Bad Benchmarks vs. No Benchmarks

The EMC bloggers have apparently received their orders to spread some FUD about standardized benchmarks – first storage oligarchist and then, so predictably, that other guy who isn’t even worth a link. It’s the most egregious example I’ve seen lately of argument by demanding impossible perfection. Are SPC benchmarks perfect predictors of customer results? Of course not. Are they better than nothing at all? Definitely. “Not perfect” and “worthless” are two distinct concepts. All of the bluster about “real work” and “generating facts customers can use” is pure hot air. What is EMC proposing as an alternative? Nothing, really, except for other vendors to take all of EMC’s claims at face value and never make counterclaims of their own.

EMC knows that bringing vendors in to tune and test on real applications is a pretty large investment for customers to make. They know that if customers have no other criteria to go on, they’ll only invite the industry incumbents. By casting aspersions on the very notion of standardized, repeatable, auditable benchmarks they hope to ensure that no customer will use such benchmarks to generate a candidate list that excludes them, or even to find out about other possibilities. Those who fear that competitors are gaining always seek to narrow the field or end the race early, and this is just one example of how they do it.

Azure: Cloud Computing from Microsoft?

Paul McDougall makes an interesting point about the newly announced Windows Azure.

Forget the marketing hype, Windows Azure isn’t the latest Microsoft (NSDQ: MSFT) operating system. It’s a business strategy. One that shows Redmond believes the days in which it can make fat profits from software alone are numbered.

Microsoft is betting that an increasing number of its customers will want their applications on tap — from “the cloud” (i.e., the Internet) — in the years ahead. And it’s going to charge them subscription fees that cover hosting, maintenance, upgrades, and the software itself.

Is this cloud computing? To answer that, we need to do what too few cloud computing advocates have done by defining what the term means. The name “cloud computing” comes from the tradition of using a cloud in a system diagram to represent a network through which parts of a system are connected. Most often this network is the internet, but any other network with internet-like latency and reliability characteristics is probably equivalent for our purposes. The untrusted nature of the internet, along with the need to secure communications across it, is relevant only to the lowest level of distributed or cloud computing, so the first essential characteristic of cloud computing is separation of components across an internet-like network. Of course, that doesn’t distinguish cloud computing from many other things people have been doing across the internet for years – such as viewing this web page. To see what makes cloud computing somewhat new, let’s look at why someone might design a system that relies on a network with such generally undesirable characteristics as the internet. Here are some possibilities.

  • To “outsource” responsibility for the operations and maintenance of some infrastructure piece(s). Again, this website is an example, as are the various kinds of service providers that have been around for years.
  • To ensure that some of your data and/or operational capacity are located “elsewhere” (in geographic terms) to protect against disaster. Again, data replication and backup data centers have been serving this need for a long time.
  • To move some of the data or computation closer to users. Content delivery networks aren’t new.
  • Because it’s the “in” thing to do among your (not very) technical peers.

None of these really differentiate cloud computing from network/distributed computing as it has already existed. There is, however, one thing about cloud computing that is at least somewhat new. It’s the property that has come to be called “elasticity” (e.g. Amazon’s Elastic Compute Cloud, Enomaly’s ElasticDrive). This has less to do with where the resources are than in how they’re allocated. In a traditional system, resources tend to be allocated statically to a user, and sit idle whenever that user doesn’t need them. In an elastic system, resources are allocated to users on demand almost instantaneously, perhaps even under program rather than human control, and freed when no longer needed with the user charged only for the capacity actually used. By borrowing idle capacity from a common pool instead of dedicating a chunk to each user, resources are used more efficiently and fewer resources need to be provisioned. Of course, this same property can be observed in many other areas of computing – multi-user operating systems, virtual memory, SMP, virtualization, and “thin provisioning” of storage (to name but a few examples) all to some degree or another embody this same principle.

What makes cloud computing interesting, then, is the intersection of large-scale distribution and elasticity. With cloud computing, when you need more resources you can not only reach out and grab more but you can grab them anywhere. Sometimes you don’t even care where else that is. There’s a technical part to this, and there’s also a non-technical part around how the accounting is managed; both had to develop to get where we are now, and both need to develop more before cloud computing can really be considered mature.

To get back to the original Azure question as an illustrative case, it is clearly distributed and it is provided as a service (“multi-tenancy” and service-level agreements are common characteristics of cloud computing but not IMO defining characteristics). What is not clear is whether it’s “elastic” in the necessary sense or to the necessary degree. The Fabric Controller allegedly “views all of the data center as fabric of shared hardware resources that can be managed and shared with all the services there” but I can’t tell whether it allows dynamic expansion and contraction of the capacity available to an application or whether it’s just a fancy form of automated upgrades and perhaps some failover functionality thrown in (more like VMware Infrastructure than true cloud computing as I’m defining it) and there is some talk in white papers of programmatically changing numbers of instances via the classic Microsoftian method of editing a config file. I can’t really tell whether Azure is cloud computing or not. It’s very interesting, though, and – contrary to what the people with cloud-computing products or services to sell you might say – there are many interesting things going on that aren’t cloud computing. In fact, the most interesting part of the latest Azure and web-based Office announcements to me is that multiple people can edit a document and see each others’ updates in real time which is a hard problem of a very different sort. Azure is certainly a significant milestone for Microsoft, though, and perhaps for the entire industry.

Scary Pumpkin

OK, folks, this is a scary pumpkin.

Real Americans

Jonathan Zasloff comments on McCain’s characterization of Obama as “redistributionist in chief” by pointing out that if Obama gets elected then it will be a sign that the American public wants redistribution. That’s actually similar to some thoughts I’ve been mulling over. In about a week, it seems highly likely that the US electorate will send a clear signal about what kind of government they want. I believe Obama will win, the Democrats will control both houses, and the only question is whether the Democrats will achieve a 60-vote “supermajority” in the Senate. In the face of that, trying to portray the majority of the American people as somehow “un-American” is just absurd. It’s not only rude but it’s also bad strategy, alienating those the speaker cannot afford to alienate and marginalizing him or her even more than is already the case.

UPDATE: Nick Anderson of the Houston Chronicle “says” it with a cartoon.

There might be some historical basis for claiming that certain kinds of policies are “un-American” in the sense that they buck tradition or even violate the Holy Constitution, but I for one don’t care. What I care about are principles that are no more tied to one document than to one time or place. The constitution is a pretty good picture of a certain moral reality, through the lens of its time and circumstances, but it does not define that reality. At the time the constitution was written, one large segment of the population was enslaved and another disenfranchised. I do not feel bound to honor all traditions of that time, and the changes in either reality or our understanding of it since then cannot be so easily separated. I think it’s a bit disingenuous to say, “Of course I don’t support those artifacts of 1787, but these others must be held sacred.” Besides the differences already noted, and the obvious technological differences, at that time we didn’t have anything like today’s corporations or insurance or credit ratings or zoning issues or environmental issues or a thousand other social/legal/financial constructs that dominate our lives. Life now, at least so far as it relates to functions of government, is different not just quantitatively but qualitatively, not just in details but in overall concerns and priorities. We should judge policies and ideologies not on their consistency with a document written in a very different world but on whether they are effective today while remaining consistent with basic principles that may or may not be reflected in the constitution as written.

A real American is one who remains true to the moral reality I mentioned earlier, not one who tries to hide their personal biases behind either popular appeal or a piece of paper. Nowadays, I believe the people braying most about “real Americans” are those who least represent that ideal.

Uh Oh

Looks like LiveJournal has changed a bit.

Oh noes. What will we do, when one of the web’s largest sites is full of restless zombies desperate for brains? Oh wait, that was already a good working description of LJ. Never mind.

Family Ties

This time last week, I was in Colorado for business. Maybe some day I’ll write about some of those experiences, but not right now. One of the highlights of the trips was when I got done early enough on Tuesday so I could go visit my cousin Rachel, her husband Dan, and their three kids Christina/Kaitlin/Jonathan. As it turned out, I also got to see my cousin Tim, who had pretty recently moved to the area. I hadn’t seen Dan/Rachel/Christina for about twelve years, Tim I think for even longer, and I had never met Kaitlin or Jonathan at all. Time constraints being what they were, we ended up meeting at a Chuck E. Cheese, which was also a new experience for me. Here’s the better of the two pictures, kindly taken for us by Tim’s roommate Mitchell.

family reunion

Counterclockwise from the right, that is: Tim, Dan, Rachel, me, Christina, Kaitlin, Jonathan. Thanks, everyone, for making allowing me to stop by on such short notice, and I hope to see you all again some time sooner than another twelve years.

The “Small Government” Scam

In the upcoming election, Massachusetts voters get to vote on Proposition 1, to repeal the state income tax. This morning I heard Carla Howell – failed Libertarian candidate for governor and a major proponent of this measure – repeating the old “government is too big” whine. She also repeated the lie that Massachusetts has the fifth-highest tax burden, based on cherry-picking her figures, when by the only measure that matters – total per-person tax burden at all levels of government and all kinds of tax – Massachusetts is actually in the bottom third of the nation. I contend that the problem is not the overall size and power of government but how its size and power are arranged or applied. Government is too big in the wrong places, for the wrong people. It’s too big at the most remote federal level, instead of at the state and local levels. It works too hard on behalf of corporations and rich people, and not hard enough on behalf of normal people. Big government might be a problem, but the worse problem is bad government. The solution is not to make it smaller so much as to make it better.

Here’s what would happen if the state income tax were repealed.

  • The state would try to increase revenue via sales tax and increased fees, and quite likely be reconsidering governor Patrick’s plan to legalize casinos.
  • Towns would try to increase revenue via property taxes. Contra Howell, “proposition 2½” does not impose a hard limit here; overrides are almost routine in many towns, and would be more so under her regime.
  • Both state and towns would turn to the federal government for assistance, but of course to get one dollar back from that source Massachusetts citizens would have to put in three because most federal money gets sucked southward and westward to “red” states.
  • Both state and towns would try to reduce spending by reducing services and foregoing maintenance. If you think years of such shortsightedness have left our roads and bridges in poor shape now – they have, actually – just see what happens if Howell gets her way. Soon, those people who claim they need a big four-wheel-drive vehicle might not be lying after all.

For each of those items, ask yourself how it affects the average person. As one type of tax is replaced with another, as will assuredly happen, consider who pays most of the old tax vs. who pays most of the new one. Who suffers most from reductions in service, or in state oversight and regulation? Who benefits? This plan would be great for people with high incomes which go mostly toward “investment” or out-of-state spending instead of local consumption – people like $200K consultant Carla Howell – but that benefit would come at everyone else’s expense. Her “activism” is really just self-interest. Leaving more people in Massachusetts uneducated or sick, surrounded by decaying infrastructure, will not make it a magnet for industry and commerce. Any company that would move its operations here for lower taxes despite those effects would be even more likely to move its operations overseas for the same reasons, and those aren’t the kind of businesses we really need to focus on anyway. We need to concentrate on attracting high-skill high-pay high-tax-base kinds of enterprise, and to do that we need to head in exactly the opposite direction compared to Howell’s plan.

P.S. Go read the actual text of the petition if you want to see what it actually says. Fair warning, though: it takes a strong stomach to wade through all the “evil big government” ranting and utterly unsubstantiated claims. This is supposed to be a serious policy proposal? The sanest part is “page 5 of 3″ at the end. I guess you can put whatever silly “findings and declarations” into these things that you want, even if they’re totally irrelevant to the concrete actions being proposed.

Free But Broken

No, this isn’t about open source, though frequent readers could be excused for thinking it would be. Denver International Airport’s free wi-fi is the biggest piece of junk ever. First they make you sit through an ad before you can use it. Then they wrap everything with their own stupid frame, in the process breaking things like Google Reader even if you Ad-Block it. Then they do allow ssh, but it (and I’ll guess anything encrypted so they can’t see inside) so slow that it’s practically unusable. Thanks a lot, jerks. I already have a subscription to Boingo, and if you hadn’t bought a monopoly I’d be using that productively. It’s too bad you don’t have anyone competent or ethical working for you.

Myrtle Beach

Last weekend, we all went down to Myrtle Beach SC to help our good friends Scott and Frances celebrate their marriage (which was actually in Georgetown but close enough). It was a beautiful ceremony in a grand old Episcopal church, with a reception in the attached hall and a more casual hang-out at the bride’s parents’ house afterward. The house is worth mentioning because it was built in 1775 and still has many of the details – wide floorboards, fireplace in every room, huge high-ceilinged kitchen with a servants’ staircase up from it – characteristic of that era, plus there were plenty of old books and antiques and so on (including a framed 1754 letter of commission for some ancestor) to spark wonder and conversation. Of course, I thought it would be impolite to go around snapping lot of pictures. Besides, between enjoying the friendly conversation on such a joyous occasion and making sure Amy didn’t knock over any of the priceless items lying around (which includes wedding gifts) I was kind of occupied.

The wedding was on a slightly drizzly Saturday, and we didn’t do much after we got to the hotel. Sunday was supposed to be even drearier but, while it was cloudy, it didn’t actually rain so we enjoyed the beach and the seven swimming pools (including one “lazy river”) at our hotel. Monday was the big surprise. Partly it was a surprise because we hadn’t intended to be there for the whole day. There was a mixup with our flight, so we had some time to kill – but no rental car, and we’d already checked out of the hotel so we had no place to stash our belongings. It turns out that I’m in Enterprise’s “preferred customer” list from my last job (they don’t need to know that the company no longer exists and probably wouldn’t care if they did) so I was able to get a car despite it being a holiday weekend. With that settled, we hit the beach, the aquarium, and a little carnival near the aquarium. The weather was the nicest it had been, too, so my standard line to coworkers and others who asked has been that there are worse things than to find yourself stranded in Myrtle Beach on a beautiful fall day.

Now, on with the pictures.

Hype vs. FUD

One of the computing trends I’ve been watching for a while is so-called “cloud computing” which is really just the latest name for a kind of distributed computing that has been around in nearly identical form for just under a decade and in not-too-different forms for at least twice that long. Heck, I was working on one of the keystones of cloud computing – globally distributed storage – back in 2000, so when I react to the current hype wave with terms like “clown computing” it’s hardly because I’m afraid of something new.

In Cloud Computing is Scary – But the FUD Has to Stop, Dan Morrill complains about the FUD supposedly being directed at cloud computing. Well, Dan, with any new (or even supposedly new) technology there will be hype-mongers at one end and FUD-slingers at the other, with most of the computing community in between. Those with a vested interest in promoting a technology tend to tar everyone less enthusiastic than themselves with the “FUD” brush, just as those with a vested interest in suppressing it tend to tar everyone more enthusiastic with the “hype” brush. In this case the fact is that there are a lot of people who can’t even define cloud computing making all sorts of grandiose and often blatantly false claims. Saying that cloud computing is inherently flawed, that it can never work, would be FUD; pointing out that the claims being made by or about specific vendors and products remain unproven, or that there are still problems to be addressed, is just healthy skepticism. By portraying that skepticism as FUD, you only put yourself further on the “hype” end of the spectrum.

It is long past time to continue with the same old tired refrain of “no” and move on to where business is going.

It is time to start embracing where business is going, and trying to make sure that they are doing it in the safest way possible.

Where business is going, eh? Got any evidence of that? No, of course not. That’s where you would like business to go, but that’s not at all the same thing. Such grandiose “this is the wave of the future so don’t miss it” rhetoric does very little to allay people’s legitimate concern that it’s really a wave of hype. You’d be better off presenting cloud computing as a still-to-be-embraced opportunity, not a fait accompli in the business world.

Business has taken to virtualization in a big way, which I think is misguided for a whole different set of reasons (I believe it’s better to build and deploy smaller servers which can be combined into larger complexes instead of larger ones which then have to be sliced up). There is some correspondence and synergy between virtualization and cloud computing, but I can’t recall any cloud computing proponents articulating that connection as a coherent and usable business strategy. Riding on virtualization’s coat-tails isn’t enough. Some day very soon, somebody in the cloud computing camp needs to do a better job of explaining their Grand Concept’s very own value proposition separate from virtualization.

There are very few information security experts in cloud computing.

What security professionals need to be doing rather than creating their own FUD is work out ways to make it safer.

There might be very few information-security experts in the inbred cabal of people who push the “cloud computing” brand in blogs and such, but there are plenty of people who have been working at the intersection of security and distributed computing for years. Do you think the people behind Amazon, or Tahoe, or Mozy (across the street from the folks at RSA), or Iron Mountain, don’t have a few clues about this stuff? I know many of them, have worked with some, and I know you’d be dead wrong. Securing data across the net is a well-studied problem. So is securing computation across the net, though that’s not my own specialty. It doesn’t mean all the answers are known, but it’s just not true that such expertise is rare or rarely applied.

it is time for information security folks to step up to the plate and get smart on how the technology works.

The best bet right now for the security engineer is to work through the process, and get smart now so that management can benefit from what you have learned.

No, maybe it’s time for cloud computing folks to get smart on how security technology works. Don’t try to push the burden of fixing your problems onto another community, and especially don’t try to hint that they’re “not smart” as you do it. That’s no way to get the help you need. If you cloud computing folks are such great innovators, take some responsibility for learning what’s already out there and using it to innovate your own solutions. When you act as though you invented the greatest thing ever and everyone else needs to catch up, you come across just like teenagers who act like they invented music or sex and that’s just really annoying. Customers don’t like to deal with annoying vendors.

There’s nothing wrong with consciousness-raising but, especially in this economic environment, people are suspicious of evangelists whose promises are incommensurate with their ability to demonstrate real working product with real business value. If you don’t want to sour everyone on the whole idea of cloud computing or anything like it for the next ten years, dial down the marketing and dial up the technical progress.

UPDATE: The Onion says Recession-Plagued Nation Demands New Bubble To Invest In.

A panel of top business leaders testified before Congress about the worsening recession Monday, demanding the government provide Americans with a new irresponsible and largely illusory economic bubble in which to invest.

“Perhaps the new bubble could have something to do with watching movies on cell phones,” said investment banker Greg Carlisle of the New York firm Carlisle, Shaloe & Graves. “Or, say, medicine, or shipping. Or clouds.