Thursday, October 27, 2005

Five paradoxes of the Web

The Web is a great platform for delivering content and services, but it is showing its age. The fundamental design choices that were right at the beginning of the Web are starting to backfire now. This is an attempt to identify what is impossible to fix within the current Web.

The problems with the Web are readily apparent; they are simply taken for granted. In the last month, as a Web user I had to deal with spam (in my webmail inbox and on my blog), denial-of-service, and identity theft; not to mention user interface bugs. As a Web developer, I had to work around browser incompatibilities and was forced to expend an effort disproportionate to the complexity of tasks I was trying to accomplish. And it keeps getting worse.

A lot of resources are spent on combating the problems of the Web; but they do not solve the principal paradoxes of the platform. Whole industries now prosper solely because of imperfections of the Web. This is a good indicator that computer user community should invest in a new global infrastructure and address fundamental problems with fundamental solutions.

  • Everything is free, yet nothing is free. (Compensation paradox)

    Many Web services are free for users, because charging for them is impractical—but providing these resources costs money. This makes direct business models unsustainable, and requires metering of resources. Even without explicit caps, limitations of provider's hardware and bandwidth lead to denial of service to users during peak times—or during attacks. (solution)

  • We don't know who you are, yet there is no privacy. (Identity paradox)

    There is no universal identity mechanism: a website can't greet you by name, unless you filled out a form beforehand. Identity management mechanisms are clumsy, leading to identity theft. At the same time, there are various covert ways of invading privacy which are transparent to a user: IP addresses, cookies, Referer headers, one-pixel GIFs in emails.

  • Write multiple times, yet it still doesn't run everywhere. (Compatibility paradox)

    Writing advanced Web applications requires sacrificing one of three important components: capability, compatibility, or speed of development. Testing on all browser flavors and versions is a luxury few can afford. It doesn't matter if one browser is more standards-compliant than another; in practice, you have to support multiple clients or lose users. (solution)

  • Code goes over the network, yet it's not mobile. (Boundary paradox)

    Web is asymmetrical: there's a client, and there's a server. The client speaks one language (JavaScript), the server speaks another (usually not JavaScript). To cross the boundary between the client and the server, the code must be translated into a different language. No matter how fast the network is, the mobility of code is limited by the speed of a programmer's manual conversion between client-side and server-side APIs.

  • The Web is not decentralized enough, yet it is not centralized enough. (Responsibility paradox)

    The DNS is centralized; certificate authorities are essentially centralized too. Centralization gives monopolies to organizations in control, while at the same time creating global vulnerabilities. But there's no one to appeal to if an entity is misbehaving (e.g. spamming), since the Web authorities do not accept responsibility for the platform's citizens.

Identifying problems is the necessary first step. This blog will explore possible solutions, often more radical than not. Thinking outside the box of the Web is the only way to make real progress. Odds are, the next winning platform will solve all five paradoxes of the Web. Will the first platform to solve all five praradoxes of the Web be the next winner?