Interview with Sun's Tim Bray and Radia Perlman 76
ReadWriteWeb writes "To celebrate the 15th anniversary of the World Wide Web, Richard MacManus interviewed two senior engineers from Sun Microsystems - Tim Bray (Director of Web Technologies) and Radia Perlman (Distinguished Engineer). The interview discusses the past and future of the Web, including the impact that Sun's servers have had over the years. Also discussed is the reason why Tim and Radia believe that P2P won't be a driving force on the Web going forward. Radia thinks that having central sites where people can register is key to making the Web scalable and more secure."
Re:P2P (Score:2, Interesting)
1. P2P requires holes in firewalls. You cannot use P2P applications safely through a firewall, you must also allow incoming connections.
2. P2P and a distributed attack look identical. There's no way to tell the difference between a P2P application and a worm attacking a network. As such, allowing P2P applications to exist necessarily lessens the security of the network by allowing worms to hide in the P2P traffic.
3. There's no way to secure a P2P network to require certain permission levels to access data. Once data is flowing in the network, every peer has to be trusted not to distribute the data to another peer without proper validation.
And perhaps the biggest reason:
4. P2P isn't. You have to have a central source at some point that tells the peers where to find each other. If you have a central source anyway, you might as well just have all peers connect only to it so you have clearly defined routes and security roles.
P2P is already effectively dead. It's only going to continue to die as more and more ISPs strengthen the security on their network and, as a side effect, kill off all P2P traffic.
Central Server vs. P2P (Score:4, Interesting)
You have no privacy, get over it. (Score:5, Interesting)
Although McNealy spent a lot of time and ink explaining his point of view, and claiming he was taken out of context, he never backed off that statement. In fact, he clarifies this way "If there were no audit trails and no fingerprints, there would be a lot more crime in this world. Audit trails deter lots of criminal activity. So all I'm suggesting, given that we all have ID cards anyhow, is to use the biometric and other forms of authentication that are way more powerful and way more accurate than the garbage we use today."
The part that is wrong about this is that audit trails are for government and corporate operations, to make sure they are honest and within the law, and within the bounds of their investors' and constituents contracts. Applying the same controls to individuals is oppressive, and McNealy should not have been surprised to find out many people objected to his view.