All posts by robertmcgrath

Does Quantum Computing Kill Bitcoin?

Quantum Crypto Is Upon Us

We know it is coming. Probably.

For the last 25 years and more, we’ve known that quantum computing is coming, and that one of its first uses will be code breaking.

Much of the cryptographic infrastructure of the Internet is based on methods that are proven to be so hard to compute that a brute force or guessing attack is “infeasible”. Generally, this means that with current and projected technology, it would take a long time, years or centuries, to work it out.

But quantum computers should be zillions of times faster at certain kinds of computations, including the beating heart of key crypto algorithms. Uh, oh!

This cuts both ways. Quantum encryption might well be unbreakable by conventional computers (good for the defense, bad for the offense). But much of conventional computing and networks will be effectively clear text (bad for defense, good for offense).

I assume the NSA and all the other technically advanced powers are on the case, though I certainly don’t know exactly what is going on. We do know, for example, that there is a public effort in China to deploy quantum cryptography on a backbone network. Google has announced it has the technology. It is likely that high security nets have already got such technology, long before any public announcements. The future is already here.

Mark Kim writes this month in Quanta Magazine about these developments [3]. In particular, he discusses a paper by Bernstein, Daniel J. and colleagues, which looks at “Post Quantum RSA”, i.e., what happens to RSA encryption in a quantum computing world [1].

The thrust of this paper is proposals for “RSA parameters can be adjusted so that all known quantum attack algorithms are infeasible while encryption and decryption remain feasible.” ([1], p. 1)  As they say, their ideas are “not what one would call lightweight cryptography”. The case they analyze involves a 1 Terabyte key! This is expensive and awkward, but the point is that for cases that demand extreme measures (e.g., guarding root keys, critical backbones, and other vital secrets) there may be ways to protect against quantum decryption attacks, even with conventional computing.

This is a cool idea, assuming it bears out. If nothing else, it dilutes the aura of magical invincibility that surrounds quantum cryptography.

But these measures and other possible approaches, don’t really solve the problem for the bulk of the Internet. It may soon be true that well endowed actors, nation states and googles, can crack any crypto they need to.

What Happens to Bitcoin, blockchains, and other Cryptocurrency?

These developments potentially have serious implications for cryptocurrencies and blockchains, all of which depend on cryptography and, equally important, cryptographically-secured systems.

I’m not sure exactly what parts of the Nakamotoan mechanisms might be affected by quantum computing, some might even be improved. But the big two to worry about are the hashing scheme (the basis of ‘mining’) and the ‘addresses’ which are cryptographic public keys. These mechanisms are secured by algorithms that depend on the speed and cost of computing, so a major disruption of speed could breach the entire basis for Bitcoin.

I don’t know if there are ways to subvert the hashing scheme with quantum computing, and I certainly don’t know what the cost/benefit analysis might be for any such scheme. Quantum computing is likely to be more expensive, so who knows when it is cost effective? (Note that the argument that “it’s too expensive to be reasonable” simply does not apply to state actors.)

One potential problem is if it becomes reasonable for some wealthy miners to have systems that are much, much faster, and thereby to accumulate a large fraction of the total hashing power, then that would be a very serious problem.

An even bigger problem is that governments and large companies will soon be able to crack public keys, and therefore probably will be able to mess with Bitcoin addresses. Yoiks! Unfriendlies not only reading your mail, but manipulating your Bitcoins and your “smart contracts”, too. Again, arguments about supposed economic and cost barriers don’t apply to state actors.

Worst of all, anyone actually using Bitcoin or a blockchain for any normal purpose (i.e., other than mining or currency exchange), relies on the general security of the network and nodes. Even if the blockchain, servers, and wallets aren’t cracked (which they will be), the network itself is likely to be unsecure.

It’s hard to know what might happen, but if unfriendlies can insert man-in-the-middle attacks between nodes, then all bets are off. Anyone trying to actually use Bitcoin with a wallet and local connection would be vulnerable in any number of possible ways.

Game over.

Time’s Up For Cryptocurrencies?

The official Bitcoin wiki pages have a short note on “Quantum computing and Bitcoin”, which whistles past the graveyard. They suggest that there is a decade or more to do something, which is probably optimistic. But even this Pollyanna-ish page notes that there aren’t any solid solutions known at this time.

This isn’t great news, especially given Bitcoin’s disfunctional governance system, which has been spinning its wheels for two years over much simpler technical issues. How in the world will the crypto community cope with the existential threat of QC?

Obviously, I’m far more concerned about the collapse of the whole Internet.

Perhaps Bitcoin and other cryptocurrencies might turn out to be canaries in the coal mine, keeling over just before the the big explosion.


  1. Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta, Post-quantum RSA. Cryptology ePrint Archive: Report 2017/351, 2017. https://eprint.iacr.org/2017/351
  2. Bitcoin Foundation. Quantum computing and Bitcoin. 2016, https://en.bitcoin.it/wiki/Quantum_computing_and_Bitcoin.
  3. Mark H. Kim, Why Quantum Computers Might Not Break Cryptography. Quanta magazine.May 15 2017, https://www.quantamagazine.org/why-quantum-computers-might-not-break-cryptography-20170515

 

Cryptocurrency Thursday

Freelancers Union: The App

n the early twenty first, there’s an app for everything. Indeed, some people seem to think that if you don’t have an app, you aren’t for real.

This week the Freelancer’s Union (I’m a proud member since 2015) released a new ‘app’. As their web page puts it, “Solidarity? There’s An App For That.” This isn’t my grandfather’s union, that’s for sure!

OK, I’m game. Let’s do some more close reading here.


First, let me be very clear. The Freelancers Union is doing important stuff, and I strongly support them. You can’t talk about the future of work without talking about the future of workers.

But that does not mean that I will not do a close reading of their narrative or their recent forays into digital products.


Looking At The App

Just what exactly does this ‘Solidarity Forever: The App’ actually do? Does it connect us to our brothers and sisters in the Union? Does it help recruit more members? Does it host digital rallies? Does it ping our elected representatives about legislation? Could there possibly be a playlist of inspiring songs? Dare I hope for live sing alongs with our comrades around the world?

Maybe in version 2.0.

The current version does only one thing: connects you to legal advice.  Sigh. Useful, I suppose, but not nearly as exciting as on could hope.

You App Reveals Your Psyche

While I think this app misses an opportunity to show off FU as truly the new way of work (see below), it does reveal some facts about the FU and our members.

First of all, the fact that there is an app at all, indicates the desire for conventional branding, especially, to be current. The Union is real unless it’s got an app. Box checked.

Second, we find confirmation that the backbone of the union is in the ‘digital creatives’, especially in NYC. The release is accompanied by a social promotion campaign (standard fare for digital advertising), and the instructions simply say,

Post a photo of yourself holding up the app, with the caption “I stand with freelancers because [write your reason!]. #FreelancersUnionApp

It is obviously assumed that we know what “post” means, and think that posting selfies is a meaningful political act.

We also see clearly what is at the top of the worries for the union and the membership. The app does only one thing: it refers you to a lawyer. Glancing at the app, we see a list of the common categories of problem, and the number one suggested topic is  “nonpayment”.

The FU has been pointing on its #FreelancingIsntFree campaign for more than a year, so we get the picture. The same bastards who hire temps instead of permanent employees, also find it cost effective to not pay the temps.

Another glaring point is that, like much of the union’s activities, this offer is only available in NYC initially. The Union is open to everyone, even schlunks like me out in some cornfield, but they are effective on the ground only in a few cities, and mostly in NYC where they HQ. I’m pretty sure that the union would like to spread the goodness everywhere, but it tends to be a perennial disappointment out here in the cornfields, where we can read about, but not really get much real union action.

Anyway–see how much we can learn from close reading an app!


Let me try to be clear. There isn’t anything really wrong with this app, and I certainly support the FU and the purpose of this app.  The point is to see what the app really is, and think about what it could be.

Please let me go one more step and make some suggestions for version 2.

First of all, there could be a specialized social network, with union themed features. The network should be totally flat, because everyone is in one union. PMs should be limited to pings that say, “I got your back” (forget about “like”—we don’t have to “like” each other, just fight for each other :-)). The union might circulate petitions and calls to contact politicians.

Second, there could be solidarity themed ‘togetherness’ activities. Simple ways for the Union to organize flash crowds, marches, or picnics, where feasible.  Other activities might include walkabouts that alert you when union members are near (a la Look Up or even AR Pokemon).

In cases where, we can’t meet in person, lets have digital solidarity. Digital sing songs. Digital dance alongs. Casual games

One game I can think of is a simple trivia game to learn about the union an dits members. Flash cards with simple (non-invasive) information, like where, what you do, and a tag. Remember the most Union members and be famous! High multipliers for locations outside NYC, and for statistically unusual tags (rare occupation, older worker, etc.)

If we want to go Augmented Reality, then we could make union badges that are AR markers. When you encounter someone with their badge on, point the app at her or him. Poof, they are surrounded by halos and unicorns! Or some other magic, magic that only happens when two union members are together in physical space.

The point is, if you make the app cool enough, people will want to join the union, just to get the app!  Let’s put the union in the lead of social technology.

Join the union.

Open Source Alternatives to Uber?

There is considerable excitement these days about Platform Cooperativism, with good reason (e.g. see earlier posts here, here, here). This concept can be dressed up fancy , but it boils down to the fact that the technology used by exploitative for profit platforms such as Uber can be used equally well to build on other “business models”, including worker and user owned cooperatives.

The tools are already in the hands of the workers, all we have to do is pick them up. Lean in, hell! Waltz right in and take command!

“Replacing Uber” is the poster child for this idea. We all understand it, and most of us need transportation. The problem is, Uber is a great service and an evil business. We all understand why we’d like to have a saintly Uber.

The Platform Cooperativism case is this: Uber is not really rocket science. it’s easy enough to replicate Uber’s technology. The basic tools are already freely available. Heck, even I could whack together a Uber clone, and I’m way out of practice.

The question is, can people build successful alternative businesses?

The Technology is Out There

In the past I have looked at “sharing economy” platforms out there already, such as here, here, here.

This month, Nithin Coca iinterviewed Roman Pushki, the creator of LibreTaxi, an “open source alternative to Uber or Lyft”.  This project is open source (and hence, hackable), and aims to substitute for the viciously exploitative ride hailing services.

The key features for LIbreTaxi are:

  • Free for drivers
  • Anyone can use it
  • Cash payment on arrival

In short, LibreTaxi is completely unregulated, unlicensed, and uncontrolled. There is no quality control on drivers or cars. There is vetting of either drivers or passengers. No one is responsible, you are on your own.

All this is a “feature” for, say, undocumented workers, people with junk cars, and drivers without driving licenses. But it is a “bug” from the point of view of safety, fair competition, and the rule of law.

LibreTaxi itself has no payment system, so it is up to the users to pay upon arrival.*

In my view, this cash payment makes the service much less friendly than Uber/Lyft, which handles the payment in the background. When the driver and customer don’t have to deal with money in person it makes the whole experience much friendlier. Sensei Claire Marshall has observed the psychological value of taking cash out of the relationship,

the most startling thing I found in my month in the sharing economy. When money was taken out of the equation everyone was happier.” ([3], Pp 90)

Clearly, LibreTaxi is a bare bones technology, and is certainly not a full replacement for Uber.  But you could build a replacement on this base.


* It would be perfectly possible technically to hack in connection to a payment scheme or, more likely, to cryptocurrency transactions. This would be a very logical extension of LibreTaxi.

Replicating the Business is Hard

In an earlier article, Coca discussed other “ethical” alternatives to the hated Uber. Of particular interest are taxi cooperatives  or an increasing number of ride hailing services. These offer services technically similar to Uber/Lyft, with varied ownership and business models. Unlike LibreTaxi, these services embed the technology in some kind of organization, a cooperative or a local business, so they are legal and responsible, as well as “ethical”.

This all seems great, though it isn’t easy to be sure who’s who and just how “ethical”—for your own ethical standards—any given alternative is. Just because it’s not Uber doesn’t make it angelic—see Lyft.

It is also true that these services are far from universally available. The technology works pretty much everywhere, and we want these to be local coops and businesses rather than Earth striding colossi. But most of the alternatives are available only in major cities, and in some cases, only a handful of cities.  This does most of us very little good, and leaves us at the mercy of the plunderers.

The tools are there, but there is a lot of work to do.


  1. Nithin Coca,  Five (More) Reasons to #DeleteUber — And Some Ethical Alternatives. Sharable.February 24 2017, http://www.shareable.net/blog/five-more-reasons-to-deleteuber-%E2%80%94-and-some-ethical-alternatives
  2. Nithin Coca,  Q&A: LibreTaxi’s Roman Pushkin on Why He Made a Free, Open-Source Alternative to Uber and Lyft. Sharable.March 22 2017, http://www.shareable.net/blog/qa-libretaxis-roman-pushkin-on-why-he-made-a-free-open-source-alternative-to-uber-and-lyft
  3. Claire Marshall, How to Make Money (and a whole lot more) by Sharing. 2015. http://www.sharestories.net/

 

What is Coworking? Trying To Be Kidful Downunder

I have commented before that one of the unsolved problems for coworking is how to accommodate kids. Day care for working parents is a hard problem for conventional organizations, and most coworking spaces don’t have any provisions at all. A few have tried and faced problems. But the list is growing, all around the world.

Robert Ollett blogged recently about Happy Hubbub in Melbourne (Australia), which offers a conventional array of coworking services, plus on site day care. There are some details that depend on local policies, other aspects are pretty universal.

Even with subsidies, daycare is expensive, much more expensive than coworking. The information indicates that Hubbub charges about four times as much for daycare as for coworking! This is typical. The cost of kid care is so much higher, I have seen coworking spaces that offered free coworking when you buy day care, sort of like free coffee or fee mints.

For coworking spaces which are operating at the lowest cost possible, day care is way, way outside the reach of their members.

One reason childcare is expensive is that the facilities and staffing are regulated by local authorities. This is a very good thing, but compliance costs money.  In addition, childcare generally requires competent and trained human staff, another cost driver.

You can set up coworking in almost any space, with almost no staff, but that isn’t true for child care.

For that matter, the little ones have their own requirements. Catering needs to be age appropriate, and they need interesting activities while mum is busy working. And so on. This is all standard stuff for day care operators, but it’s totally alien to coworking operators!

Even the coworking facilities themselves probably have different requirements. Parking is probably much more important for parents bringing in their kids. The work space needs to be close to, but isolated from, the children. There probably should be parent plus child lounge areas, separate from both work and child care area.  Handling kids of different ages might require some creativity. And so on.

Hubbub has been successful so far, though it is actually pretty small (sixteen slots for kids). Compared to some “commodity coworking” sides with hundreds of desks, it is tiny. Could you scale it up? How big is too big for this kind of site?  I’m not sure, and I’m certainly not telling you that bigger is better.

Community, community, community

Erin Richards of Hubbub comments that establishing a trusted reputation is essential for the child care service. This is a completely different kind of reputation from the coworking side.

I think the deeply tricky problem fo solve in all of this is that this is not only two businesses in the same location, but that the two businesses are both about community—but two very different kinds of community.

Coworking is all about community, a community of like-minded peers—workers with similar skills, needs, and goals. Drop-off child care is about trust, and ideally about a community of like-minded peers—parents and care givers with similar needs and goals.

“Coworking with kids” must really be about a community that is both peer workers and peer parents. That’s easy enough to say, but it’s not that easy to do. It’s kind of a Venn diagram, looking for the intersection of the group of simpatico independent workers, and the group of parents who want this kind of child care.

This is a niche, and it cuts both ways. Richards notes that the double draw is attractive for some, “These parents try the coworking space for the childcare, but keep coming back because of the community.” On the otter hand, workers who might otherwise be pleased may be disinclined to participate. “There’s definitely a psychological barrier for people who don’t have kids to come here”.

Thinking about this, I can see that it is not likely that you can have successful coworking and “sprinkle on” some child care, nor have successful childcare and “drop in” some coworking. Making this work is hard, but Hubbub and other sites are beginning to show how to make it work.

One key is the right kind of community leadership, people who are “peers” in both the target communities. The greatest community wrangler in the world may be useless with kids, and the finest tot wrangler might be hopeless at office management.   In the case of Hubbub, this challenge is addressed by the partnership of two leaders, with the right combination of skills.

I think that is their secret, and I’m betting that the success they have seen so far is due to having the right leaders.


  1. Happy Hubbub. Happy Hubbub – coworking with children. 2017, https://www.happyhubbub.com.au/.
  2. Robert Ollett, Coworking Heroes: Happy Hubbub, in habu. 2017. https://www.habu.co/blog/coworking-heroes-happy-hubbub

 

What is Coworking?

Note:  please stay tuned for my new ebook, “What is Coworking”, coming in 2017.

Three Recent Books On Happiness

Everyone wants to be happy, but few people seem to be happy. Even people who are, and have every reason to be happy, still want to be even happier. There is an infinite desire for happiness, and, not coincidently, there is a huge industry in telling people how to be happy. Religions have served this market for millennia. Nowadays, there are apps for it, too.

I thought I would sample some of the recent offerings.

OK, I admit it. I was motivated by the release of Paula Poundstone’s entry in the genre, which I really wanted to read. In the spirit of her “unscientific study”, and the eternal maternal principle that you have to eat your vegetables before you get dessert, I tackled two other recent books on the topic, the sublime, the ridiculous, and the real.

So I (tried to) read all these:

  1. The Book of Joy (2016) by Dalai Lama, Desmond Tutu with Douglas Abrams (The Sublime)
  2. Solve For Happy (2017) by Mo Gawdat (The Ridiculous)
  3. The Totally Unscientific Study of the Search for Human Happiness (2017) by Paula Poundstone (The Real)

Each of these books tackles similar questions (“what can I do to be happy?”), and actually advocate the same array of techniques (e.g., getting a grip on negative thinking, focusing on others, not focusing on “more stuff”). The differences lie in how they tell the story, and especially, how they seek to inspire you, the reader.

These differences are important, both abstractly (are they correct?) and pragmatically, because even the same story told differently captures different readers.

Inevitably, I found myself arguing with the authors, especially where they make claims about science. I cant say that criticizing books about how to be happy made me especially happy, but its what I do.

[Read More]

 

Sunday Book Reviews

Antarctic Ice Losses

As everyone knows, Antarctica is covered with ice. A lot of ice. Ice that is many kilometers deep. Enough ice that, should it all melt, oceans would rise tens of meters. With the retreat of sea ice in the Arctic and glaciers in many places in the Northern hemisphere, a lot of attention is focused on Antarctic ice.

This spring (which is fall in the south), there has been evidence of yet another dramatic calving, as a crack on the Larsen C ice shelf suddenly grew. (I note that Larsen A and B have already broken off in the last decade.)

This activity was observed by ESA’s Sentinel-1 satellites. Observation from space is pretty much the only way to know what is going on in the winter down there.

The current location of the rift on Larsen C, as of May 1 2017. Labels highlight significant jumps. Tip positions are derived from Landsat (USGS) and Sentinel-1 InSAR (ESA) data. Background image blends BEDMAP2 Elevation (BAS) with MODIS MOA2009 Image mosaic (NSIDC). Other data from SCAR ADD and OSM.

This accelerated change comes after the “warm search” of Antarctic summer, and may signal a break up this year. If so, the ice shelf will be 10% smaller, and the smallest ever observed. This is certainly a big event.

Separation of this ice will probably not affect sea level (the ice is floating on the water). But there is growing evidence that the ice is melting at an accelerated pace at that location, and may well be accompanied by melting of near by ice on land. The latter will contribute to sea level rise.

I used to not expect to see the ice caps melt or the great Athropogenic sea rise (AKA, The Great Glub!). But, who knows? The pace of melting is faster and seems to be accelerating, so I might live long enough to see it.


  1. O’Leary, Martin, Adrian Luckman, and Project MIDAS, A new branch of the rift on Larsen C in Project MIDAS Blog. 2017. http://www.projectmidas.org/blog/a-new-branch/

 

Space Saturday

Orchestrating Internet of Things Services

Zhenyu Wen and colleagues write in IEEE Internet Computing about “Fog Orchestration for Internet of Things Service[1]

Don’t you thing “Fog Orchestra” is a great name for a band?

After laughing at the unintentionally funny title, I felt obliged to read the article.

The basic topic is about the “Internet of Things”, which are “sensors, devices, and compute resources within fog computing infrastructures” ([1], p. 16) As Arieff quipped, this might be called “The Internet of Too Many Things”.

Whether this is a distinct or new technology or architecture is debatable, but the current term or art, “fog computing” is, for once, apt. It’s kind of like Cloud Computing, only more dispersed and less organized.

Wen and colleagues are interested in how to coordinate this decentralized fog, especially, how to get things done by combining lots of these little pieces of mist. Their approach is to create a virtual (i.e., imaginary) centralized control, and use it to indirectly control pieces of the fog. Basically, the fog and its challenges is hidden by their system, giving people and applications a simpler view and straight forward ways to make things happen. Ideally, this gives the best of both worlds, the flexibility and adaptability of fog, and the pragmatic usability of a monolithic application.

(Pedantic aside: almost anything that is called “virtual” something, such as “virtual memory” or a “virtual machine” or a “virtual private network”, is usually solving this general problem. The “virtual” something is creating a simpler, apparently centralized, view for programmers and people, a view that hides the messy complexity of the underlying system.

Pedantic aside aside: An exception to this rule is “Virtual Reality”, which is “virtual” in a totally different way.)

The authors summarize the key challenges, which include:

  1. scale and complexity
  2. security
  3. dynamicity
  4. fault detection ans handling

This list is pretty much the list of engineering challenges for all computing systems, but solving them in “the fog” is especially challenging because it is loosely connected and decentralized. I.e., it’s so darn foggy.

On the other hand, the fog has some interesting properties. The components of the system can be sprinkled around wherever you want them, and interconnected in many ways. In fact, the configuration can change and adapt, to optimize or recover from problems. The trick, of course, is to be able to effectively use this flexibility.

The researchers refer to this process as “orchestration”, which uses feedback on performance to optimize placement and communication of components. They various forms of envision machine learning to automatically optimize the huge numbers of variables and to advise human operators. This isn’t trivial, because the system is running and the world is changing even as the optimization is computed.

I note that this general approach has been applied to optimizing large scale systems for a long time. Designing networks and chips, optimizing large databases, and scheduling multiprocessors use these kinds of optimization. The “fog” brings the additional challenges of a leap in scale, and a need for continuous optimization of a running system.

This is a useful article, and has a great title!


  1. Zhenyu Wen, Zhenyu, Renyu Yang, Peter Garraghan, Tao Lin, Jie Xu, and Michael Rovatsos, Fog Orchestration for Internet of Things Services. IEEE Internet Computing, 21 (2):16-24, 2017. https://www.computer.org/internet-computing/2017/05/05/fog-orchestration-for-internet-of-things-services/