Sunday, 26 August 2018

We've all gone mad (HTTP/2)

Back in the late 1980's I was learning about the TCP/IP stack. This is a wondeful peice of engineering made during a time of paranoia and fear of war and sabotage leading to the worlds most popular and renowned (indeed the only true) internet protocol.

Now, for those who are newe to the TCP/IP stack, heres a quick reminder what it means:

  1. Application Layer - aka Browser (managed final presentation to user, e.g. understanding data)
  2. Presentation Layer - aka TLS/SSL encrption and security layer 
  3. Session Layer - aka OS / Conversational concerns (e.g. information grouping, abstraction allowing it to appear that a single conversation is happening per use) 
  4. Transport Layer - aka OS / Error Recovery and Flow Control
  5. Internet Layer - aka Network Card
  6. Data Link Layer - aka Router Concerns
  7. Physical Network Layer - aka Network Cabling and Infrastructure concenrs
The TCP/IP stack recognises there are different operational needs and concerns as the network traffic is translated between the User understood information into a form which is optimal for transmision over the involved hardware, by employing these abstractions it makes it possible for each sub-area (as listed) to work to its own particular concerns without involving the other layers (since each layer knows how to "speak" the the layer above and the layer below.

This wondefully simple idea is the core of good design. Each element can specialise as is best for its clients and as a server for the layers below and above.

Now, most people should be able to spot the implication here, but I feel I need to call it out explicity because it very much feels like people in general don't. The implication is, efficiency is ensured by each layer dealing with the complexities to which its best suited. Let me just list what those are:

  1. Application Layer - Manipulation of server data to be best visualised and understood by the user
  2. Presentation Layer - Encryption, Compression
  3. Session Layer - Maintains the conversational abstraction (e.g your Data vs My Data)
  4. Transport Layer - Efficiency Based Encoding, Reliability
  5. Internet Layer - Conversion, Division, Reconstruction
  6. Data Link Layer - Transmission, Integrety
  7. Physical Network Layer - Hardware Specific Represntation and Receipt
As you can see, the Transport layer is best suited for dealing with Encryption and Compression. Though really each layer below the application layer may want or need to re-encode or compress its data to get the best performance based on intimate knowledge of the layer below.

The core take away here is that layers 2 to 5 are the best layers at which to acheive compression and encryption for the following reasons:
  • The Application layer shouldn't need to be aware of anything except the concerns of the user and passing to the Transport layer what it needs to function. The application layer has become unnecessarily complex and companies are leveraging the complexity as a means of defence of profit and control.
  • The Presentation layer, being a part of the operating system ideally, is very well placed to give a consistant behaviour across the board and can be simply standardised across all the internet. Recall that the application layer is should be most concerned with the user, and the user is least concerned with how, and most concerned with things being easily understood
  • When the Application layer deals with Compression and Encryption what happens very quickly is incompatibility between internet devices. Since the availability or not of some service is dependent on the tools running on the device. In this case the browser. This position has been soundly abused by large corportations to great success for profit and exclusion (ensuring their "product" is the only one suitable to access some resource).
  • The application layer reducing the data sent to the transport layer is of course largely desirable, but this should be done by the simple axiom of "what is the minimum I need to send to complete my goal" and not how can I, after not having considered the prior, reduce the size of what I have sent. When the Application layer (browser or other internet client) becomes complex it decreases the ability for people to engage with the application (in other words it leads to 'owners' and 'users' rather than people, or putting that another way, it leads to a class system).
What has effectively happened is large organisations have focused souly on their goals, which I will state for the record:
  • Profitability
  • Reduction of Costs
  • Control of Media (DRM)
  • Exclusion of others, removing the potential for competition (e.g. owning the money space)
  • Reliable monitoring and tracking of potential paying customers
I state publicly and for the record this is against the interest of humanity in general and supports the worst kinds of patterns of behaviour and hampers advancement.

I opinion that HTTP/2 was designed largely to meet the above 4 aims It offers little or nothing not intended in HTTP/1.1. Though it does offer alot to aid the current abuse of cookies as a tracking mechanism. For the record, cookies should be a simple short peice of data to disambiguate one user from another and also, potentially as a mechanism for the short term reliable tracking of a understanably secure transaction (e.g. money movement). What cookies have sadly become is a catch all way to store information about end users, keep a good part of that storage on the end users machine and improve the profitability of advertising (e.g. we are advertising to these people, as proved by this cookie data).

So, that is the problem. I don't know what can be done about the problem because what is needed is proper governance and what has happened since my youth is government is the new profitable business! Meaning the government is often sharing the above aims sadly.

To make this more positive, I wish to point out that it's not too late. Innovation in the Transport and below spaces is perfectly possible and in a way which is both financially and ethically profitable. So this is a call to hardware manufacturers to up the game and make the encodings and encryption in the Application layer pointless and a bit of a thing of the past only existing for very specialised cases.

One closing thought, the transport layer needs to be fairly dumb, meaning it should "just work" to the perspective of the layer above. For this reason there may always need to be some encodings or encryptions occuring in the application layer, since another function of the application layer is to be "smart" in dealing with the layers below on behalf of the user. The types of understandable encryptions and compression on the application layer and things like photo compression and video compression, which can be done far better for understanding the nature of the medium than any generalised compression which the Transport and below layers may be able to acheive (in other words lossy compression is the bread and butter of the application layer). The problem with HTTP/2 is that it looks to compress the HTTP headers, these firstly are important in Application layer routing but secondly are readily compressable by the transport layer efficiently. Therefore reencoding and encrypting of them just harms the overall operation of the internet (excepting that the Application layer manages that).

Sunday, 12 August 2018

Next - a widely misunderstood movie

WARNING: Contains spolilers!! If you have not watched the movie. Really recommend watching it.

So, I'm off sick from work today feeling slightly rotten and alighted on watching Next the movie to distract me, and it was a great success!

I got to the end of the movie, extreemly satisfied with everything that occured but craving more, I thought surely this has spawned a TV series or a follow up movie! So I went online to check and was horrified at the terrible reviews from critict demonstrating the most basic misunderstanding of love and this romantic thriller with a sci-fi twist (which is what it surely is).

I was so horrified by the, frankly, dumbass conculusions draw about the movie I felt I needed to explain it to these very very clueless individuals.

Firstly, they mentioned the way the character Cage plays goes from hopeless jerk to suddend action hero and these critics act and speaks like this is some consistency mistake *eye rolls*. The main character in the movie is hiding an ability to see into the future 2 minutes at a time with 100% accuracy, the only way to possibly disguise that is to be deliberately appearing bad at things. So appearing like a somewhat hopeless magician lounge act is a cover to allow him a hope of a normal life, since when he does use his powers its perceived as part of his act and its also perceived he's hopless (which noone who knows the future would be). Now, once he's seen into the future that this cover gets blown, and its assumed he see's many possible futures and therefore explores them somewhat in theory before they happen (a theme running throughout the film) which is explainable by the fact that at a moment I may decide I don't want to go out because I notice the rain where a second before I hadn't and had a whole plan to go out (but applied to pre-congnition). So therefore there is zero inconsistancy. Secondly, his obvious prioity is this girl he feels must surely be the love of his life, and also he's hugely interested in because at the outset he cannot see their future together, but can perceive the moment they meet. Logically its obvious, that once her lifeline meets his he will get to see futher ahead as it becomes the combination of his ability to see ahead in his personal future coupled with seeing far ahead in hers (but not ahead of whatever future point he sees) making the whole movie logically consistant.

The whole plot line of the bomb was actually irrelevant to the story, which was the story of him finding and saving the love of his life. The only reason he involves himself in the whole plot is when he's absolutely forced too when every future outcome lead to the death of her partner. Even then the last attempt obviously lead to the end of the state he was in by nuclear explosion, hence the ending to the movie.

I loved this movie, it was brilliantly executed with a perfectly pitched amount of suspense. Having recently suffered the shit which is "Battle Star Galactica" reboot, this was a breath of fresh air to re-watch (I even forgot how the movie went, so it was a really good buy getting twice the enjoyment).

Sunday, 5 August 2018

Just finished watching Death Cure (The Maze Runner finale)

So immediately I will say I'm going to talk about the end of the movie, and if you haven't watched it you really should because whilst I'm hugely disapointed how they ended it, it was still a really well put together movie and worthy of a good audience.

SPOILERS FOLLOW:

So, what went wrong with the ending? Well several things:

  1. The killed off all the main WCKD characters, when that didn't really serve any wider message (revenge and karma aside)
  2. They ended it, leaving humanity to rott whilst a bunch of lucky people ended up living on an island somewhere whilst the rest of the world was obviously going to shit after they had a definite cure available.
  3. Two of the best characters Teresa and Newt die. Now Newt's death was at least heart-warming and had to it some aspect of value, but it was still the wrong choice. To put it another way, it was clearly a choice made to deliberatly go against any expectations, which works only to enfuriate and annoy (as it is transparently the case).
  4. They don't have any proper medically trained people on this new world and whilst Thomas's blood holds the secret to the cure, infact only Thomas is actually immune (well Thomas and the girl he saves with a blood transfusion carefully carried out by Teresa who is clearly highly trained). So basically they just migrated the problem to a new place to start bloody over, when they had the basis of the cure to hand back at WCKD labs. I get that most of the people there died in the aftermath, but what a piss poor ending.
So, whilst I did enjoy the film and I felt the actual filming, effects and casting where spot on. The story let it down wildly by obviously TRYING hard to be edgy by bucking expectations. When a film does do the unexpected, it has to be truely unexpected not just inverting the key story points where the joy of the tale come. The redemption of the hero who chooses the wrong side (e.g. Teresa) the narrow survival of the character who held them all together (e.g. Newt). Now, if they needed some surpises they could have put them in better places, like WKCD turning out actually TO be good, or the woman running WCKD turning out to be Thomas's mother (which I sort of suspected to be the case). Though I guess 'Shes your mother' has been done with the oppostite gender famously already lol. Though there was more room for surprises.

Anyway, I felt they botched the ending but due to some bloody good acting and film making it still managed to be a great film! I won't be buying the books though, because I checked online and Tereas also dies in the book (and by the sounds without the great film theatrics).

Saturday, 4 August 2018

Microsoft is lying to us all

Turning off and disabling Windows Update in Windows 7 does not prevent updates being delivered!

I was horrified today, I have been a Windows 7 user for over a decade and one of the things which I liked about the product was it put the operator in control. If you disabled the Windows Update service, well updates would stop arriving.

Today, on the same system I have previously used withtout any updates, on reboot it applied updates. I was aware Microsoft has been pushing the update into the Windows Kernel space to remove choice from the user in Windows 10 but obviously they have already (before I disabled updates) pushed it to into the Windows 7 Kernel. The great lie online is that "your obviously an idiot to disable free updates which improve security" but lets look at what security is here:

"Security is deciding who gets into your system and who is able to control your system."

Since Microsoft has 100% access to change our system behind our backs if we are in ANY way connected to the internet, so does ANY hacker with the smarts to understand how they do this without any need for user choice. Worse, that we can 'seemingly' disable updates is a milk sop at best and at worst a deliberate lie to distract a gulable public (and a professional society).

So, my evidence Microsoft is lying is they have always supported disabling Windows Updates in Windows 7 but prevent you from not receiving updates. This means that the whole of the disabling is a lie.

 I would like to make a call out to all knowledgeable hackers to start digging into the kernel and find out which of these components are responsible for Windows Updates so that we can work on purging Microsoft lies from our systems.

In the mean time, it looks like its time for me to embrase Linux because Microsoft no longer deserve my support.