Andy Oram, a veteran tech writer and an editor at O’Reilly Media, comes to the Berkman Center to help us make the cloud better. His talk, “What would make cloud computing truly free and open?”, wrestles with the benefits and challenges of the new paradigm of cloud computing. He points out that it’s really hard to define the cloud, because it’s a term that’s come to represent software as a service, platforms as a service, infrastructure as a service and data as a service. He offers a compact, somewhat legalistic definition: “A service in which one person uses a computer owned by another in some formal, contractual manner.”
Business leaders love the cloud, because it promises to reduce their IT costs. Gartner predicts that by 2012, 20% of organizations will own no IT assets. And techies at large infrastructure companies have a vested interest in selling the solution. But there are some big problems with the cloud paradigm. Andy lists a few:
- Providers can go out of business
- Customers can get kicked off for arbitrary reasons, as Wikileaks was from Amazon
- Provider can remove features you need or add bugs
- Provider could lose your data
- Provider might surrender your data to the government or an adversary
- Cloud services may be attractive targets for hackers
The Free Software community reacted angrily to the rise of cloud rhetoric, beginning with responses that basically were variants on “Just say no to the cloud.” But it’s not realistic to simply ignore this, Andy says. We need to find a way to make the cloud more open. But the “bearded Hebrew prophets of free software” have a point: you want freedom to change systems, and use them the way you want to as you move your applications onto cloud services.
There are a few existing responses to the problems of the cloud proposed and implemented by free software advocates. We could use GNU Affero licenses, which force release of changes made to open code. While this is a good direction, it doesn’t change the core architectural issues and imbalances in power. We can demand open data, the ability to remove our data from a system at any time. Andy argues that we can, and should, but worries that the calls for open data usually come too late, at the moment a vital service has gone down. We can push for open cloud standards, the ability to build tools that work on multiple platforms. That’s the idea embraced by projects like Open Social, with limited success so far. And we can try to build peer to peer social networks, as Diaspora (which Andy notes has received funding from Facebook’s founder) is trying to do as an alternative to Facebook. The problem there is that we need centralization sometimes, even if only to do things like listen to a broader conversation and conduct sentiment analysis.
Andy suggests that the solution lies in moving beyond the “black box” model of cloud computing and opening up the box. He suggests we build an architecture that’s built on servers where application software is separated from a “harness” of OS, DNS, firewall and anti-virus software. The goal is to isolate the fast-changing applications from a harness that rarely changes, which creates a stable environment for development and deployment. Applications running on top of this harness could be cloned, modified, and run in different versions – if you liked an earlier, “obsolete” version of an application, you could continue to run it. Ideally, both the harness and applications would be open source, because Andy argues it will be easier to ensure the standards remain compatible and the interface between harness and application remains free of cruft.
This application and harness service would be independent from the data. You could – and should – have multiple repositories for your data, and you’re able to submit your data to applications via a machine and human-readable interface like XML or JSON. Vendors could compete for your business either to run applications or to host data.
Why would vendors do this? Don’t they want to make money on their proprietary investments? Sure, but they rely heavily on open software, and they know and respect the community behind those tools, and understand some of the benefits of using open software. They’ve got little to fear from opening their code, Andy argues – they can sell on stability, first-mover, network effects advantage
solve some of the confidence problems about the cloud. In discussions after his presentation, Andy points out that Status.net has already done this with the code behind identi.ca and hopes we’ll see more firms follow in their footsteps.
To develop the idea further, Andy invites anyone interested to participate in the larger discussion – you can read the five articles he’s written on the topic, and contact him via Twitter or Identi.ca to discuss and participate in developing the idea.
You can watch a video of Andy’s talk here.