Monthly Archives: August 2008



Thinking about trust in a mundane context usually spurs to me think about trust in the larger existential sense. I don’t know if it’s a symptom of living in a modern world steeped in alienation or just the fact that I’m wacked, but I have this sort of looming cognitive dissonance about matters of trust.

I mean, on the one hand I have this sorta mash-up model of the human being in my mind, with a little Freud and a little Smith and a little Taylor and a little Marx and a little Brown, etc., which, if you follow it to logical conclusions, will tell you that you should never trust anyone, ever, like.

But my day-to-day interaction with people is based on the belief that people are almost always trustworthy, as long as you take into account their finitude.

‘course, what I’m comparing there is really a model of a model to a model, so there really is no conflict there in a strictly-typed sense. Hmmm, that’s actually a really good thing to keep in mind… Glad I wrote this post, even if it appears to be a smear of bullshit from a reader’s perspective.


Safe in the clouds

I did forget to mention in my post about clouds that there’s the security issue. This issue is by no means specific to cloud computing, but it is something that’s been on my mind.

Problem is, when you host in a situation where the servers are not physically controlled by you, you have to put a pretty good amount of trust in the hosting provider, and so do your customers, recursively. Anyone in Google’s/Amazon’s/whoever’s pool of administrators can read or mess with your data. Encryption basically does you no good, if you need to do server-side processing of the data, since you’d have everything on the server to allow you to decrypt, and therefore so would the inside attacker.

Anyway, like I say, its not a new issue to the cloud computing realm, and trusting the hosting provider is not unreasonable, and there are social remedies both inside and outside the companies involved should the provider violate the trust. It’s really only been on my mind because people on the project are talking about the need to encrypt the contents of the database, and I’m thinking it’s pretty useless to do so. However, it is one of those things where the psychological situation is different than the technical situation. I’ve made my opinion known to the appropriate people and I’ll trust them to make appropriate decisions about these things, and just go with the flow from there.


Playing in the clouds

For one of my current projects, we’re investigating two ‘cloud computing’ services for hosting, Google AppEngine and Amazon EC2. It’s getting pretty interesting to learn about the good and bad points of the platforms, see them evolve, and imagine what’s going on behind the scenes to make them work.

My highest-level impressions so far are:

  • they’re both going to provide more hardware, bandwidth and reliability than you could imagine building in your server room, unless you happen to have billions of dollars to spare
  • EC2 is the easier to wrap your head around if you have significant experience in building servers from the metal
  • GAE is the easier to wrap your head around if you have no experience in web applications or server building
  • GAE (when it starts charging) scales smoothly, costwise, from zero up. EC2 has a ‘pay-for-what-you-use’ model, BUT, if you want to do anything at all and have it available 24×7, you have to pay for your instance 24×7 even if there’s no traffic, so you’re looking at at least $72/mo. Not a problem for a well-funded project, but for someone diddling around with a little idea and paying with their own credit card, it’s going to be a problem.
  • EC2 is all kinds of flexible, GAE is all kinds of simple. GAE does force you into a new programming model if you’re used to LAMP or the like, but everything else becomes super-simple once you get past that. Scaling, server maintenance, geo-distribution, etc. are all just done for you, whereas with EC2, you get the raw tools to deal with those problems, but you have to patch it all together. There are tools out there to help with that, of course, but EC2 itself is not enough.

We’ll see how the services progress and how my understanding of the capabilities and tradeoffs progress with them…


P. C.

Good choice Jon: Stewart whipped out a Palm Centro on the Daily Show today.



Occasionally you get a PDF of a scan of a printed copy of an automated email, and you say, “huh, that’s kinda funny”.


Here’s a phrase

Here’s a phrase, of sorts, from my past. I wonder if anyone out there in Internet-land can identify it.

This is from memory (I can’t find the original source material right now), so hopefully it’s still right:
“that’s a little too much high that’s that’s it low”.