Saturday, July 15. 2017
By fabric | ch
-----
As we continue to lack a decent search engine on this blog and as we don't use a "tag cloud" ... This post could help navigate through the updated content on | rblg (as of 07.2017), via all its tags!
HERE ARE ALL THE CURRENT TAGS TO NAVIGATE ON | RBLG BLOG:
(to be seen just below if you're navigating on the blog's html pages or here for rss readers)
Monday, November 23. 2015
Note: this article was published a while ago and was rebloged here and there already. I kept it in my pile of "interesting articles to read later when I'll have time" for a long time as well therefore. But it make sense to post it in conjunction with the previous one about Norman Foster and by extension with the otehr one concerning the Chicago Biennial.
It is also sometimes interesting to read posts with delay, when the hype and buzzwords are gone. Written in the aftermath of the Tesla annoncement about its home battery (Powerwall), the article was all about energy revolution. But since then, what? We're definitely looking forward...
Via Gizmodo
-----
By Annalee Newitz

Photo: SpaceX
Nobody wants to say it outright, but the Apple Watch sucks. So do most smartwatches. Every time I use my beautiful Moto 360, its lack of functionality makes me despair. But the problem isn’t our gadgets. It’s that the future of consumer tech isn’t going to come from information devices. It’s going to come from infrastructure.
That’s why Elon Musk’s announcements of the new Tesla battery line last night were more revolutionary than Apple Watch and more exciting than Microsoft’s admittedly nifty HoloLens. Information tech isn’t dead — it has just matured to the point where all we’ll get are better iterations of the same thing. Better cameras and apps for our phones. VR that actually works. But these are not revolutionary gadgets. They are just realizations of dreams that began in the 1980s, when the information revolution transformed the consumer electronics market.
But now we’re entering the age of infrastructure gadgets. Thanks to devices like Tesla’s household battery, Powerwall, electrical grid technology that was once hidden behind massive barbed wire fences, owned by municipalities and counties, is now seeping slowly into our homes. And this isn’t just about alternative energy like solar. It’s about how we conceive of what technology is. It’s about what kinds of gadgets we’ll be buying for ourselves in 20 years.
It’s about how the kids of tomorrow won’t freak out over terabytes of storage. They’ll freak out over kilowatt-hours.
Beyond transforming our relationship to energy, though, the infrastructure age is about where we expect computers to live. The so-called internet of things is a big part of this. Our computers aren’t living in isolated boxes on our desktops, and they aren’t going to be inside our phones either. The apps in your phone won’t always suck you into virtual worlds, where you can escape to build treehouses and tunnels in Minecraft. Instead, they will control your home, your transit, and even your body.
Once you accept that the thing our ancestors called the information superhighway will actually be controlling cars on real-life highways, you start to appreciate the sea change we’re witnessing. The internet isn’t that thing in there, inside your little glowing box. It’s in your washing machine, kitchen appliances, pet feeder, your internal organs, your car, your streets, the very walls of your house. You use your wearable to interface with the world out there.
It makes perfect sense to me that a company like Tesla could be at the heart of the new infrastructure age. Musk’s focus has always been relentlessly about remolding the physical world, changing the way we power our transit — and, with SpaceX, where future generations might live beyond Earth. The opposite of cyberspace is, well, physical space. And that’s where Tesla is taking us.
But in the infrastructure age, physical space has been irrevocably transformed by cyberspace. Now we use computers to experience the world in ways we never could before computer networks and data analysis, using distributed sensor devices over fault lines to give people early warnings about earthquakes that are rippling beneath the ground — and using satellites like NASA’s SMAP to predict droughts years before they happen.
Of course, there are the inevitable dangers that come with infusing physical space with all the vulnerabilities of cyberspace. People will hack your house; they’ll inject malicious code into delivery drones; stealing your phone might become the same thing as stealing your car. We’ll still be mining unsustainably to support our glorious batteries and photovoltaics and smart dance clubs.
But we will also benefit enormously from personalizing the energy grid, creating a battery-powered hearth for every home. Plus the infrastructure age leads directly into outer space, to tackle big problems of human survival, and diverts our impoverished attention spans from gazing neurotically at the social scene unfolding in tiny glowing rectangles on our wrists.
The information age brought us together, for better or worse. It allowed us to understand our environment and our bodies in ways we never could before. But the infrastructure age is what will prevent us from killing ourselves as we grow up into a truly global civilization. That is far more important, and exciting, than any gold watch could ever be.
Note: Meanwhile, on the "big architects" end of the spectrum... Where I enjoyed to read the sentence " Foster is delighted that Britain now has an infrastructure commission, chaired by Andrew Adonis, which he says gives the opportunity to plan in 30-year cycles and remove the politics from infrastructure."
Via The Guardian
-----
By Rowan Moore

Norman Foster’s Millau viaduct in France, which has ‘cut out five-hour traffic jams’. Photograph: Michael Reinhard/Corbis
“Do you believe in infrastructure?” asks Norman Foster, with challenge in his voice. He does. Infrastructure, he says, is about “investing not to solve the problems of today but to anticipate the issues of future generations”. He cites his hero, Joseph Bazalgette, who, in solving Victorian London’s sewage problems, “thought holistically to integrate drains with below-ground public transportation and above-ground civic virtue”.
Foster is delighted that Britain now has an infrastructure commission, chaired by Andrew Adonis, which he says gives the opportunity to plan in 30-year cycles and remove the politics from infrastructure. He will expound these views this week at the Urban Age 10th anniversary Global Debates, Urban Age being the LSE’s Deutsche Bank-sponsored series of conferences in which high-powered and highly powerful people travel the world exchanging views on city building.
Statistics spin out of him about sustainability. “If you take the carbon footprint of London, that’s one seventh of that of Atlanta, so there’s a relationship between density and emissions. The whole climate change issue, which many would argue is about the survival of the species, comes down to urbanism.

Foster’s proposed design for the Thames Hub airport. Photograph: dbox/Foster & Partners
“When I was in Harvard recently, I said that each of us in this room, the energy that we consume in one year would equal the energy consumed by two Japanese, 13 Chinese, 31 Indians and 370 Ethiopians. So you start to take the relationship between energy consumed by a society and infant mortality, life expectancy, sexual freedom, academic freedom, freedom from violence. So those societies that consume more energy have more of those desirable qualities, so all those issues are inseparable from the nature of the infrastructure.” The connections between these points are not always clear, but the argument seems to be that better use of energy through better infrastructure will enable more people to live better.
Of his own work, Foster says that many of the most important projects are not what are normally considered buildings, but things such as the Millennium Bridge, the pedestrianisation of Trafalgar Square in London, the Millau viaduct in southern France and the remaking of the Marseille waterfront. More statistics: “Millau cut out five-hour traffic jams, which meant that the saving in CO2 from the 10% of traffic that is heavy good vehicles had an effect equivalent to a forest of 40,000 trees.”
He has campaigned vigorously for the Thames Hub, a new airport in the Thames estuary with an associated network of huge ambition: an orbital railway around London, a flood barrier, tidal energy generation. He is profoundly disappointed that his plan is likely to be rejected in favour of an expanded Heathrow: “The reality of a hub airport is that you can never ever do that at Heathrow. If you do that at Heathrow now you can absolutely guarantee that we will still be pedalling furiously to stand still. You can never accommodate long-term needs there.”

Norman Foster: ‘The whole climate change issue comes down to urbanism.’ Photograph: Manolo Yllera
But given what he just said about sustainability, should we be expanding airports at all? “Do you eat meat?” he asks scathingly. “You’re probably going to have your hamburger in spite of the fact that you’re going to make a much greater impact than any travel.” Air travel, he says, “compares well statistically with the amount of methane produced by cows and the amount of energy and water needed to produce a hamburger”.
“The reality is that all society is embedded in mobility. You’re going to take that flight. You’d be better to take the flight out of an airport that is driven by tidal power and which uses natural light, and which anticipates the day when air travel will be more sustainable.” He talks of solar-powered flight and planes made of lightweight composite materials.
It could also be asked what is the role of the architect in what is generally the province of engineers, planners and politicians. Around us is evidence of his practice’s apparent potency – towers in China and India, a model of the giant circle, one mile in circumference, which will be Apple’s new headquarters, images of a concept for habitats on Mars – but Foster says: “I have no power as an architect, none whatsoever. I can’t even go on to a building site and tell people what to do.” Advocacy, he says, is the only power an architect ever has.
To write about Foster presents a particular challenge to an architecture critic. The scale of his achievement is immense and he has created many outstanding buildings. A wise man recently pointed out that if Foster had only built his 20 or 30 best works, critical admiration would be virtually unqualified. It is largely because his practice has designed many more projects than this that he sometimes gets a bad press. But would it really have been better if he had confined himself to a boutique practice in order to preserve his architectural purity?
It can seem peevish and petty to question his work, but it is not beyond criticism. In particular, it can become weaker the more it makes contact with realities outside itself. If you look upwards in the Great Court he designed in the British Museum, you will see an impressive structure of steel and glass, but at your own level it becomes bland and sometimes clumsy. The Gherkin is a memorable presence on the London skyline, but awkward at pavement level. The Millennium Bridge, even with the modifications necessary to stop it wobbling, is confident and elegant except at its landing, where the overhang of its cantilever creates spaces that are plain nasty.
In the context of infrastructure, the question is also whether it adapts to the political, social and physical conditions that surround it. In answer to Foster’s question, yes, I do believe in infrastructure. Or, rather, I’d compare it to water: essential to existence, life-enhancing and sometimes beautiful, but with the power to damage and destroy if misused.

Design for the proposed drone-port project in Rwanda. Photograph: Foster & Partners
All this makes a new drone-port project in Rwanda one of Foster and Partners’ most intriguing. Conceived with Jonathan Ledgard, the director of Afrotech, who describes himself as a thinker on the future of Africa, it is a plan to create a network of cargo drones that can bring medical supplies and blood, plus spare parts, electronics and e-commerce, to hard-to-access parts of Africa. The drones have ports – shelters where they can safely land and unload, but which also serve as “a health clinic, a digital fabrication shop, a post and courier room, and an e-commerce trading hub, allowing it to become part of local community life”. Because of their inaccessible locations, they have to be built using materials close to hand, so techniques have been developed for efficiently making local earth into bricks and stones into foundations.
It is impossible at this point and at this distance to know if the drone-port project will achieve what it hopes, but its ambition to adapt to local conditions seems absolutely to the point. The interesting question is then how to bring the same thinking to infrastructure in a developed country, such as Britain. What is the right infrastructure for the society and culture of this country, at this point? Has it changed since Foster’s Victorian heroes, such as Bazalgette, did their work? Can we import the large-scale thinking of modern China and, if so, with what modification? These are good questions for an architect to address.
Urban Age Global Debates run until 3 December; lsecities.net/ua
Friday, October 02. 2015
Via iiclouds.org
-----
The design research Inhabiting and Interfacing the Cloud(s) will be presented during the peer reviewed Renewable Futures Conference next week in Riga (Estonia), which will be the first edition of a serie that promiss to scout for radical approaches.
Christophe Guignard will introduce the participants to the stakes and the progresses of our ongoing experimental work. There will be profiled and inspiring speakers such as Lev Manovitch, John Thackara, Andreas Brockmann, etc.

Christophe Guignard will make a short “follow up” about the conference on this blog once he’ll be back from Riga.
Monday, September 28. 2015
Note: a book as a follow up of the exhibition for which fabric | ch designed the scenography last May at the Haus der elektronische Künste in Basel (project White Oblique, downloadable pdf on our website). I was implicated in a double way in the exhibition due to the fact that the content of the design research I'm jointly leading with Nicolas Nova for ECAL and HEAD, Inhabiting and Interfacing the Cloud(s), was also exhibited. I have the pleasure to publish a text in the book about the state and objectives of the ongoing research as well.
Via iiclouds.org
-----
Note: we’re pleased to see that the publication related to the exhibition and symposium Poetics & Politics of Data, curated by Sabine Himmelsbach at the H3K in Basel, has been released later this summer. The publication, with the same title as the exhibition, was first distributed in the context of the conference Data Traces. Big Data in the Context of Culture and Society that also took place at H3K on the 3rd andf 4th of July.
The book contains texts by Nicolas Nova (Me, My cloud and I) and myself (Inhabiting and Interfacing the Cloud(s). An ongoing Design Research), but also and mainly contributions by speakers of the conference (which include the american theorician Lev Manovitch, curator Sabine Himmelsbach and Prof. researcher from HGK Basel Claudia Mareis) and exhibiting artists (Moniker, Aram Bartholl, Rafael Lozano-Hemmer, Jennifer Lyn Morone, etc.)








The publication serves both as the catalogue of the exhibition and the conference proceedings. Due to its close relation to our subject of research (the book speaks about data, we’re interested in the infrastructure –both physical and digital– that host them), we’re integrating the book to our list of relevant book. The article A short history of Clouds, by Orit Halpern is obviously of direct signifiance to our work.
It can be ordered directly from H3K website:
Poetics and Politics of Data, 265 pp, ed. Christoph Merian Verlag, Basel, 2015 (29.- chf)
Friday, June 26. 2015
By fabric | ch
-----
Note: last end of May was the opening of the exhibition Poetics & Politics of Data at the Haus der elektronischen Künste in Basel. This was the occasion to present the temporary results of the design research I'm leading at ECAL/University of Art & Design Lausanne, in collaboration with Nicolas Nova from HEAD - Genève, EPFL and EPFL-ECAL Lab. But for that matter, fabric | ch realized the scenography of the whole exhibition, in particular the "hidden" part hosting the presentation of the design research itself.
The whole spatial display we designed looks like some sort of "heterotopy": an archive and (computer) cabinet of curiosities within the white cube. A little bit like the "behind the scenes" of the exhibition, occupying its center, yet articulating it. It is basically made out of the modular elements that constitutes the "white cube" itself. Just that we maintained the hidden parts of these walls open and visible, widen and turn them in a pathway and an archive.
Also present in the space and scenography are different works from fabric | ch: Deterritorialized Daylight is used to drive the lighting of the inner part of the cabinet, a new work Datadroppers --an online data commune, reminiscence of the now dead Pachube-- is used to collect and re-use random data from the exhibition, several Raspberry Pis in their dedicated 3d printed casing are collecting these data (which includes, in addition to the traditional ones more surpising ones like "curiosity", "transgression", etc.) and "dropping" them on the online service. They are then searchable and be used in third parties applications.
The exhibition will still be on view until the end of August in Basel, with works by Rafael Lozano-Hemmer, Moniker, Aram Bartholl, Jennifer Lyn Morone, Rybn and several others.















Pictures by David Colombini and Marco Frauchiger
-
Intro text to the exhibition and credits:
Inhabiting & Interfacing the Cloud(s) is an ongoing design research about Cloud Computing. It explores the creation of counter-proposals to the current expression of this technological arrangement, particularly in its forms intended for private individuals and end users (Personal Cloud). Through its fully documented cross-disciplinary approach that connects the works of interaction designers, architects and ethnographers, this research project aims at producing alternative yet concrete models resulting from a more decentralized and citizen-oriented approach.
Halfway through the exploration process, the current status of the work is presented in the form of a (computer) cabinet (of curiosities).
http://www.iiclouds.org
Project leaders: Patrick Keller (ECAL), Nicolas Nova (HEAD)
Tutors: Christophe Guignard (ECAL), Dieter Dietz, Caroline Dionne, Manon Fantini, Thomas Favre-Bulle & Rudi Nieveen (EPFL), Nicolas Henchoz (EPFL-ECAL Lab)
Assistants: Lucien Langton (ECAL), Charles Chalas (HEAD), David Colombini
Partners: James Auger, Christian Babski, Stéphane Carion, Matthew Plummer-Fernandez
Students (ECAL): Anne-Sophie Bazard, Benjamin Botros, Caroline Buttet, Guillaume Cerdeira, Romain Cazier, Maxime Castelli, Mylène Dreyer, Bastien Girshig, Martin Hertig, Jonas Lacôte, Alexia Léchot, Nicolas Nahornyj, Pierre-Xavier Puissant
Students (HEAD): Sarah Bourquin, Hind Chamas, Marianne Czwodjdrak, Patrick Donaldson, Alexandra Gavrilova, Félicien Goguey, Eunni Sun Lee, Vanesa Lorenzo, Etienne Ndiaye, Mélissa Pisler, Camille Rattoni, Léa Thévenot, Saskia Vellas
Students (EPFL): Anne-Charlotte Astrup, Francesco Battaini, Tanguy Dyer, Delphine Passaquay
Scenography: fabric | ch
ECAL director: Alexis Georgacopoulos
HEAD – Genève director: Jean-Pierre Greff
ECAL/University of Art & Design Lausanne, HEAD – Genève, EPFL-ECAL Lab, HES-SO
Friday, January 23. 2015
Note: Following my recent posts about the research project "Inhabiting & Intercacing the Cloud(s)" I'm leading for ECAL, Nicolas Nova and I will be present during next Lift Conference in Geneva (Feb. 4-6 2015) for a talk combined with a workshop and a skype session with EPFL (a workshop related to the I&IC research project will be on the finish line at EPFL –Prof. Dieter Dietz’s ALICE Laboratory– on the day we’ll present in Geneva). If you plan to take part to Lift 15, please come say "hello" and exchange about the project.
Via the Lift Conference & iiclouds.org
—–
Inhabiting and Interfacing the Cloud(s)
Fri, Feb. 06 2015 – 10:30 to 12:30
Room 7+8 (Level 2)
Architect (EPFL), founding member of fabric | ch and Professor at ECAL
Principal at Near Future Laboratory and Professor at HEAD Geneva
Workshop description : Since the end of the 20th century, we have been seeing the rapid emergence of “Cloud Computing”, a new constructed entity that combines extensively information technologies, massive storage of individual or collective data, distributed computational power, distributed access interfaces, security and functionalism.
In a joint design research that connects the works of interaction designers from ECAL & HEAD with the spatial and territorial approaches of architects from EPFL, we’re interested in exploring the creation of alternatives to the current expression of “Cloud Computing”, particularly in its forms intended for private individuals and end users (“Personal Cloud”). It is to offer a critical appraisal of this “iconic” infrastructure of our modern age and its user interfaces, because to date their implementation has followed a logic chiefly of technical development, governed by the commercial interests of large corporations, and continues to be seen partly as a purely functional,centralized setup. However, the Personal Cloud holds a potential that is largely untapped in terms of design, novel uses and territorial strategies.
The workshop will be an opportunity to discuss these alternatives and work on potential scenarios for the near future. More specifically, we will address the following topics:
- How to combine the material part with the immaterial, mediatized part? Can we imagine the geographical fragmentation of these setups?
- Might new interfaces with access to ubiquitous data be envisioned that take nomadic lifestyles into account and let us offer alternatives to approaches based on a “universal” design? Might these interfaces also partake of some kind of repossession of the data by the end users?
- What setups and new combinations of functions need devising for a partly nomadic lifestyle? Can the Cloud/Data Center itself be mobile?
- Might symbioses also be developed at the energy and climate levels (e.g. using the need to cool the machines, which themselves produce heat, in order to develop living strategies there)? If so, with what users (humans, animals, plants)?
The joint design research Inhabiting & Interfacing the Cloud(s) is supported by HES-SO, ECAL & HEAD.
Interactivity : The workshop will start with a general introduction about the project, and moves to a discussion of its implications, opportunities and limits. Then a series of activities will enable break-out groups to sketch potential solutions.
Thursday, November 13. 2014
By fabric | ch
-----
I'm very happy to write that after several months of preparation, I'm leading a new design-research (that follows Variable Environment, dating back from 2007!) for the University of Art & design, Lausanne (ECAL), in partnership with Nicolas Nova (HEAD). The project will see the transversal collaboration of architects, interaction designers, ethnographers and scientists with the aim of re-investigating "cloud computing" and its infrastructures from a different point of view. The name of the project: Inhabiting and Interfacing the Cloud(s), which is now online under the form of a blog that will document our progresses. The project should last until 2016.
The main research team is composed of:
Patrick Keller, co-head (Prof. ECAL M&ID, fabric | ch) / Nicolas Nova, co-head (Prof. HEAD MD, Near Future Laboratory) / Christophe Guignard (Prof. ECAL M&ID, fabric | ch) / Lucien Langton (assistant ECAL M&ID) / Charles Chalas (assistant HEAD MD) / Dieter Dietz (Prof. EPFL - Alice) & Caroline Dionne (Post-doc EPFL - Alice) / Dr. Christian Babski (fabric | ch).
I&IC Workshops with students from the HEAD, ECAL (interaction design) and EPFL (architecture) will be conducted by:
James Auger (Prof. RCA, Auger - Loizeau) / Matthew Plummer-Fernandez (Visiting Tutor Goldsmiths College, Algopop) / Thomas Favre - Bulle (Lecturer EPFL).
Finally, a group of "advisors" will keep an eye on us and the research artifacts we may produce:
Babak Falsafi (Prof. EPFL - Ecocloud) / Prof. Zhang Ga (TASML, Tsinghua University) / Dan Hill (City of Sound, Future Cities Catapult) / Ludger Hovestadt (Prof. ETHZ - CAAD) / Geoff Manaugh (BLDGBLOG, Gizmodo).

Andrea Branzi, 1969, Research for "No-Stop City".

Google data center in Lenoir, North Carolina (USA), 2013.
As stated on the I&IC webiste:
The design research I&IC (Inhabiting and Interfacing the Clouds), explores the creation of counter-proposals to the current expression of “Cloud Computing”, particularly in its forms intended for private individuals and end users (“Personal Cloud”). It is led by Profs. Patrick Keller (ECAL) and Nicolas Nova (HEAD) and is documented online as a work in progress, 2014-2017.
I&IC is to offer an alternative point of view, a critical appraisal as well as to provide an “access to tools” about this iconic infrastructure of our modernity and its user interfaces, because to date their implementation has followed a logic chiefly of technical development, mainly governed by corporate interests, and continues therefore to be paradoxically envisioned as a purely functional, centralized setup.
However, the Personal Cloud holds a potential that is largely untapped in terms of design, novel uses and territorial strategies. Through its cross-disciplinary approach that links interaction design, the architectural and territorial dimensions as well as ethnographic studies, our project aims at producing alternative models resulting from a more contemporary approach, notably factoring in the idea of creolization (theorized by E. Glissant).
Monday, June 30. 2014
Note: I've already collected articles about this project, which interestingly, would add a permanent human presence in a layer of the atmosphere (the statosphere) where humans were not or very rarely present up to now. We also have to underline the fact that this will be an additionnal move toward the "brandification/privatization" (of the upper levels of our atmosphere --stratosphere, thermosphere-- and outer space).
It is interesting indeed, with clever worlds like "bringing the internet to million of people". Yet some other ones have a more critical view upon this strategic move by corporate interests: read Google Eyes in the Sky (by Will Oremus on Slate)
Via Next Nature
-----

Balloon-Powered Internet For Everyone
Both Google and Facebook have challenging intentions to bring the Internet to the next billion people, and while Zuckerberg’s dream involves drones with lasers, Google is planning to create a hot air balloon network.
With a system of balloons traveling on the edge of space, Project Loon will attempt to connect to internet the two-thirds of the world’s population that doesn’t have access to the Net. The balloons will float in the stratosphere, twice as high as airplanes and the weather. Users can connect to the network using a specific Internet antenna attached to their building.
“Project Loon uses software algorithms to determine where its balloons need to go, then moves each one into a layer of wind blowing in the right direction. By moving with the wind, the balloons can be arranged to form one large communications network” is explained on Project Loon website.
Currently, Google is still in the testing phase to learn more about wind patterns, and improve the balloons design. A step toward universal Internet connection?
Find more at Project Loon
Wednesday, May 28. 2014
Excerpt:
"In some ways, there’s a bug in the open source ecosystem. Projects start when developers need to fix a particular problem, and when they open source their solution, it’s instantly available to everyone. If the problem they address is common, the software can become wildly popular in a flash — whether there is someone in place to maintain the project or not. So some projects never get the full attention from developers they deserve. “I think that is because people see and touch Linux, and they see and touch their browsers, but users never see and touch a cryptographic library,” says Steve Marquess, one of the OpenSSL foundation’s partners."
Via Wired
-----
How Heartbleed Broke the Internet — And Why It Can Happen Again
Illustration: Ross Patton/WIRED
Stephen Henson is responsible for the tiny piece of software code that rocked the internet earlier this week (note: early last month).
The key moment arrived at about 11 o’clock on New Year’s Eve, 2011. With 2012 just minutes away, Henson received the code from Robin Seggelmann, a respected academic who’s an expert in internet protocols. Henson reviewed the code — an update for a critical internet security protocol called OpenSSL — and by the time his fellow Britons were ringing in the New Year, he had added it to a software repository used by sites across the web.
Two years would pass until the rest of the world discovered this, but this tiny piece of code contained a bug that would cause massive headaches for internet companies worldwide, give conspiracy theorists a field day, and, well, undermine our trust in the internet. The bug is called Heartbleed, and it’s bad. People have used it to steal passwords and usernames from Yahoo. It could let a criminal slip into your online bank account. And in theory, it could even help the NSA or China with their surveillance efforts.
It’s no surprise that a small bug would cause such huge problems. What’s amazing, however, is that the code that contained this bug was written by a team of four coders that has only one person contributing to it full-time. And yet Henson’s situation isn’t an unusual one. It points to a much larger problem with the design of the internet. Some of its most important pieces are controlled by just a handful of people, many of whom aren’t paid well — or aren’t paid at all. And that needs to change. Heartbleed has shown — so very clearly — that we must add more oversight to the internet’s underlying infrastructure. We need a dedicated and well-funded engineering task force overseeing not just online encryption but many other parts of the net.
The sad truth is that open source software — which underpins vast swathes of the net — has a serious sustainability problem. While well-known projects such as Linux, Mozilla, and the Apache web server enjoy hundreds of millions of dollars of funding, there are many other important projects that just don’t have the necessary money — or people — behind them. Mozilla, maker of the Firefox browser, reported revenues of more than $300 million in 2012. But the OpenSSL Software Foundation, which raises money for the project’s software development, has never raised more than $1 million in a year; its developers have never all been in the same room. And it’s just one example.
In some ways, there’s a bug in the open source ecosystem. Projects start when developers need to fix a particular problem, and when they open source their solution, it’s instantly available to everyone. If the problem they address is common, the software can become wildly popular in a flash — whether there is someone in place to maintain the project or not. So some projects never get the full attention from developers they deserve. “I think that is because people see and touch Linux, and they see and touch their browsers, but users never see and touch a cryptographic library,” says Steve Marquess, one of the OpenSSL foundation’s partners.
Another Popular, Unfunded Project
Take another piece of software you’ve probably never heard of called Dnsmasq. It was kicked off in the late 1990s by a British systems administrator named Simon Kelley. He was looking for a way for his Netscape browser to tell him whenever his dial-up modem had become disconnected from the internet. Scroll forward 15 years and 30,000 lines of code, and now Dnsmasq is a critical piece of network software found in hundreds of millions of Android mobile phones and consumer routers.
Kelley quit his day job only last year when he got a nine-month contract to do work for Comcast, one of several gigantic internet service providers that ships his code in its consumer routers. He doesn’t know where his paycheck will come from in 2015, and he says he has sympathy for the OpenSSL team, developing critical and widely used software with only minimal resources. “There is some responsibility to be had in writing software that is running as root or being exposed to raw network traffic in hundreds of millions of systems,” he says. Fifteen years ago, if there was a bug in his code, he’d have been the only person affected. Today, it would be felt by hundreds of millions. “With each release, I get more nervous,” he says.
Money doesn’t necessarily buy good code, but it pays for software audits and face-to-face meetings, and it can free up open-source coders from their day jobs. All of this would be welcome at the OpenSSL project, which has never had a security audit, Marquess says. Most of the Foundation’s money comes from companies asking for support or specific development work. Last year, only $2,000 worth of donations came in with no strings attached. “Because we have to produce specific deliverables that doesn’t leave us the latitude to do code audits, security reviews, refactoring: the unsexy activities that lead to a quality code base,” he says.
The problem is also preventing some critical technologies from being added to the internet. Jim Gettys says that a flaw in the way many routers are interacting with core internet protocols is causing a lot of them to choke on traffic. Gettys and a developer named Dave Taht know how to fix the issue — known as Bufferbloat — and they’ve started work on the solution. But they can’t get funding. “This is a project that has fallen through the cracks,” he says, “and a lot of the software that we depend on falls through the cracks one way or another.”
Earlier this year, the OpenBSD operating system — used by security conscious folks on the internet — nearly shut down, after being hit by a $20,000 power bill. Another important project — a Linux distribution for routers called Openwrt is also “badly underfunded,” Gettys says.
Gettys should know. He helped standardize the protocols that underpin the web and build core components of the Unix operating system, which now serves as the basis for everything from the iPhone to the servers that drive the net. He says there’s no easy answer to the problem. “I think there are ways to put money into the ecosystem,” he says, “but getting people to understand the need has been difficult.”
Eric Raymond, a coder and founder of the Open Source Initiative, agrees. “The internet needs a dedicated civil-engineering brigade to be actively hunting for vulnerabilities like Heartbleed and Bufferbloat, so they can be nailed before they become serious problems,” he said via email. After this week, it’s hard to argue with him.
|