Proposal for the new Fedora Project

Stephen Gallagher sgallagh at redhat.com
Fri Oct 1 11:30:08 UTC 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/30/2010 05:44 PM, Mike McGrath wrote:
>> I'm no lame duck, I swear.  This is a pretty dramatic proposal, my hopes
>> are it will generate much discussion.  It's no secret I'm not big on the
>> future of the desktop[1].  With great reflection and further research I've
>> come to realize something else.  Google is about to destroy just about
>> everyone.  There's a tiny handful of people that don't like the idea of
>> cloud computing and information "in the cloud".  The majority of the world
>> though in love with it or will be and not know it.  The problem: Free
>> Software is in no position to compete with the web based applications of
>> the Google of tomorrow.


"There's a tiny handful of people that don't like the idea of [...]
information in the cloud". One of the biggest flaws in democracies and
populism is that, sometimes, the majority is flat-out wrong. People are
convinced through advertising and propaganda that one thing is true,
even when a minimal amount of thought would demonstrate otherwise.

Right now, data in the cloud is NOT safe, and I'd argue that it's not in
keeping with FOSS principals at all. The basic ideal behind FOSS is that
when something is broken, we have it within ourselves to fix the problem.

Sure, we can open the source for the web application itself. We've been
doing that for many years. But we have never provided a way for
retaining ownership of data on applications run by potentially hostile
sources.

Now, just so it doesn't sound like I'm complaining pointlessly, I have a
few ideas on how we can address this.

1) We need to do some research on how we can leverage tools like
personal certificates or GPG/PGP keys to encrypt data in the cloud. We
need to direct the development of standards requiring the usage of these
tools (and the distribution of keys), so that Joe Sockerdad and Jill
SeeEeeOh can use them.

2) We need to design an ENTIRELY NEW WAY for servers to access data for
presentation. Currently, all webservers require full access to the
unencrypted data at their site in order to present it to the user in a
meaningful way (in the form of fully-rendered pages). This needs to
change. We need to extend the HTML5 standard (or skip ahead and start
writing an HTML6 standard) wherein browsers are built to understand that
portions of a website are sent in pure HTML, CSS and JS, and other
portions are transmitted back in cyphertext that only a user with the
appropriate private key can make use of.

Now, admittedly these are not approaches that can be taken in a vacuum
within Fedora. For this to work, we would need the buy-in of the WWW
Consortium, at least two of the major browsers and probably the support
of one or more of the major certificate authorities. Collaboration is
Fedora's greatest strength.

In summary, I agree that the future is in the cloud. I think it's our
responsibility as citizens of the free [software] world to see to it
that when the future arrives, it's more of a Star Trek future than one
of the Matrix.

- -- 
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkylxj8ACgkQeiVVYja6o6PK6ACfWePr+fAU8sgI847Fh3CcGaEF
7/MAn0ZEr2ZA/moJSShontWH64E/EOM0
=bEn6
-----END PGP SIGNATURE-----

More information about the advisory-board mailing list