Device Independence is no Secret

IBM Chairman/CEO Sam Palmisano says that "the PC era is over." Some might say that his point is proved by a recent task-performance trial that pitted a 1986 Macintosh Plus against a modern dual-core PC. Despite having roughly a thousand times the computational performance, about 250 times the memory, and 3,000 times the mass-storage capacity of the Macintosh, the current-era PC took longer to start up and performed many typical interactive tasks less quickly. Diminishing returns indeed.

No one would seriously suggest that the classic Mac is overall a faster machine, but these figures challenge the conventional wisdom that massive thick-client resources are needed to deliver a responsive end-user experience. With ever improving economics of highly parallel processors, best used in multi-user environments, there’s reason to wonder if the parts of our tasks that most need high processing power should move into multi-core clouds. (The alternative, a "fundamentally different" architecture for single-user PC operating systems, seems like a high-risk approach to a questionable goal.)

Palmisano predicts that 250- to 1,000-person IT sites will represent IBM’s largest market segment within five years, with hardware models like "blade centers" and software models like managed services being driven by those medium-scale needs. It seems to me, though, that his argument is too timid.

Even if the economics of shared systems were merely competitive, rather than compelling, I’d still be favoring a service-based model of information handling as a solution to the biggest unspoken problem of on-premise IT: the abuse of unlimited system privileges that results from having too many superusers.

When the IT administrator is a close co-worker, perhaps with a personal interest in reading people’s email, the situation is ripe for invasion of privacy. A large-scale service provider is (i) more likely to have state-of-the-art security and (ii) less likely to care who’s sending each other lunch invitations or confidential performance appraisals.

It surprises me, really, that we still see systems with simple hierarchies of privilege as the norm. It’s been almost thirty years, after all, since Adi Shamir demonstrated feasible methods of (k,n) sharing in which k people each have partial keys and at least n people need to provide their keys to enable access to a resource. It’s been more than six years since over 100,000 would-be crackers failed to get into an eWEEK OpenHack target installation using Argus PitBull "trusted system" technology; Sun’s Trusted Solaris and the NSA’s SELinux offer similar approaches. We don’t need to keep doing things the same dumb, breakable ways.

But more to the point, most sites shouldn’t be doing their own system administration at all. You can pay people to do it for you, better than you’d do it yourself, for less than it’s costing you now to do it badly. Device independence is gravy — and with growing enterprise concern about the complex clients beyond the upgrade horizon, it’s very nice gravy at that.

Published
June 1, 2007
Topics: