Clouds
I was reading this article the other day about some exploits and issues that were found in updates that were recently made to the Windows 10 operating system. I didn't really care too much about the article but found it interesting that article was suggesting that Windows was no longer a top priority for Microsoft moving forward and this lack of interest in the traditional operating system was a part of the reason behind such shoddy updates.
The article suggested that Windows was more interested in preparing their public launch of the Windows Virtual Desktop (WVD). What is Windows Virtual Desktop? A cloud-based service that places the Windows environment (and the MS Office suite) on some server that users need a subscription to access. While there are actually good use cases for such technology to quickly stand up uniform workspaces in the business world, it shows a continued movement towards thin-client technology and centralization overall.
It all really comes down to control.
What is a thin client? A thin client is a lightweight computer that is designed to utilize its resources establishing remote connections with external servers that do most of the work. These external servers have been branded as "the cloud" as that makes so much intuitive sense to regular ordinary people who don't know how computers work. The "cloud" is a stupid name and confuses people with a term that hides technology in a vague mysticism. Like it's magic or something.
It's an effective marketing tactic. Safely store all your personal information on our external private servers doesn't quite have the same ring to it. But at least you don't have to worry about potentially losing your data due to your hard drive being comprised. Instead you have the comfort of mind that some internet conglomerate is safe guarding your information like their reputation means something to them. Unfortunately, such conglomerates have proven on multiple occasions that the security of their user's personal information is not often at the top of their lists of priorities.
But why am I really complaining about "the cloud"? Well it actually exposes a potentially larger issue about technology, responsibility, and even philosophy. A movement towards thin clients is a movement towards centralization. And while there is nothing inherently wrong with centralization itself, one can argue that given the context of user information, data, and computing resources, such centralization might be to the detriment of the end users on the lightweight side of the equation.
But first let's dive into why centralization is a good thing. Centralization tends to make things faster and more efficient. Like I mentioned earlier, the Windows Virtual Desktop isn't an inherently bad technology. Sure, I hate subscription based models and how they have sneaky ways of siphoning money away from you on a regular, monthly basis, but the technology has ways of quickly standing up colonies of uniform environments for a business as opposed to needing technically competent folks needing to set that up on their own. It saves time. You spend a little money and you get a little less of a burden for your IT folks.
However, centralization's big issue is that there is very often a single point or very few points of failure that can cause damage to everyone involved in the system. Centralization is inherently fragile to unexpected events that expose underlying and often unseen weaknesses. Data breaches are an example of this. Thousands of accounts having their private and personal information exposed because all that private and personal information happened to be in a single place. What is saved via convenience is lost to the fragile nature of a centralized target for adversaries to attack.
While your data is probably less secure while it lies on your personal computer than it would be on the cloud, the data is more exposed on the cloud and is more likely to be attacked due to the concentration and volume of information stored in the cloud and the fact that security while taken seriously is often not the most prioritized element of competing internet companies.
But what stops us from continuing to centralize? It is more convenient and cheaper to invest in the centralized model. Sure you lose privacy and you become more exposed in the centralized model, but you save money and the experience is easier. Why deal with the hassle of managing a computer when you could rent a virtual one where the tech giant does all of your hard work for you? The answer is control and more often than not, the tech company seems to care more about it than individual users do. Until we reach a breaking point, this movement towards technological centralization continues.
What about blockchain? You might ask. Blockchain is a step in the opposite direction. Rather than have a centralized architecture, we have a network of nodes, ideally performing all important network actions on an individual basis. Unfortunately, that takes effort. This is one of the reasons many people have trouble joining blockchains as users. Due to the nature of decentralization, you have to put more effort in. But the benefit to that effort is more individual control.
Imagine running a node that held all of your information only occasionally granting permission to trusted nodes to access portions of that data. There is no single point of a attack. The decentralized network distributes the risk rather than concentrates it in a single place. Sure, it is up to an individual to guarantee their node is secure and that takes effort especially for those that may be lacking the technical experience. But that effort places privacy squarely in an individual's hands rather than a corporate entity which often only cares about privacy in how it relates to their bottom line.
Is one better than the other? Many would argue that decentralized networks tend to be less risky for the overall network and in some cases, the property of antifragility might arise from such a network. Antifragility is a case where a system becomes stronger when it experiences chaos and damage. An example in the terms of a decentralized network would be a node being attacked by a vulnerability and then other nodes patching that vulnerability to eliminate that weakness. The same thing happens in centralized systems, but often everybody (or a large group) loses before the system can recover like we have seen in recent data breaches.
I fully believe that we will continue to move in the direction of centralization until we experience a catastrophic event that exposes a lot of people in very undesirable ways. Unfortunately, it often takes such chaos to invoke change rather than understanding the potential issues of networked systems beforehand. Centralization is not inherently bad, but rather the actors imposing centralization are becoming less and less trustworthy with that power and are potentially more vulnerable than ever before. As mentioned earlier, they are only growing the attack surface where a potential vulnerability might be hiding.
Decentralization is not inherently good. In fact, it is inefficient and requires a significantly larger amount of effort in order to operate a node in a decentralized system. But it offers benefits and limits exposure to the risks and failures associated with centralization. Blockchain is not 100% decentralized. Most blockchains have a single implementation of their protocol. That is a potential point of failure. But there is more efficiency there in that folks don't have to rebuild protocols over and over again. A purely centralized or decentralized network will never exist. Everything exists on a spectrum containing elements of both systems.
We're moving towards centralization despite the brief and background contrarian move that blockchain represents. Blockchain was spawned out of a prior move to an extreme of centralization in the financial industry in 2008. I'm probably biased, but I see another such violent change of direction in the spectrum in the near future. The fact that tech corporations are seeing more scrutiny in the mainstream indicates to me we may soon be reaching that breaking point.