sends you a letter charging you with an ultimatum that they will destroy your pet unless you enter into an agreement with them to buy it back and pay monthly security fees to prevent it from eating you for dinner.
What would your rights be to protect something that was given to you for free, to which you invested years of loving care and development, which was reposessed by the "charitable agency", turned into a monster and held hostage for cash? Wouldn't you feel devastated, not only because you were being exploited and being lied-to, but because a thing you raised and came to love was now being held hostage by a corrupt organization?
OK, so this is just an analogy. The Humane Society will never swap it's identity for a Genetic Regression Kidnapping and Hostage-taking organization. It would be a disaster to humanity and civilized pets everywhere.
But a parallel type of situation isn't so improbable with large cloud providers in the software business today.
Consider this: There has been a Big Trend in the past few years to cloudify desktop applications. In other words, everything you once installed and ran from your desktop will eventually be runnable from inside your web browser using open-source and closed-source technologies. This has been perhaps the most important evolutionary change to the software industry in the past 10 years.
Call it "Web 2.0" or "The Cloud" as you like, but it's one of those mega-changes that comes around every 10 or 20 years that forces everyone to change the way they do things. Back in the 90s, the Big Trend was networking, the emergence Internet and e-mail. The Big Trend in the 90s forced every company to move their paper-based accounting, billing, filing, tracking and service systems from PAPER to SOFTWARE. Thousands of programmers and engineers were employed as a result of this shift. Just about every business moved from 3-part NCR forms to desktop applications which did the same thing. University textbooks taught aspiring programmers software development and process methodologies to transform paper systems into software systems.
Now we have a similar transformation taking place. Business systems are moving from the desktop to the cloud. Newly-invented systems already are developed as cloud applications. Companies like Google are the proverbial Humane Societies that provide free business applications for home use that were once pay-for items made by Microsoft. Google even has a hardware platform to support Cloud-only apps called Chromebooks.
Microsoft, following suit also has moved substantial resources into Cloud development. Although their bread and butter is old-fashioned installable operating systems, their Office products are starting to move Cloudwards, with Office365, and their platforms are integrating with Cloud-served builtin applications. Amazon too, is heavily invested in this area when it comes to retail. Their web services are their bread and butter, the web IS their storefront. There are many more companies that are re-orienting away from installable software to cloud-based software and services. It's a slow-moving revolution.
But what position does this place Consumers in? Well, for one. You don't possess the software. It's not yours. Even if you die, your relatives can't go onto your computer to retrieve your stored music or documents. Because it's the Cloud, it means data is stored at the company who provides the service. And possession is 9/10ths of the law, so whoever HAS the data OWNS the data.
Secondly, nothing is preventing cloud providers from evolving (or more specifically devolving) cloud applications (your proverbial pet cats and dogs) back into installable applications that only run on their proprietary client software platforms.
We are already seeing some of this with the de-cloudification of some Google applications like Gmail, maps, and search. In the offing are Android-only applications, and the closing-off (in some cases a forcible steering-away to consumers) of smartphone based access to the web applications through the browser.
Right now, these apps may be offered OPTIONALLY to people, but who is to say that one day Google will not shut down the web-based variants and require people to install their branded software to access them?
It's possible you as a consumer can have your data so overly-invested in a cloud location, that the corporations controlling the means of delivering that data can change the delivery method to exclude general web access to it at some point. This is the creation of "Walled Gardens" in which you can only use a company's client software to access your personal data. Using our analogy, this is akin to selling you security services after they devolve your pet into a slathering, primitive monster.
Sure, RIGHT NOW it makes things more convenient for the big cloud providers to not have to maintain 200 separate software applications that don't inter-operate written in 10 different languages, or distribute millions of security patches to these apps, or stamp millions of CDs to be distributed to retail outlets.
But the installable apps they are promoting nowadays are not self-contained. They rely on the same cloud infrastructure to access data, only they are closed-source, and commit you to a certain hardware and operating system platform in order to use them. These platforms often have fees associated with them. This is particularly true with phones, IPhones, Win phones and Android phones.
This style of proprietary app devolution is leaking upwards from cell phones to tablets, to netbooks to desktop. Will we soon be faced with no choice but to install a program to access Gmail or Office365 or AmazonFresh?
This is an interesting question. And since this post is getting long, I will punt a simple idea: The creation of a consumer-protective ratings organization. This organization could continuously evaluate the Cloud-openness and accessibility of some of these online products and give a level-based rating of some kind to each product every few weeks, based on criteria applied to all similar products. A product's history could be used to indicate risk to the consumer.
The higher the rating and level, the more desirable the cloud service and applications would be to the consumer, as ratings would be geared toward metrics on product and company attributes that indicate openness and stability.
For example, if Gimmesoft corporation decides to offer a free office suite online that works in all web browsers on 3 types of desktops, 3 types of phones and the telephone, and no special browser plugins are used, and no signs the company is developing replacement applets, it gets a rating as a level 6 provider.
However, if, 8 months later it kills off it's webmail application and introduces in-house written software applications that only work on Greedcorp's software products, it's level gets reduced and published.
With the kind of control web applications give corporations, something is due to the public: an independent, international consumer protection committee and monitoring agency.
There is no reason it would be unfair to corporations who really want to advance humankind by providing free and open software products.
Yet, the point would be to protect consumers from being swindled out of their personal data, papers and effects.
Thursday, May 16, 2013
SSH port forwarding ala crosh
On a Google Chromebook you can access a UNIX-like terminal window by typing CTRL-T from the Chrome browser. This feature makes a Chromebook much more viable to use for technical people.
Without it, you'd have to setup your own HTTP/SSL Tunneling/Comet server at home to even come close to embedding a terminal in a web browser (a complicated setup project I have done before). So hat's off to whoever had the wherewithal to put that feature in.
The terminal's bound shell - called "crosh" - is however limited in the Chromebook's user mode for security purposes, so you won't be able to do your typical UNIX-y stuff on your Chromebook directly; but a copy of SSH has been provided to securely connect to a real UNIX-like machine over the internet.
One trick you can do is to use port-forwarding with this shell, enabling you to plug into a system like a protected web server deep behind a firewall, and have it deliver pages to your Chromebook as if the webserver were running on the Chromebook itself.
So given the following steps, you should be able to do this:
1. You are at some location outside the network protecting the webserver you want to acccess.
2. You are in the crosh shell on a Chromebook.
3. You can publicly access an SSH host computer connected to the firewalled network.
4. The SSH host has SSH access to the internal webserver sitting behind the firewall. The webserver is serving-up pages on that machine's local port 3000
In crosh, just run:
crosh> ssh
ssh> user (your username)
ssh> host (IP address or name of publicly-accessible SSH server)
ssh> forward 8000:(internal webserver IP address):3000
ssh> connect
(enter credentials)
Done! Leave everything alone.
Open a Chrome browser tab, and point it to:
http://localhost:8000
Bang! Your internal, firewall protected website is being served up to your local chromebook as if it were running on the chromebook itself.
It's a freaking miracle.
Without it, you'd have to setup your own HTTP/SSL Tunneling/Comet server at home to even come close to embedding a terminal in a web browser (a complicated setup project I have done before). So hat's off to whoever had the wherewithal to put that feature in.
The terminal's bound shell - called "crosh" - is however limited in the Chromebook's user mode for security purposes, so you won't be able to do your typical UNIX-y stuff on your Chromebook directly; but a copy of SSH has been provided to securely connect to a real UNIX-like machine over the internet.
One trick you can do is to use port-forwarding with this shell, enabling you to plug into a system like a protected web server deep behind a firewall, and have it deliver pages to your Chromebook as if the webserver were running on the Chromebook itself.
So given the following steps, you should be able to do this:
1. You are at some location outside the network protecting the webserver you want to acccess.
2. You are in the crosh shell on a Chromebook.
3. You can publicly access an SSH host computer connected to the firewalled network.
4. The SSH host has SSH access to the internal webserver sitting behind the firewall. The webserver is serving-up pages on that machine's local port 3000
In crosh, just run:
crosh> ssh
ssh> user (your username)
ssh> host (IP address or name of publicly-accessible SSH server)
ssh> forward 8000:(internal webserver IP address):3000
ssh> connect
(enter credentials)
Done! Leave everything alone.
Open a Chrome browser tab, and point it to:
http://localhost:8000
Bang! Your internal, firewall protected website is being served up to your local chromebook as if it were running on the chromebook itself.
It's a freaking miracle.
Subscribe to:
Posts (Atom)