Friday, September 25, 2009

Decentralizing social media over HTTP and HTTPS

From a recent email I sent a friend:

I've been thinking about Facebook recently: their misuse of personal data, specifically. FB is a pretty fun site. And, for me, at least, it has been very useful. Too bad you end up locked-in to a specific vendor like FB. Not only do you have to trust them, you also have no way of porting your personal data to a site like ning.

A better scheme, I imagine, would involve making social media [personal] data, and indeed its whole ecosystem, more decentralized--more like the rest of the web.

I've been thinking about the requirements for a decentralized, standards driven, web-based social media ecosystem. At the very least, I imagine you need an easy-to-configure access control mechanism that lets you choose which friends can read what. The picture I have in mind is a file specification (maybe a zip file with a standard directory structure) that completely describes the state of a user account, and a (HTTP) container specification for loading and implementing the "intent" of the file specification as well as a network protocol (over HTTP) that implements cross-container messaging for user accounts. The spec would not concern itself with the presentation layer.

Do you know of some such project already underway? (My searches came up naught.) And is this interesting, silly, or old?

Update [15 May 2010]: There is now: Diaspora. I'm trying to find out how I can contribute time instead of money to the cause.

Update [1 Nov. 2009]: My friend sent me this link to a recent paper entitled Privacy, Cost, and Availability Tradeoffs in Decentralized OSNs. Here's an abstract:

Online Social Networks (OSNs) have become enormously popular. However, two aspects of many current OSNs have important implications with regards to privacy: their centralized nature and their acquisition of rights to users’ data. Recent work has proposed decentralized OSNs as more privacy-preserving alternatives to the prevailing OSN model. We present three schemes for decentralized OSNs. In all three, each user stores his own personal data in his own machine, which we term a Virtual Individual Server (VIS). VISs self-organize into peer-to-peer overlay networks, one overlay per social group with which the VIS owner wishes to share information. The schemes differ in where VISs and data reside: (a) on a virtualized utility computing infrastructure in the cloud, (b) on desktop machines augmented with socially-informed data replication, and (c) on desktop machines during normal operation, with failover to a standby virtual machine in the cloud when the primary VIS becomes unavailable. We focus on tradeoffs between these schemes in the areas of privacy, cost, and availability.

I've done a bit more reading and thinking since. First, I think it's a good idea. Second, it's not a particularly clever idea. We already have decentralized login (think OpenID): controlling access to personal data is a no-brainer. A lot of people have been thinking about this problem and have proposed various implementations--see Henry Story's RDF presentation, for example). So this is old, but as Marshall Kirkpatrick points out, perhaps it's an idea whose time has come.

Why then aren't people already developing such a thing? I would venture that it's because
  1. there is little profit motive in such an undertaking, or
  2. the community that could pull this off is all wrapped up in that proprietary, gated, winner-takes-all battle which Facebook dominates, or
  3. the W3C crowd, the folks you'd expect to be most involved in such a project, are too busy shoe-horning RDF to real world problems. Or,
  4. it's just a bad idea.
So what is it? Here's a sketch of what I'm imagining. (A sketch is all I have right now..)

Each individual controls a mini website, which we'll call an indisite. This indisite serves its authenticated owner (logged in, say over an OpenID protcol) a customized view into their social universe. That view (over HTTPS) is something like what you see at Facebook or some other social media site.

Beside providing this individuated presentation layer for its owner, an indisite also serves other [usually] authenticated users (friends of the owner) raw data (without presentation markup) and files. Some files and data may be public (for discovery purposes, for example), in which case, no authentication is required. For example, an indisite's default page might be the owner's profile page.

A key feature of an indisite is that it allows its owner to control access to their data and files. For example, as a user, I might not want to share a particular family album with all my friends. An indisite would allow me an easy, convenient way to assign access rights to only those friends I want to share the pictures with.

Indisites are designed to work with friend indisites (sites operated by the owner's friends). Privileged information is shared across sites over HTTPS. A user adds information to their network by publishing new information to their indisite. Their indisite in turn routes notification to friend indisites (again, over RESTful HTTPS calls). How and when this routing is done requires much thought. Also, there obviously needs to be a way for an indisite to poll friend sites.

Those considerations aside, the information exchange is XML-based. A "wall" posting notification (or meta description) may look something like..

<wall xmlns=.. >
<posting id="">
<type> .. </type>
<date> .. </date>

Other types of information may involve rule-based authentication schemes--for establishing a friend-of-a-friend relationship, for example.

An individual's indisite, then, is both an aggregator and publisher of user information. Information is exchanged and used based on an honorary protocol. It's honorary because friendships themselves are honorary.

Implementation route

I'm thinking an indisite could be packaged as a .war file to be run in a servlet container. But in order to use it, you'd need a trustworthy service provider who'd let you drop in the .war file as well as provide storage space for the data that will be published, aggregated, or cached. The web application also allows the owner to download the entire state of the application as a single compressed file. This feature allows application portability across service providers.

At first glance, it's hard to see how anyone could make a business out of this (becoming a service provider) without charging users. There are few opportunities to sell advertising under such a scheme since a lot of privileged information is encrypted. (And so it should be!) But users (indisite operators) may opt to make a lot of information public (for example, if the scheme implements, or is bundled with blogging) and rent advertising space. So perhaps there is a business angle to providing such services for free.

This would have to be a community-driven project. Some ideas take a very basic reference implementation to take off. I can't see how this is one of those, but I'm hopeful that I'm wrong. I think I'll share and give it a try..

Friday, July 31, 2009

How to power a frisbee

I was wondering the other day how a free standing object like a frisbee, or a rotating space station, can be made to spin (where it counts) at variable rates in an efficient manner. By "variable rates", I mean that the thing can be made to spin fast, then slow, and then fast again, for example. By "an efficient manner", I mean a mechanism that doesn't cause significant mass loss and which therefore conserves the angular momentum of the whole system.

So the idea here is that if there is one component of the thing that's spinning in one direction (the outer hull of the frisbee) then there must be another component spinning in the opposite direction (e.g. an internal flywheel). If you use only one internal flywheel, then the only way to slow the rate the spinning is to slow the internal flywheel's spinning by braking against the outer hull that is spinning in the opposite direction. A better solution (no doubt already discovered by some gyro tinkerer from the 18th century) is to use 2 flywheels: instead of having to change the magnitude of the spinning, you change the orientation of the flywheels. Here's how it works.

The schematic is a side view of the contraption. At the center of the device we have an "engine" from which 3 arms extend. One arm is fixed to the engine and represents the thing that is to be spun (labeled "power train"): the engine will spin along with the thing it's spinning. The other 2 are affixed with identical flywheels at the ends and spin along the axes of their respective arms.

The engine controls the rate of rotation of the "power train" by two means: one, by controlling the rate at which the 2 flywheels spin, and two, by changing the angle between the arms of the flywheels. (The 3 arms always lie in a same plane relative to each other in, as we shall see, the rotating reference frame of the engine).

Using those 2 levers of control, we may employ a variety of strategies to make the "power train" spin. For example, starting at rest (top figure in drawing), we can arrange the arms of the flywheels (initially not spinning) along a straight line perpendicular to the power train (shown horizontally in the figure). The engine could then expend energy to make the two flywheels spin in opposite directions in such a way their net angular momenta cancel each other. So in this configuration as the engine stores rotational energy in the flywheels, the engine and its attached "drive train" remain at rest.

After the flywheels each have absorbed a sufficient amount of kinetic energy, their angular momenta can be transfered to the power train by drawing the arms attached to the flywheels inwards--towards the engine and therefore the axis of the power train arm. The two arms of the flywheels, each subtended at an equal angle from the horizontal, induce a rotation on the engine and the drive shaft (power train) it is affixed to such that angular momentum of the whole system is conserved (see lower figure in drawing). (Given the initial conditions of our example, the angular momentum of the whole system adds up to zero.)

For a frisbee, of course, some of the angular momentum would be dissipated into the environment (the surrounding air) in order to create lift. So in a real application, the angular momentum of the whole system is not conserved. Nevertheless, the same principles can be applied. To get a better appreciation of the dynamics of the system, it would be instructive to look at the system's Lagrangian--which doesn't seem too complicated. That's a task left to the reader or a later article.

So why do I think this is interesting? Mostly because it avoids using gears and such for directing rotational motion: instead, it uses inertial forces. Compared to the teeth of a gear, for example, inertial forces can be more evenly distributed over a larger volume of material. This suggests we could achieve greater acceleration (or deceleration) for spinning the outer of hull of our hypothetical frisbee: the achievable angular acceleration is more likely bounded by the structural limits of the whole system, than by the limits of some small component of it (e.g. a tooth in a gear).

Saturday, July 18, 2009

On health care reform

Over decades health care costs have been rising at unsustainable rates. While the need for change is intuitively obvious, the actual remedies are not. Lacking a proper, more or less unified conceptual foundation upon which to articulate their arguments, the proponents of reform seem to be outsmarted, outmaneuvered by the defenders of the status quo.

The status quo has an economic theory and model to draw on--or defend, as Stephen Colbert once critiqued proposals to better regulate the financial industry: "After all, I have an economic theory to defend." The proponents of change, I believe, lack the language and conceptual tools to counter much of this laissez-faire bunk. Meanwhile, some on the right even argue that there really isn't any problem, that rising health care spending is a natural consequence of greater prosperity.

Take Andrew Briggs of the American Enterprise Institute, for example, who drives the point by comparing health care spending for people vs. pets over the last two decades. He observes the two categories of costs have been growing at roughly the same rate, and that pet health care expenditures are more discretionary than expenditures on humans because a) we value our own lives more than those of our pets, and b) pet care costs are out-of-pocket expenses (little to no insurance for pets). Using this relative priority scale in consumer decision making (should I spend the money on myself, or my pet), Briggs makes an implicit logical leap to conclude that pet health care spending is indeed discretionary, and if consumers are spending ever increasing amounts on their pets, then the onus must be on the consumer to spend less, not on the [pet care] industry to provide more affordable health care. And the reader is left to conclude that indeed the same relationship between the consumer and the general health care industry must also hold.

Such laissez-faire arguments ignore the reality that health care spending is generally non-discretionary. Health checkups, for example, are a necessity, not a choice. In fact, using a similar (fallacious) argument, one could argue that a responsible parent's health care spending on themselves is more discretionary than their health care spendings on their children; so what? that doesn't make the parent's health care spending discretionary. Using the same data Briggs uses, one can plausibly infer the opposite conclusion: neither of the health spending categories (pets or humans) is discretionary.

At any rate, health care costs cannot continue to eat into an ever increasing slice of the GDP pie. The situation is clearly untenable. At some point, the health care slice of the GDP will become so large that our other industries will become globally uncompetitive. At that point (if we haven't already crossed it), we will either be net exporters of health care (hard to imagine), or we will be facing some sort of economic malaise.

From an economic theory perspective, the laissez-faire-do-nothing camp of the health care debate is armed with a well-articulated, widely understood, and widely applicable, market driven economic model. The proponents of health industry reform, by contrast, seem to lack a solid, articulated economic theory or model to base their reforms on. I wonder whether the difficulty in articulating the message for reform stems from a lack of public understanding about how certain industries do not fall neatly into the unregulated, market driven model (e.g. law enforcement, public utilities, roads).

The proponents of change need studies to buttress their arguments, but tellingly, there's a paucity of such research. Simple facts, like the inflation rate for the cost of stitches for ordinary cuts requiring emergency room visits, or the inflation rate for the cost of casting a broken arm, are hard to come by. Concentrating on the cost structure of clear, "simple," everyday services that have remained largely functionally unchanged over the decades might crystallize the message for needed reform. In any event, the message for change is muddled: it is intuitively obvious that we need it, but we lack the popular concepts to express and defend that need.

Where are the studies showing the in inelasticity of demand in the face of rising health care prices? Where are the studies showing the breakdown of the health care market's pricing mechanism? (I imagine this would involve an analysis of how powerless health insurance companies are in controlling costs, except for the cruel and crude ax of denying coverage.) And who would fund such research?

I am a bit befuddled by the health industry's adolescent-like stance in the debate. Surely the big players must realize it is in their long term interest to be proactively involved in shaping policy and reform. Surely they understand that postponing reform will only make future reforms even costlier, that the longer they wait while the national health care crisis simmers, the more onerous will be the regulatory attempts to fix the system. Instead we have a political class beholden to a health care industry that is largely happy with the status quo--a status quo which, under the laws of gravity, cannot stand.

Here's how I'd try to frame the reformist platform.

1. Fund studies into the breakdown of the market mechanism in the health care industry and establish a language and popular nomenclature for this breakdown. Taking exception to pure, free market thought is no small undertaking and requires a solid, yet easy-to-communicate conceptual framework for why the status quo needs fixing. (Take our anti-trust laws as an example.)

2. Establish the idea of a "right" to basic health care, and delineate the boundaries where this "basic health care" ends.

3. Propose offering "basic" health care insurance from the government. (Usage of the expensive GE Omnigotron machine that'll keep you alive for another 2 weeks is not covered.)

4. Phrase the concept of a government run insurance plan as a mutual insurance scheme, where the interests of shareholders and policyholders are aligned. (There's a lot of meat in considering and contrasting the business models of public and mutual insurance companies , I think.)

But the first step on the way to change has to be winning over thinking minds. And hence the need for a new language to crystallize the dialog.