Does PopG break the Groove security model?

An anonymous person has commented at http://popg.blogspot.com/2005/11/oh-woe-thrice-woe-i-just-downloaded.html#113150670188932986 that PopG breaks Groove's security model. This is a great point to make and debate to have. And it is both true and untrue.

It is undoubtedly true that adding PopG into the mix changes the security model. The two biggest changes are that data going to and from PopG is encrypted at 128bit rather than Groove's 192bit. Also those who use PopG have to trust PopG to look after their data. But...

Firstly anyone who assumes that ANY data that traverses the Internet, whether it be over Groove, PopG or whatever is secure - needs their head looking at. Any data that leaves your computer, or indeed brain is essentially compromised. The only question is the matter of a risk assessment of one solution over another and choosing one that most closely suits your needs.

Groove's security model is great, but it has its weaknesses. Some of these are discussed on our support forums and on Groove's own forums. PopG's security model is great but it too has its weaknesses. So where is Groove weaker, and stronger with and without PopG?

Groove exposes data held in Groove Folder Sharing spaces whereas PopG does not expose these. So in this instance PopG is more secure. Add optional and chargeable encryption on PopG folders where GFS spaces are stored and even PopG admin staff would not have access.

PopG is another company that you must trust. Initially that may be considered weaker, but any Groove space that is properly protected with Groove's passphrase is as inaccessible to any PopG person (even with full system administrator rights) as it is to any person who steals your laptop. So a question you should ask is if your laptop running Groove is stolen - then how safe is your data? If you consider it safe, then adding PopG to the mix does not change that security model.

Also as alluded to above PopG can enhance its security model to suit customer needs, right up to a dedicated bunkered service.

The dos and donts of collaborative space methodology

At http://www.shared-spaces.com/blog/2005/11/why_closed_does.html Micheal Sampson makes some important observations on the values of workspaces. Not that I agree with what he says, at least not entirely. But what he says has a lot of merit and deserves some digestions, and if I may, this response.

His primary assertion is that collaborative workspaces don't work, primarily because they are behind closed doors. His second assertion is that people fallback on Email because of this closed nature. There is no doubt that in many cases collaborative workspaces don't work, and there is equally no doubt that in many other instances they do. The question I would like to ask is why the successes, and the failures.

Before addressing that the fallback to Email is an interesting if not annoying phenomenon. Now let me ask you, dear reader, a question. Hypothetically had the entire world been brought up on collaborative workspaces and Email was the new challenger, would they ever adopt Email? Would Email gain traction in such a climate.

Email suffers badly, very badly from spam, unreliability, security (lack thereof) and a host of other ills. That aside its two undoubted strengths are openness and ubiquity. The fact is that Email is universal. And spammers know how to exploit its openness to their full value. But we all exploit its openness. An email address is a unversally understood concept. A standard.

And so take a look at target markets for collaborative solutions, which are joining the dots on disparate projects, across disparate peoples. In the jargon - working at the "edge", perhaps across company boundaries, across nations, across prejudices.

When working at the edge only full value can be gained if all "project" members can collaborate together. I put project in quotation marks intentionally, because how do you define a project team? In collaborative environments the project team is a very fluid dynamic that can change daily.

With the openness of Email there are few boundaries and so adding new project team members and removing old ones becomes kind-of easy. Kind of.

The primary problem of Email is that there is no concept of a project repository. if you add a new team member to the debate it is almost impossible, and that is worth repeating, almost impossible for you to bring them up to speed without significant human effort. So they join the project in spirit, but not in flesh.

The strength of collaborative workspaces is that they have the repository. Therefore if a new team member joins they get full access to everything, and the instant ability to know and quiz any team member. So they get all the knowledge, and any stress of bringing them up to speed is a shared effort.

Now Micheal asserts that collaborative workspaces are closed, and that this is a weakness. That is a big subject. Let me just say that I belong to some closed private workspaces and they succeed primarily because of their closed nature. The kind of important debates therein simply could not be conceived of in a more ope vehicle. Such spaces do not advertise themselves. Therefore their success is not largely known. But that does not mean they do not exist.

There is a good reason to make some spaces more public, more accessible. And we at PopG do that for the Groove Virtual Office community by explicitly promoting and publicising "public" space, providing public invitations to them and finally providing reliable space delivery mechanisms. It does surprise me that a directory of publicly available spaces is not inherent in the product. But given the larger need for private spaces, at varying levels of privacy (including those with just one member!) I can see why this function is not a top priority.

So Michael, simply because you have not belonged to many successful spaces does not mean that they do not exist, have value, indeed have very significant value. At the top, imho, of the value chain are peace efforts in war torn areas of our unstable world. Groove and other technologies have been used with great effect as a technology aid to help broker peace, where all else seemed doomed to failure.

One final point - on why some spaces fail. It appalls and saddens me when someone tries to put all their eggs in one basket. They abuse the repository and treat it as a general dumping ground. In such cases failure seems part of their desitiny. This is not a fault of the technology - the fault lies in training and support - and misunderstanding.

Oh, woe , thrice woe

I just downloaded and installed verosee - a new and potentially useful skype plugin that might offer similar functionality to groove, but using skype as a transport. three woes to think about before you use it.

1. download no 1 at 36 megs. immediately followed by
2. download no 2 at 60 megs.
and then before you even get to see whether the product is at all useful you have to incur
3. subscription at various amounts of $ per month.

Remember this is for a beta product. I object to being charged to support projects at this stage, and I suspect the world at large will do the same. To underline the beta status, the product uses little of standard Windows controls & design. Therefore expect a learning curve for all.

Groove heaven at last, Groove performance solved

We at PopG have always prided ourselves providing the best performing Groove installation around. That is not a position we take on easily. Performance is a very personal thing. Performance is about perception. And keeping Groove performing has not been easy. But let us start by looking at performance in general and then we can come back to Groove...

For the last few years Intel have been pushing ever faster CPUs And these are the ultimate in perception statements. Does a new 3.2ghz , 3.6ghz, 4ghz etc processor actually help you type a letter to your bank manager any faster? Probably not. Does it help run Skype better, probably yes. Does it help you talk faster on Skype - definitely not. Does a new CPU announcement help Intel profits, definitely yes. And the same goes for AMD, or whoever. The important thing is that as nice as it is to have a go-faster CPU, that may not help your Groove experience.

The second primary dimension of computer performance is RAM. Until a couple of years ago this was an issue of cost and supply. Then the brakes came off and memory prices dropped and the amount shipped with new computers became at least sensible and at best excellent. So for many people surfing the web today lack of suitable computer memory is a non-issue.

The final attribute of computing that traditionally defines performance is that of your disk subsystem. Today this is where most people fail -and fail badly. Many computer users take the sensible & relatively easy steps to address this area, including addressing the basics of disk fragmentation. Very few go further, and the primary reason for stopping is the relative difficulty in making further inroads. Essentially improving disk performance is an art often reserved for the computer professional whose responsibility it is to address this area.

There is another attribute of computing performance that should be added to these three - Internet connectivity. And if I can demonstrate the potential for improvement in two computers, side by side, both downloading a 300meg file. One was achieving 40kbps, while the other was going at 250kbps. A tune-up on the offending computer by yours truly, a reboot and then both achieved the same performance.

Of all of these disk performance is the one that has held Groove back. What is important to understand is that these are not isolated objects. Fix disk performance and ignore the others and you are wasting your time and energy. Addressing all four primary areas mixed with addressing other aspects of your Groove computer life can lead to a state of Groove heaven.

Perfection in Groove performance is something that I had thought was unattainable. Even with all my pride in understanding of PC technology and Windows computing I thought that Groove would forever be held back. Until recently I felt that Groove would not perform until Longhorn.

Starting around six months ago PopG had taken a position on GFS (Groove File/Folder Sharing) was not supportable. GFS had continually caused extraneous CPU and DISK performance issues. We had had to take a stance that GFS was not to be used by PopG users. It was banned.

Do not think from this that GFS was the entire problem - it was not. Life with GFS was just harder, much harder.

But now the good news. Right now it is possible to run Groove properly on and off PopG. Right now it is possible to use GFS on - and off PopG. The same performance tips have been tested on a range of computers from the latest XP laptops, through a range of w2k and w2k3 servers down to some "obsolete" computers.

Right now your Groove can run at the same speed as any other application on your computer. Right now your computer can run applications along with Groove and not complain.

We welcome enquiries from companies needing to solve their Groove performance issues.

Playing with sound statistics

Don't get me wrong I love Skype, but the hype on many web pages is "40 million registered users of Skype". Now on-line I only ever see 1.5 million - and I am on-line with skype 24/7. Which means there are 38.5 million dissatisfied ex-Skype users out there.

So who is right - the 1.5 million die-hards like myself, or the 38.5 million who went away?

London, from Olympics to Bombs

Our support goes out to those involved and hurt in yesterday's atrocities. Thank you to those around the Groove globe for your expressions of concern. No-one at PopG was directy or indirectly afected. But we will do what very little we can to assist.

Becoming a Supernode is an increasing liability of P2P technology, and for some a dangerous one!

A favoured technique of improving P2P technology performance such as Kazaa, Skype and indeed Groove is the establishment of Supernodes. A supernode takes on more responsibility and works on behalf of fellow peers to provide better performance, greater responsiveness, faster throughput. And without them many P2P technolgies would simply collapse into a heap of dissatisfied customers.

Here is Skype's definition on supernodes: "A Supernode is a computer running Skype Software that has been automatically elevated to act as a hub. Supernodes may assist in helping other users to communicate or use the Skype Software efficiently. This may include the ability for your computer to help anonymously and securely facilitate communications between other users of the Skype software who, due to network and firewall constraints, cannot establish direct connections."

So who becomes a supernode. Typically it is a question of availability of computer resources including Internet connectivity. This sounds good. "I have more, so why shouldn't I share it?" More capacity may be measured in terms of spare disk space, CPU, RAM, Internet bandwidth and firewall characteristics, 24/7 availability and perhaps other criteria. Each application will make its own decisions.

The key and dangerous point is that you "the user" typically has no choice. Your computer is automatically elevated to supernode and there's little you can do a about it. But why should you? Surely you are helping great Internet technologies work, helping them work better. And you are sharing your computer riches with others less fortunate. So what's wrong with that?

Well, it turns out that people who are using File Sharing technologies to flaunt copyright with such things as MP3 downloads are much more likely to be attacked by authorities if they are a supernode. So if you are breaking, or helping others potentially break copyright, then putting your head above the parapet as a supernode is one silly way of drawing attention to yourself and risking prosecution.

But it there are other problems with becoming supernodes as well. This I call supernode saturation. The problem is that anyone using P2P technology does not stop at just one application. They say to themselves "Direct Connect is good, so what other P2P technology can I use". So they come across Skype, Groove, Jajahand who knows what else. Suddenly you have a computer running a range of P2P applications. What happens next?

Go back to the premise of being a supernode and the logical conclusion is that each application makes a very similar decision and suddenly your computer, and I mean your computer becomes a supernode for each and every application. Suddenly your bigger and better and faster computer is suddenly becoming saturated with supernode demands. I mean, face it, Skype is not going to say in its supernode logic, "ah this computer has already become a supernode for Kazaa, so we won't become a supernode for Skype." No, in fact if anything the opposite may be true.

The result is that having a fast computer with full-on high-capacity Internet connectivity is making your P2P life hell. Suddenly all your P2P applications are competing head-on for the same resources - not for your benefit, but for the benefit on non-supernodes. And there is nothing you can do about it, and you may not even know it is happening to you. All you know is that you are not getting the good application service that others are reporting.