Web Excursions 2022-01-08
Even nerds do not want to run their own servers at this point.
Even organizations building software full time do not want to run their own servers at this point.
If there’s one thing I hope we’ve learned about the world, it’s that people do not want to run their own servers.
The companies that emerged offering to do that for you instead were successful,
and the companies that iterated on new functionality based on what is possible with those networks were even more successful.
One thing that has always felt strange to me about the cryptocurrency world is the lack of attention to the client/server interface.
When people talk about blockchains, they talk about distributed trust, leaderless consensus, and all the mechanics of how that works,
but often gloss over the reality that clients ultimately can’t participate in those mechanics.
All the network diagrams are of servers, the trust model is between servers, everything is about servers.
Blockchains are designed to be a network of peers,
but not designed such that it’s really possible for your mobile device or your browser to be one of those peers.
the blockchain can’t live on your mobile device (or in your desktop browser realistically), so the only alternative is to interact with the blockchain via a node that’s running remotely on a server somewhere.
But, as we know, people don’t want to run their own servers.
As it happens, companies have emerged that sell API access to an ethereum node they run as a service,
along with providing analytics, enhanced APIs they’ve built on top of the default ethereum APIs, and access to historical transactions.
At this point, there are basically two companies.
Almost all dApps use either Infura or Alchemy in order to interact with the blockchain.
This was surprising to me.
So much work, energy, and time has gone into creating a trustless distributed consensus mechanism,
but virtually all clients that wish to access it do so by simply trusting the outputs from these two companies without any further verification.
It also doesn’t seem like the best privacy situation.
Imagine if every time you interacted with a website in Chrome, your request first went to Google before being routed to the destination and back.
That’s the situation with ethereum today.
All write traffic is obviously already public on the blockchain, but these companies also have visibility into almost all read requests from almost all users in almost all dApps.
Instead of storing the data on-chain, NFTs instead contain a URL that points to the data.
What surprised me about the standards was that there’s no hash commitment for the data located at the URL.
Looking at many of the NFTs on popular marketplaces being sold for tens, hundreds, or millions of dollars, that URL often just points to some VPS running Apache somewhere.
Anyone with access to that machine, anyone who buys that domain name in the future, or anyone who compromises that machine can change the image, title, description, etc for the NFT to whatever they’d like at any time (regardless of whether or not they “own” the token).
There’s nothing in the NFT spec that tells you what the image “should” be, or even allows you to confirm whether something is the “correct” image.
So as an experiment, I made an NFT that changes based on who is looking at it,
since the web server that serves the image can choose to **serve different images based on the IP or User Agent of the requester. **
For example, it looked one way on OpenSea, another way on Rarible, but when you buy it and view it from your crypto wallet, it will always display as a large 💩 emoji.
After a few days, without warning or explanation, the NFT I made was removed from OpenSea
A crypto wallet like MetaMask, Rainbow, etc is “non-custodial” (the keys are kept client side), but it has the same problem as my dApps above: a wallet has to run on a mobile device or in your browser.
MetaMask needs to interact with the blockchain, but the blockchain has been built such that clients like MetaMask can’t interact with it. So like my dApp, MetaMask accomplishes this by making API calls to three companies that have consolidated in this space.
Again, like with my dApp, these responses are not authenticated in some way.
They’re not even signed so that you could later prove they were lying.
It reuses the same connections, TLS session tickets, etc for all the accounts in your wallet,
so if you’re managing multiple accounts in your wallet to maintain some identity separation, these companies know they’re linked.
MetaMask doesn’t actually do much, it’s just a view onto data provided by these centralized APIs.
I think this is very **similar to the situation with email. **
I can run my own mail server, but it doesn’t functionally matter for privacy, censorship resistance, or control –
because GMail is going to be on the other end of every email that I send or receive anyway.
Once a distributed ecosystem centralizes around a platform for convenience, it becomes the worst of both worlds:
centralized control, but still distributed enough to become mired in time.
Apple at $3tn: the enigma of Tim Cook
Two years after the death of Steve Jobs, Oracle CEO Larry Ellison claimed it was inevitable Apple would struggle under Tim Cook.
You only had to look, he said, at what happened to the company in the period after Jobs was ousted in 1985.
“We already know. We saw. We conducted the experiment,” Ellison told talk show host Charlie Rose in 2013.
“Scepticism was pervasive” when Cook was appointed,
says Tripp Mickle, author of the forthcoming book, After Steve, a history of Apple’s past 10 years.
“Tim Cook’s biggest success is the cultivation and the fostering of services, and the degree to which he’s been able to revolutionise the way that the company is perceived in the eyes of investors,” says Mickle.
one of Cook’s biggest successes has been in giving consistency to Apple’s operations.
Jobs had an amazing run, but his focus on products meant revenues were inherently volatile, like that of a fashion company.
If you can predict next year’s consumer tastes, then you enjoy all the riches — it’s winner takes all.
But if you get it wrong, you bear that cost.
And what Tim Cook did well is to take Apple out of this cycle of having to search for a new hit product every time.
Nor has Apple splurged on anything unnecessary.
Apple’s biggest acquisition in the Cook era — buying Beats, a headphone brand and streaming service, for $3bn — could be paid for with three days’ worth of revenue.
one of Cook’s biggest achievements is simply having a keen sense of where Apple should compete and where it should abstain.
Whether Cook should get all or even most of the credit for Apple’s market value is subject to debate.
The past decade of easy money policies, big shifts into mobile and the emergence of cloud computing has been remarkably benefits to tech companies.
Apple could be doing even better
if Cook were able to match Jobs’ ability to build platforms that let partners share in Apple’s success.
Under Cook Apple has repeatedly fallen victim to “the egosystem trap”,
with Apple too intent on securing its position as the leader.
Cook has made these big claims about the smart home, payments, health, television, education and publishing —
all these ecosystems they were going to disrupt,
but they have been incredibly ineffective in driving real change there
the senior team around Cook are largely executives from the Jobs era, rather than people he has brought into the company.
Of Apple’s 12 top executives, only three came to Apple after Jobs passed away. “He didn’t build this team, he mostly inherited it,” Cheris says.
“He just doesn’t get the credit, because he didn’t soak up the credit the way Jobs did.”
The word “wash” or “washing”
began showing up in the 1980s in various compound terms
for the use of superficial, insincere, or misleading information
about the environment, feminism, race, and so on,
intended to improve the image of a business, organization, country, etc.
The two most common of the terms are “greenwashing” and “pinkwashing.”
Others include “rainbow washing,” “purplewashing,” “sportswashing,” “redwashing,” “humanewashing,” “straightwashing,” and “hetwashing.”
the noun “greenwash”
In the earliest recorded example we’ve seen refers to a plan for an open-space buffer between the cities of Louisville and Lafayette in Colorado:
“It’s a great game, this open space whitewash which should be renamed the ‘political greenwash’ or, better yet, ‘open space hogwash’ because that’s all it is—a salve for all the guilty consciences who now have awakened to see the two cities grown together” (an Aug. 10, 1983, editorial in The Louisville Times).
(We’ve seen earlier examples of “greenwash” or “greenwashing” used in the sense of money laundering or applying a thin wash of color.)
As for “pinkwashing,”
the earliest example we’ve found uses the term in its breast-cancer sense:
“Jeanne Rizzo, executive director of the Breast Cancer Fund in San Francisco, which is co-sponsoring the hearing, says companies have co-opted breast cancer awareness and are engaged in a ‘pinkwashing’ of the problem.”
(From a report of the California legislature on a joint Senate-Assembly hearing on breast cancer and the environment held on Oct. 23, 2002.)
Earlier examples use “pinkwashing” in its literal, coloring sense.
The use of “pinkwashing” for the promotion of gender or sexual-identity issues showed up a decade later.
The first example we’ve seen uses the term to describe an Israeli campaign comparing its treatment of gays and lesbians with their treatment in the Arab world: “Israel and ‘Pinkwashing’ ” (the headline on an opinion article by Sarah Schulman in The New York Times, Nov. 22, 2011).