Thursday, July 31, 2025

History of the Asian Internet

 If you're a history buff, a collection of writings on the history of the Internet in Asia:

https://sites.google.com/site/internethistoryasia/home?authuser=0

Posted by at No comments:

Monday, July 28, 2025

Bollocks

 Professor Peter Gutmann, of the University of Auckland, a well-known computer security researcher, has made something of a name for himself as a quantum skeptic, at least with respect to quantum cryptanalysis and post-quantum cryptography (PQC).  His argument is roughly two-pronged:

  1. Quantum computers aren't making progress on factoring at all; and
  2. even if they did, computer security people and cryptographers have much larger problems to worry about.
I agree with him pretty strongly on point #2.  I've said various times that the mathematical vulnerability of Diffie-Hellman key exchange or RSA authentication is not very high on the list of corporate CSOs.  On point #1, I'd say he's technically right about the current state, but rather dramatically wrong about concluding that he can project onward for the next couple of decades and declare the world safe from quantum computers.

Sometime in the last year or two, Peter gave a talk somewhere titled, "Why Quantum Cryptanalysis is Bollocks". The slides themselves have no date or talk venue, but evidence from within them suggests mid-to-late 2024. Some blog postings also assert that date, as does a very recent article in The Register, which is how Peter and this talk came to my attention.  The slides make the talk look like a lot of fun, so I wish I could hear it in person or even via recording.  So let's take a look at the logic in the talk, then I'll tell you why I think he is misunderestimating the quantum folks:

  1. Germany had a massive weapon systems boondoggle during WWII.
  2. OWASP lists a lot (tens of thousands!) of threats to the security of computer systems, and the highest-ranked attack on the mathematics of encryption was #17,245 (not a typo).  Roughly, the argument is:
    1. Success with mathematical attacks are high-effort and low success probability;
    2. even if you succeed, you recover a few bits of the contents of one message; and
    3. of the top ten high-priority problems, when you succeed you win big -- you get "the plaintext of all of the messages."
    4. (And holy cow, not directly in Peter's talk, but there are always examples of how human stupidity is the number one threat!)
  3. NSA can already factor 1,024-bit RSA keys, if they're willing to commit leading-edge supercomputer time in allocation chunks of a year at a time.
  4. Quantum computer-based factoring has grown from 4 bits to 5 bits over the last 20+ years.
  5. Quantum computers are physics experiments, not computers.
  6. (Brings up poorly-regarded D-Wave factoring.)
  7. PQC is very hard to implement well, and costs a lot in engineering time and network/execution time.
  8. (Various disparaging of academics and standards organizations as becoming self-justifying.)
  9. "Quantum cryptanalysis is the string theory of security" and my dog can factor just as well.
Let's see...let me respond one by one:
  1. Yes, and while cautionary tales are good, cautionary tales are not the same thing as prediction or even valid analogy.
  2. Okay, but I think the implied message here is off: if you can crack one Diffie-Hellman key exchange, you gain the ability to read everything in that conversation (n.b.: it's harder than just factoring or discrete log, there are other mechanisms involved), but the bigger catch would be the RSA private key of an important individual, which would allow you to impersonate them across a range of systems; certainly there are organizations that would pay a lot of money for that.  Of course, I'd argue that it's pretty easy for truly high-value targets connecting to high-value systems are likely secured via shared private key, so hacking RSA is lower value. Peter is definitely more knowledgeable than I am in this area.
  3. Okay, but is that relevant to the anti-quantum argument? Is the argument just that people won't really commit big resources to factoring? I'd like to hear the oral argument that accompanies this point.
  4. This is the big one: he's saying progress in development of quantum computers is so poor that we can effectively discount them as any sort of threat. Ooh...okay. It's a fair point that reported successes in the literature on the task of cryptanalysis are advancing at a glacial pace.  (We have worked on this topic.) But projecting from past progress to future progress is dangerous in this field. We have known since the beginning of this field that error correction would be necessary.  Until we hit the threshold that allows quantum error correction to be executed effectively, progress on hardware did not translate into equivalent algorithmic successes.
    Well, guess what? The relentless improvement in hardware means we have passed that basic threshold on at least two very different hardware platforms in the last two years.  At least two other companies have released roadmaps that take us to large-scale, fault-tolerant systems within five years. At that level, that means they think they know how to solve all of the problems standing in their way.  Even if they are off by a factor of two, that still means we're there within a decade, I'd bet sooner.
    So my opinion is that pooh-poohing the likelihood of the advent of cryptographically relevant quantum computers (CRQCs) seems unwise.  I think it's bordering on irresponsible to assume the technology won't happen; the argument instead needs to be about how much to prioritize countermeasures.
  5. In today's environment, strongly agreed.  Dave Farber said to me several years ago (perhaps as far back as 2019, though I think it was a little more recently than that), when I showed him some Qiskit code, "This isn't an application, it's an experiment."  I think we as a community need to think very hard about how to deliver hardware, runtime systems and tools, and applications to customers.
  6. (Pass.)
  7. Cost of PQC is high -- oh, yes, definitely.  I attend IETF meetings and listen to people moan about how hard it is.  I'm not an expert here, though.
  8. (Pass.)
  9. Funny!  (I need a dog.  I love dogs.  But I'm allergic to dogs, work too much and travel too much, and I think dogs in Japan don't have good lives, but all that's for a different posting, some other day...)
Verdict: pundits, and occasionally quantum people, oversell how soon and how big the impact will be -- I'd agree with that.  But the machines are coming.  Make no mistake about that.  So, it's up to you, as a business person, engineer, researcher, bureaucrat, CSO.  How will you respond?

(Also, if you care about broader skepticism of quantum computing, you may want to go look at a blog posting I wrote about four years ago. Geez, time flies.)

Posted by at No comments:

Tuesday, July 22, 2025

Spelunking CACM, Vol. 24 (1981): Hierarchical Storage Management, OS Support for Databases


Alan Jay Smith was a consultant for a company I worked for in the late 1990s. Very smart guy, already seemed "old" to me then, but he was quite a bit younger then than I am now.  Geez.  He worked on processor architecture, but his most influential work has been on storage systems, and here in 1981 he was already deep into what became known around this time as hierarchical storage management (HSM) systems.  Even well before this article, though, mainframe computers used a combination of hard disk and tape to hold user files (as in the figure above, taken from this article) that were considered active; if your file had suffered the unfortunate fate of being evicted from disk, when you asked for the file, it had to be fetched from tape -- a task that could take a couple of minutes up to an hour, depending on whether tapes had to be fetched and mounted by a human.  Alan worked on understanding inter-reference patterns, hopefully reducing the incidence of that unfortunate fate.  He found that not only was it a long-tailed distribution, with many files never accessed beyond two days after their creation, but among those whose active lifetimes were long, some showed periodic use that could be predicted and taken advantage of.  Modern server and storage farms operate at a scale and level of parallelism inconceivable in the 1970s and early 1980s, but I wonder how many of the designers of today's systems are familiar with the foundational work done by people like Alan Back in the Day.

Preparata and Vuillemin described CCC, Cube-Connected Cycles, as a compromise on the physical infeasibility of a large-scale hypercube interconnect.  They limit the overall structure two an ordinary three-dimensional cube, with each vertex replaced by a ring of nodes sufficient to make up the extra dimensions; i.e., if what you want is a 5-cube, the overall structure gives you 3 dimensions and each ring emulates 2 dimensions, so each vertex is replaced with a 4-node ring, as in the figure below.  Later analysis by Dally would propose k-ary n-cubes with small n instead of this somewhat more irregular structure.



Lamport proposed a password authentication system in which the terminal actively participates; the user identifies themselves to the computer, the computer issues a challenge (from a predetermined challenge sequence), the terminal calculates the challenge using the user-supplied password. With this scheme, the computer (or server, in a modern client-server system) never holds the password or enough information to allow an eavesdropper to create and crack the next iteration of the challenge.  Of course, this requires that the terminal (client) itself be secure. I'm not enough of a cryptographer to know how influential this particular paper is, but it's worth noting that it comes five years after Diffie-Hellman (one of only two references in this "Technical Note" short paper).

David Patterson implemented a high-level language, called STRUM, for microcoding a Burroughs D-machine. I have done very close to zero microcode myself (one student project during my master's degree, and reading some VAX microcode around the same time), though I suppose things like SCSI processors and network packet processors are about halfway in between ordinary instruction sets and microcode. Microcode programmers are Titans of the old gods; it's a very early idea, attributed to Maurice Wilkes himself. I don't think Patterson's approach ever really took off; as far as I am aware, writing microcode still involves very low-level management of latches and data routing and the like, not really amenable to high-level languages, in my opinion. Interesting project, though.  (Interesting side note: this article took over two years from initial submission to acceptance.)

One article I read as a grad student is Stonebraker's Operating System Support for Database Management. Today, it reads like a fairly basic, almost plodding analysis, but it was groundbreaking at the time, and in my own field this kind of clear-eyed analysis of how good a job quantum hardware and software do for particular tasks should become standard practice.

Overall, I have to say, not CACM's most exciting year.

Posted by at No comments:

Monday, July 07, 2025

I Believe in Web3...Just Not That Web3

(Note: This was originally written in summer and fall 2022, and for various reasons I decided not to publish it then, despite the obviously enormous amount of work I put into it. One reason was that I wasn't completely satisfied with it, so I still consider it to be a work in progress. Given the enormous volumes of writing out there dedicated to the broad topic of web3, it would also be rather bold of me to think that I have much new to offer. This is, instead, a way to organize my thoughts, which I am willing to share with you. If you are kind, I will be happy to carry on a dialog that might improve my understanding, as best my time permits.) 

I believe in the re-decentralization of the web. I want creators to be paid and I believe in the idea of micro-payments, and it would be nice if that meant something other than advertising. I love Larry Lessig's idea of managing the incentives that web2 companies have to create addictive, outrage-driven products. Although the Russian aggression in Ukraine brings the whole liberal project into question, I still think increased flow of goods, people, knowledge and principles across borders leads us toward a better world. And Joi Ito's description of web3 as being about community brings it into focus, gives it a direction.

What I don't believe in is most of the technologies being touted as transformative and necessary to web3.

What I don't believe in is blockchain as a currency, a store of value, or a speculative investment. I do believe it potentially has value as a public record of certain communications. It is also a brilliant technical innovation, still searching for the right way to be applied.

I very definitely don't believe in NFTs. I can't see what value they add at all.

And the metaverse...ah, the metaverse.

Backing up for just a second, blockchain, NFTs, and virtual reality/metaverse are the rather disparate technologies that are getting welded together and touted as the cure for everything that ails today's World Wide Web (and there is a lot that ails the web). Collectively called web3, the purported win is that they enable DeFi (decentralized finance, in contrast to CeFi or the "fiat economy", which is never used as a compliment), DAOs (distributed autonomous organizations), and more.

Supposedly.

And supposedly, in at least some tellings, not only do these technologies solve what ails the web, they solve some fraction of all the world's problems.

Which means, I suppose, we need to begin with a quick look at what some of those problems are and how we got here before we look more closely at the technologies on offer. 

The Vision

Among quite a number of things I read, the longest and most coherent was Joi Ito's book in Japanese, 「テクノロジーが予測する未来」(tekunorojii ga yosoku suru mirai, or The Future that Technology Predicts, more or less), which I read most of. It partly inspired this posting, so I will be referring to it quite a bit, but I don't want this to be just an analysis of Joi's arguments. The book is very focused on the notion of community and the ability to quickly create and scale up new communities. Joi is well known for being quick to "try on" new ideas, always looking for something to remake the world, so his thoughts are interesting even if not always as grounded in technological or human feasibility as we might wish.

Joi describes web1.0 as read, web 2.0 as write, and web3 as join (or maybe "participate"). This takes us from 1.0's monolithic web servers whose installation and maintenance and publication required significant technical expertise and capital, through blogs (and the early days of online shopping), to 2.0's Facebook-dominated world of SNSes where anyone can write or share photos far more easily and a handful of hypergiant e-commerce corporations control what we search for, buy, read and use. Today, the buzzword web3 is supposed to help us build large-scale, global, autonomous communities, with as little regard for existing prejudices, practices, rules and laws as we can get away with.

Joi describes project-based organizations that come and go like movie productions. Given the chaos, stress, grift and uneven distribution of rewards in moviemaking, I'm not so sure that's an attractive description. It also sounds like a macro-scale gig economy, where many people have to hustle for every dollar, and I am certain that is not the right model for everyone (though it may be for some).

The word efficiency comes up repeatedly. To Joi, this seems to be the heart of what these new technologies bring, and it is a seductive Siren. After all, the worldwide web itself is "only" a more efficient way of publishing and sharing information. If a new efficiency really takes hold, it can transform the world. 

Ownership of not only the things you create but the things you buy is frustratingly difficult to even understand, let alone manage, today. Amazon can delete things from your Kindle, and prevents you from selling them on to others. HP can remotely disable the printer you bought and paid for, if your credit card that must be filed with them expires. John Deere has...a complicated relationship with the right to repair something you own. (Okay, now we're getting a little far from web3.) John Deere also lays claim to the data that their Internet-connected farm equipment collects. One of the principles of web3 is to return ownership of data to those who generate it.

The Internet is sometimes touted for its "permissionless innovation" (which, of course, is how we got the web itself -- no one had to give Tim permission to deploy the first web server). I would called DAOs "deferred legality". Spin up a quick bulletin board or server or Github project for the community to meet, invite others in, establish a handful of rules on how decisions are made (By humans? By an algorithmic "smart contract"? How do you allocate weight in voting?), how work is distributed and how people are paid (in tokens, presumably, whose utility for buying real-world groceries may vary), and you're in business -- maybe literally selling something, maybe just collectively creating something fun.

Joi has a chapter on how web3 will advance education. His first two points are about the gamification of education, and proof of credentialing. I'm all in favor of learning being fun, and if setting it up as a quest makes it easier for today's kids to follow and finish a plan, that's fine. For credentialing, inflated resumes or outright forged diplomas are a real-world problem, so I think it makes sense to have some sort of digital certificate with cryptographic non-tampering authentication that can easily be checked by prospective employers, ideally single-click from a submitted resume.

web3 is touted as a way to disintermediate a lot of creative businesses and see that creators get paid more directly for their work. Some people even talk about it as a means of improving digital identity, reducing forgery and impersonation and outright theft of digital identities. It is even described as supporting better democracy.

I'm really not sure I've done the vision justice, but at best it's amorphous and so far this is the best that I can do.

The Technology

Is there really a need for me to describe the tech here? Let me toss in a short description anyway.
Blockchain is a distributed ledger, with recorded entries that are proposed by an individual node (is "client" the right word here?), then committed using a large-scale distributed computation, involving many nodes (see below on "Getting Squeezed"). After being committed globally, a record can be more quickly confirmed using a local computation. To paraphrase one of my students, it's a single, world-writable, world-readable database. Anyone can record essentially anything on the blockchain; as it happens, the first proposed use was as an ersatz form of currency that people are expected to exchange for real-world goods.
NFTs are...well, what are they??? An NFT is just a token on a blockchain that represents...represents...that you, um, bought something digital, like an artwork, from someone, who may or may not have retained the copyright and may or may not make more of them and in any case even if you are the one and only legal owner of the digital artwork you can't stop someone else from copying it so if you want to really enforce your legal rights to it, go ahead but I don't think anyone has actually tested this legally yet.  (Whew. Ugh. I know. This really belongs below in the discussion of what's wrong with the technology, or maybe just below here in the section on legal matters, but I can't find any positive way to describe what an NFT is. Want a better explanation? Google it up yourself. There are a zillion people out there eager to explain to you why you should spend money on NFTs, but far fewer who can really tell you what one is and what you are actually buying.)
All right, I give up on the technical explanation unless you want me to talk about hashing rates and cryptographic security and the like. If you find anyone who can give you the Heilmeier catechism on either blockchain or NFT, let me know.

The Legal Matters

We actually just covered some of the legal issues of NFTs, sort of, so let's look at DAOs in the real world.

Joi touts the innovative, token-based governance of DAOs, but it's really not clear how contract disputes, labor disputes, legal liability, taxation, and adherence to international norms should be enforced. Environmental and workplace regulations (not to mention rent, equipment and insurance of all forms) are pushed to the individual participants. Given that the vast majority of DAOs will remain too small to bother with, it can be argued that the deferral of resolving legal status is the right approach, but it's worth noting that this even includes the matter of legal jurisdiction.

Of course, I am not the first to think of any of this. In fact, Wyoming already has a law on the books on how to incorporate an LLC for a DAO. Tennessee also has such a law, signed into law in April 2022, and aims to be the "Delaware of DAOs". Services to help you set up a Wyoming DAO abound, and they encourage you to put in as much real money and to clarify these issues as completely as you can. Of course, the more completely you specify these things up front, the more it looks like a conventional small company with employee ownership, but there do seem to be differences. Consider, for example, a smart contract used to make decisions with impact outside the immediate group, such as buying or selling something. What if the transaction happens to be illegal in one or more jurisdictions? Who can be held liable, and how can the DAO be modified to make sure it doesn't happen again?

The Fit: Does the Tech Do the Job for Web3?

In a word, no.

Transactions

In meatspace, transactions differ in complexity and longevity. Buying a house requires much more paperwork than buying a donut. Not only is there more at stake financially, the world at large cares much more and for much longer (centuries, even) that I bought a house. It is natural that real estate transaction processes are more complex, and very little of that complexity has to do with the difficulty of physically or electronically signing, attesting and publishing documents or even moving the bits that represent large bank balances.
In the middle of the complexity and longevity scale are our everyday purchases. Lattes, gas, train and movie tickets, lunch. Many of us, worldwide, make several purchases a day, and a system that aims to handle all of this therefore needs to handle, oh, say, a hundred billion transactions a day.
At the far end of the spectrum is the ephemeral, ubiquitous, continuous cascade that is billions of people surfing the web. To build a micropayment system that pays content providers as you surf their contributions, we need to target something that scales to literally around a trillion transactions a day
How do we do this today? Well, via true distribution of the work involved. The vast majority of transactions worldwide are small, two-party transactions that don't need a true, worldwide, globally readable record. Maybe the coffee shop needs to summarize its sales at the end of the day, and the money in your possession needs to be transferred to them at a mutually agreed-upon exchange rate of coffee to currency. (In fact, that's part of what currency actually is: a medium of exchange, a store of value, and a unit of accounting.  It's such a common trope that there are Cliff Notes for it.) That money "in your possession" can be anonymous cash in your pocket, e-money stored in a card such as a Japanese Suica, in your bank account and accessed through a network such as Visa, or credit offered to you by a company such as Visa. It does need to prevent you somehow from double-spending your money, which is more of a challenge when it is held as bits than as some sort of physical token such as a bill or coin.
Bitcoin runs at around ten million transactions a month. By design. Its performance is some seven decimal orders of magnitude lower than what we need. If we ran Bitcoin for the age of the Earth, we could cover about one day's worth of web browsing. And that's just the computation for the payments. Imagine how much storage is needed!
And Bitcoin is, by design, global. That transaction rate wouldn't be a problem if it represented only a single coffee shop -- nobody sells ten million cups of coffee a month. So systems that are working to improve scalability of Bitcoin or other blockchains are really trying to solve a problem that Bitcoin introduced. The approaches that I have seen, including ideas such as "lightning networks", seem to regain an order of magnitude or at most two. This still leaves us with a system a billion times slower than what we need. The only way to get there is to create true distributed systems. Maybe not so unlike the one we already have, despite all its flaws...

Education

I don't see much overlap between web3 goals and education.

Radical transparency, as in David Brin's The Transparent Society, is an interesting notion, staking out one extreme of the design space. But I don't believe that students should have their every move out there for everyone in the world to see. Students need room to make mistakes, to find themselves, learn and change and grow without worrying what a potential employer will think. Yes, I know they are oversharing on SNSes 24x7 and have a different view of the whole process than my generation does, but that doesn't mean every homework set, poorly thought out essay, dispute with a professor and bad grade needs to be recorded on a ledger for all the world for all posterity. FWIW, seeing their github activity seems like a positive thing when looking for skills and accomplishments, but even that needs to be put in the context of the whole human and their experience.
Joi goes on to talk about completely revamping education, especially in Japan, around self-driven, purpose-based learning and what amounts to micro-credentialing. I'm in favor of empowering learners, and there is a chance to rethink how we structure learning, but I don't see how this connects to web3 at all. (Moreover, micro-credentialing takes away from the curriculum structure, and I believe in the value of a structured body or knowledge both for engineers and as citizens. Much more on this topic some other time.)

DAOs and Human Organizations

If you needed any persuasion that blockchain doesn't really help the already disadvantaged, this might do it: although cryptocurrencies are touted as being a way to share wealth and empower impoverished people, today the distribution of wealth is more uneven in cryptocurrencies than in real-world, fiat currencies and stores of value such as real estate. 

Instability, Scams and Ponzi Schemes, Burning up the Earth, and Other Such Minor Issues

Surely there is nothing more to be said by this point; a lot of people have pointed out problems with both blockchain and NFTs. Most importantly (in line with #1 in the list in the next section), I think it is absolutely unconscionable the amount of energy expended every day for such a small number of transactions. Proponents have talked for years about shifting from proof of work to proof of stake, but a) it doesn't seem to be happening, and b) proof of stake appears to exacerbate some governance and consensus problems.

Arvind Narayanan had a nice thread on blockchain, quoting a blog posting by Bruce Schneier. Bruce and the others he links to cover the core arguments pretty well, so I am not going to reiterate them all here. Bruce is one of the signers of the letter to Congress urging regulation of crypto finance. Quoting just a couple of Arvind's tweets,

[B]lockchain has so far proven useless. Worse, it's proven a costly distraction to people and communities who are trying to solve real problems...I can't tell you how many times I've talked to energetic students with great ideas about what's wrong with our institutions who, in a sane world, would be working on fixing our institutions but instead have been seduced by the idea that you can replace them with smart contracts.

Let me address just a few of the issues that I think haven't gotten as much attention as they deserve, at least in the set of things I have been reading.

Getting Squeezed

Miners join a network voluntarily, with the idea that they provide a service that others will pay for. The single biggest problem in this libertarian paradise, from what I can tell, is that very aspect. With only a handful of miners worldwide, miners could make a comfortable living and the environmental impact would be low. But as long as there is profit to be made, new miners will join, driving up the collective mining rate and increasing competition, such that the probability of an individual miner receiving the payout for successful mining goes down. Thinner margins will mean that only those who can efficiently run large-scale operations can afford to stay in business. As a result, there is a massive explosion in worldwide mining capability that today damages the environment and distorts the market for semiconductors, but that can't hold indefinitely. I figure that ultimately there will be a crash or consolidation of miners such that we end up with the Walmart of miners, with everyone else driven out of business. (We may be seeing this already.) Or, perhaps the better analogy is Subway franchisees.

Instability

"Pump and dump" and other scams abound, but an even bigger issue, if possible, is whether the system itself actually works and can be trusted to always work when we need it. As I write this in summer 2022, the last several months has seen a lot of instability in the cryptocurrency markets, even in the so-called "stable coins" that are supposed to be pegged to a currency such as the dollar, but in reality are still vulnerable to the fundamental issues of liquidity (one of the key concerns expressed by Paul Blustein) and whether or not someone actual wants to buy what you are holding at a time when you have little choice but to sell.

Lately I have been seeing ads for automated crypto trading accounts. Even in the highly regulated world of stock trading, algorithmic trading is potentially the most destabilizing technology introduced since the stock ticker itself. Lots of agencies oversee the large operators, and economists in every major bank, government and trading house must be scrutinizing the situation and looking for positive feedback loops that can cause markets to gyrate out of control. They have also instituted "circuit breakers" in case major problems develop. The financial crisis of 2008 may have shown that small investors can and will still lose their entire investment, but the existence of the big houses and the regulators reduces the number of scams and provides some (emphasis on "some") recourse when troubles occur. The cryptocurrency market has none of this.

Scrip and Taxes

A question: are DAO tokens just company scrip? I don't think so, but there are enough similarities to be disquieting. In the early 20th century U.S., with human mobility rising rapidly but not yet easy and the megalopolises not yet a majority of the population, many remote, small towns were essentially one-industry, even one-employer, towns. Employers often paid employees in scrip instead of U.S. dollars. Scrip could buy goods, at inflated prices, at the company store, or be exchanged for dollars at disadvantageous rates.

DAO tokens feel a little like scrip, a little like getting paid in stock. Tokens can be exchanged for goods, but only within a limited community. Because you aren't physically limited, you can shop anywhere that will take your tokens/scrip, but to participate in the broader economy you have to find someone who will change your tokens for money that works in your local economy.

Of course I understand that there are different kinds of tokens (some say as many as six), some of which are closer to currency and some of which are closer to voting stock. But if part of the design is to maximize liquidity and the velocity of the economy, won't even the stock-like tokens be traded rapidly and likely wind up concentrated in a few hands? I'm pretty unclear on how the dynamics of all of this is supposed to work out, how it is likely to work out, and what the failure modes are. But I'm pretty doubtful that DAO tokens and cryptocurrencies with little value behind them are ultimately stable.

Speaking of trading and the economy, if you are paid for work in some DAO's tokens, which you can trade for goods, when does it become taxable income? When it gets exchanged for local fiat currency? What if that is never?

Vision, Revisited

Okay, with all that under our collective belt, let's revisit the vision. I actually like the idea that our organizing principle should be community. Here's what that means to me, in terms of technical challenges:
  1. Climate change and sustainable development. Without solving these things there is no community, no human security, no meeting of basic human needs.
  2. Data and information systems security. As IT people, this has to be Job One. Add in general systems stability (CIA = confidentiality, integrity and availability), and this is far more important than some random, clever new feature.
  3. Establishing personal autonomy, privacy and empowerment. Note that, to liberal me, this does not imply leaving people out there on their own, with no support.
  4. DEI. (To the extent to which it's different from the above.)
  5. The next billion. Kilnam Chon has a talk with the title Future Internet for the Other Billions. Ever since its inception, the Internet has always faced the challenge that adding the next group of connected people has meant reaching groups that are less technologically literate and perhaps poorer, and with greater environmental and infrastructure challenges of all sorts.
  6. Technologically, the end of Moore's Law. Estimates of data center energy consumption range from 70 TWh/year to three times that, or around 1% of the global total electric power generation. Although our efficiency has increased dramatically, we, as an industry, still have work to do.
If you are working on one of those issues, kudos to you. If you aren't, but you do other work that you find rewarding, that's great, too. But if you're working on something that actively leads away from solutions to the above, or if you're fooling yourself that somehow the current proposed web3 technologies do any of the above, I would encourage you to rethink, carefully considering the big picture.

Final Thoughts and Notes

..wait, I've gotten all the way to the end here without mentioning "the metaverse", or virtual reality worlds. Maybe that means...it's really a separate thing?  FWIW, I was intrigued by VRML all the way back in the mid-1990s. It seemed like a good idea at the time. Whether the tech could keep up was another matter. I suppose, eventually, we will have Snow Crash-style virtual reality, but not yet. People -- including many who are unhappy with their real-world circumstances -- will probably like it. But other than a place to hang your virtual art you spent a lot of tokens acquiring, it's not clear to me that it's either necessary or sufficient for web3. (There have been lots of novels and short stories set in virtual worlds in the last four decades or so. One recent one I read is A Beautifully Foolish Endeavor, with a villian I swear is modeled on Jordan Peterson.)

Since I have invested two decades in working on a technical area or two whose real-world value has yet to be proven, I'm sensitive to criticisms of blockchain that it's a hammer in search of a thumb to hit. I have worked in large companies, in startups, and in academia in both Japan and the U.S., but people like Joi and many, many serial entrepreneurs have far more experience than I do, so you should probably trust them more than me on what works well and what doesn't. 

One friend of mine said, "It's so complex it's hard to see how stupid it is." This friend has spent far more time studying all of this than I have. Until recently, I had not invested much effort in studying web3, and I am sure it shows. I will endeavor to keep learning, and may update this posting. If so, I will add a change log at the bottom.

A final note: I recently had a conversation with one of our students, Shaimay Shah, who is due to graduate momentarily. He said (quoted with permission),

I think the web3 tech is my generation's way to maybe make a difference...I want to look back 20-30 years down the line and tell my kids that I made a difference to society.

That's the goal, and it's a good one. The question is, which of society's problems can be solved via web3, and what tools will take us there?

References

A few of the things that I read that are at least moderately helpful, some from true believers and some from skeptics, some linked to inline above but most not. Apologies for the kind of ragged formatting and lack of inline citations above. Even deeper apologies for not having them organized in any useful fashion, this list grew organically.
  1. Nick Weaver, "The Web3 Fraud", my favorite technical criticism on the technical costs of running a web3 site.
  2. Dave Farber and Dan Gillmor, Cryptocurrencies Remain a Gamble Best Avoided.
  3. https://www.msn.com/en-us/news/technology/bored-ape-yacht-club-the-nft-collection-that-s-becoming-a-real-offline-brand/ar-AAQT8yv
  4. https://www.vice.com/amp/en/article/y3v3ny/all-my-apes-gone-nft-theft-victims-beg-for-centralized-saviors
  5. https://moxie.org/2022/01/07/web3-first-impressions.html
  6. NFT Mona Lisa
  7. https://internetcomputer.org/
  8. https://dfinity.org/
  9. https://www.technologyreview.com/2020/07/01/1004725/redesign-internet-apps-no-one-controls-data-privacy-innovation-cloud/
  10. https://www.stephendiehl.com/blog/against-crypto.html
  11. NFTs being stolen:
  12. https://twitter.com/arvalis/status/1468814628276695041
  13. https://docseuss.medium.com/look-what-you-made-me-do-a-lot-of-people-have-asked-me-to-make-nft-games-and-i-wont-because-i-m-29c7cfdbbb79
  14. Inequality in crypto:
  15. Ashish Rajendra Sai, Jim Buckley, and Andrew Le Gear, "Characterizing Wealth Inequality in Cryptocurrencies".
  16. Khristopher Brooks, "Bitcoin has its own 1% who control outsized share of wealth".
  17.  David DSHR Rosenthal, "Can We Mitigate Cryptocurrencies' Externalities?"
  18. https://twitter.com/doctorow/status/1493288001107021826
  19. Irving’s blog posts: 
  20. https://blog.irvingwb.com/blog/2022/04/what-is-web3.html
  21. https://blog.irvingwb.com/blog/2021/12/the-metaverse-the-next-major-phase-of-the-internet.html
  22. https://www.mollywhite.net/annotations/latecomers-guide-to-crypto
  23. Links from Mike: (1) Useful background reading about the future of the metaverse: https://www.eurasiagroup.net/live-post/the-geopolitics-of-the-metaverse   (2) especially the first and last sections. https://moxie.org/2022/01/07/web3-first-impressions.html
  24. https://conversationalist.org/2020/03/05/the-prodigal-techbro/
  25. https://decrypt.co/100687/ethereum-creator-vitalik-buterin-contradictions-web3-values
  26. https://twitter.com/VitalikButerin/status/1526378787855736832
  27. Joi Ito 伊藤穰一 on web3 town Yamakoshimura 旧山古志村
  28. Another article on web3 town Shiwa-cho, a town of 33,000 people in Iwate-ken.
  29. https://ssir.org/articles/entry/the_good_web#
  30. https://ethereum.org/en/developers/docs/web2-vs-web3/ 
  31. https://inrupt.com/solid/p frustratingly short on details, but Tim Berners-Lee's vision sounds pretty good.
  32. Ethereum consortium, Web2 v. Web3. From Ethereum's point of view, of course, but pretty level headed. What's missing is whether Ethereum is either necessary or  sufficient, or even a way, to achieve the goals laid out.
  33. https://www.zenbusiness.com/how-to-start-a-dao/
  34. Cointelegraph: Deconstructing sidechains — The future of Web3 scalability.
  35. https://cointelegraph.com/news/deconstructing-sidechains-the-future-of-web3-scalability
  36. https://asia.nikkei.com/Opinion/Bitcoin-will-be-remembered-as-a-historically-insignificant-fallacy
  37. https://doctorow.medium.com/moneylike-d20f8279a72e
  38. https://blog.makerdao.com/the-different-types-of-cryptocurrency-tokens-explained/
  39. https://www.fsa.go.jp/en/policy/bgin/ResearchPaper_qunie_en.pdf
  40. https://www.nasdaq.com/articles/what-is-ethereum-name-service-and-how-do-you-get-a-.eth-web-3.0-domain
  41. https://www.researchgate.net/publication/260438995_Trends_in_worldwide_ICT_electricity_consumption_from_2007_to_2012
  42. https://www.nature.com/articles/d41586-018-06610-y
  43. Morgan Ames, "Laptops Alone Can't Bridge the Divide," a must-read on the failure of technology alone to solve problems in education.
  44. Folding Ideas, "Line Goes Up -- The Problem with NFTs", a two-hour, fast-paced dissection of NFTs and blockchain both. Mostly clear and mostly calm, but occasionally heavy on the jargon and slips into occasional fits of outrage. Surprisingly watchable, despite the length and topic.
  45. https://nymag.com/intelligencer/article/three-arrows-capital-kyle-davies-su-zhu-crash.html
  46. https://web3isgoinggreat.com/
  47. https://www.nature.com/articles/s41598-022-18686-8

Change History


Posted by at No comments:
Subscribe to: Posts (Atom)