An "online desktop" for GNOME? [LWN.net]

An "online desktop" is not exactly a new idea, as X-based thin clients have been around for twenty years or more, but combining the desktop and the web is an idea that is gaining some momentum, at least in the GNOME community. The online-desktop project is an attempt to define a mashup of Linux, GNOME and web applications into something completely new. It is an ambitious goal, which will be met with a fair amount of skepticism, likely by all of the communities being mashed.

In a keynote at the recent GUADEC 2007 conference, Bryan Clark and Havoc Pennington laid out a vision (slides in PDF format) of the online-desktop (OD) with the following top-level description:

The perfect window to the Internet: integrated with all your favorite online apps, secure and virus-free, simple to set up and zero-maintenance thereafter.

Many people are or will be using online applications almost exclusively, with the operating system just providing a platform to run the browser, at least according to Pennington and Clark.

The OD would seamlessly connect the browser-based applications with any native programs that remain, storing data locally and remotely. This would allow users to access their data, including settings and preferences, from any internet connected device. A user would be able to jump between multiple computers and mobile devices, finding their entire desktop environment and data available on each. A new disk and fresh install would no longer require a tedious reconfiguration of preferences and restoration of backups, a user would simply log in to the 'service' and pick them all up.

This network-centric view of computer usage is not particularly new either - Sun's "the network is the computer" initiative is a famous (or infamous) example. The keynote points to plans for the next version of Windows, which will be more closely integrated with Microsoft's internet services, as an indicator that the OD direction is the right one. In order for Microsoft to play its usual lock-in game, it would need to provide most or all of the kinds of web applications that people already use. OD proposes to integrate with the existing applications, presenting a single view that incorporates them and facilitates sharing between them, without the lock-in.

The requisite demo during the keynote was of Big Board, a GNOME Python application, that prototypes portions of the OD, using the Mugshot project. A high-level implementation plan was also presented:

    SEARCH AND DESTROY everything that leaves my data stranded
    on a single computer.

    INTEGRATE the best web applications with the desktop.

    RETHINK the user experience to take advantage of live 
    connections to friends on the net.

    CHANGE THE DEFAULTS so naïve users taking no special action
    will create collaborative, backed-up, online data rather than local
    files.

By its very nature, OD has a very distributed architecture. It is meant to talk to various servers to store data using the services (Flickr, Picasa, Gmail, etc.) that the user is already using. But there will also be data that needs to be stored, for instance preferences and configuration information, for which a service will need to be created. This service is envisioned to be decentralized, with at least some of the servers run by the community. Like many parts of the project, it is still in the planning stages.

The project is young, with thoughts and discussion starting to pop up on the GNOME desktop-devel mailing list in April. Since the conference, things have started to heat up, the website has moved from within Mugshot to its own site, some mockups have been created and there has been a bit of a discussion about an acronym. An obvious choice, using the first letters of GNOME Online Desktop leaves something to be desired, so current candidates seem to be GOLD (OnLine Desktop) or GOOD (Open Online Desktop). Others would rather see it referred to as GNOME Online without an acronym; we stayed out of it and used OD.

Another piece that is in the planning stages is an API for desktop applications to be able to share HTTP state and cache information. With multiple programs talking to some of the same websites, cookies, at least, will need to be shared between them. Sharing data that has been cached from websites, between the browser and other programs that use it, would be useful to reduce traffic as well.

Mixing and matching different web application APIs and storing lots of personal data on remote servers will require careful thought about security. There is some mention of "strong cryptography" being used, but the concerns mentioned so far seem mostly concerned about handling (and losing) private keys. Overall, the security issue seems to be a low priority. A post to Pennington's blog seems to miss the point, comparing the OD security issues to that of online banking. Banks only store the information they have, not the sum total of all data one might have on their computer. In order to fulfill the "secure and virus-free" portion of the goal statement, a lot more thinking and effort will have to be focused there.

Folks typically carry more powerful computers, with more storage, in their pockets today, than were even available to home users twenty years ago. That trend seems to be continuing, at least for now, so there should be ways to carry our own data with us. Desktops that were set up to handle external, plugged-in storage devices and easily switch to an environment stored there would remove the need to store that data on an internet server, except, perhaps, for backups. This might be a simpler alternative that removes some of the concern about loss of data control.

There are lots of opportunities to share and collaborate using web applications, for pictures, text, video, music, etc. But there is also lots of data folks may not want to share. Financial information, email, contracts and work-related documents are just a few of the things that people very well might want to keep private, naïve or no. It will be very difficult to set up an environment that turns all data, by default, into "collaborative, backed-up, online data", without sometimes exposing sensitive data. Using the word processing tool to type a blog entry and a love letter should not automatically expose both to the world.

An interesting, related development is an attempt to define what a "free" or "open" web service is. If a user's personal data is to be stored somewhere other than the local disk, potentially multiple places, it must be clear what rights the user has to that data. The responsibilities of the service must be clearly defined as well. Luis Villa has some thoughts about the framework in which an Open Service Definition might come about.

The framework consists of sets of goals, preconditions and rights, each of which can be thought of as a "sliding scale". He goes into some detail enumerating each of the sets and discussing various settings that could be made on the scales and the impacts that has on freedom and openness, for both users and providers. By using OD as a test case while discussing various settings with interested parties, Villa hopes to come out with a set of definitions and licenses that, in many ways, parallel the Free Software and Open Source definitions. It is an issue that is much larger than the OD project and one that bears watching.

The biggest question, perhaps, is whether this is the "right" direction for GNOME and for desktops in general. Is personal computing finally headed toward a completely network-centric existence? If so, are HTTP, HTML, Javascript, AJAX, and the like up to the task? One is reminded of the wisdom of the Magic 8-ball: Answer hazy, ask again later. One advantage that free software has over some of its competitors is its diversity; we are certain to see other implementations of an online desktop (Pyro for example) as well as desktops that resist the close integration to the web. Free software will truly give users the ability to choose the one that works for them; users of proprietary systems may not be so lucky.

(Log in to post comments)

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 6:01 UTC (Thu) by dhess (guest, #7827) [Link]

Arguing about users' "data rights" is missing the point. Most of the online services mentioned in Havoc and Bryan's presentation - Google Apps, Facebook, Quicken, etc. - aren't free software: at least, they don't meet the FSF's definition, which requires the freedom "to run, copy, distribute, study, change and improve the software." In fact, even if the source code for these apps were available under a license which granted these freedoms, it would be impractical to run them without significant amounts of scarce resources: hardware, power, facilities and knowledge, to name a few.

I can't find a mission statement for GNOME; the closest I can come are a description of GNOME on the gnome.org "about" page and a draft version of the GNOME Foundation's charter. The first point on the GNOME about-page states that GNOME is:

Free
GNOME is Free Software and part of the GNU project, dedicated to giving users and developers the ultimate level of control over their desktops, their software, and their data.

The GNOME Foundation's draft charter states that the Foundation's mission statement is:

The GNOME Foundation will work to further the goal of the GNOME project: to create a computing platform for use by the general public that is completely free software.

So it's a bit disconcerting to see a bulletpoint on a slide from two prominent GNOME developers which proposes a future for GNOME where:

For business users of the Google application suite, a GNOME Online Desktop appliance would be the perfect solution.

(See slide 21 of Havoc and Bryan's GUADEC presentation.)

Havoc points out elsewhere that the free software community can't just stick its head in the sand and pretend that proprietary web services don't exist, which is a true statement. However, actively encouraging users of GNOME to move in the direction of increased dependence on these services seems, at best, inconsistent with the project's goals. If the GNOME project had started with a stated mission to make GNOME the perfect solution for business users of Microsoft Office, I don't think it would have gotten very far.

If the next phase of end-user computing really is in networked applications, it'd be folly to win the desktop battle only to lose the war. Personally, I'd prefer to see the GNOME project concentrating its efforts on the important side of the equation: the service side. GNOME, KDE and other free software projects can't compete with the likes of Google, Yahoo and Microsoft in the centralized computing approach to services. The free software community needs to play to its strengths: free standards and community. Something like this sounds like a good start, to me.

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 10:01 UTC (Thu) by ortalo (subscriber, #4654) [Link]

"it'd be folly to win the desktop battle only to lose the war"

I totally agree with you on this. (Not withstanding the fact that, personnally, I am not at all convinced that this online desktop metaphor would constitute a positive evolution of computing.)
I also think that dogmatic positions should be avoided at all cost, especially with respect to the centralized vs. distributed, or remote vs. local visions of software architecture. In fact, it is my humble opinion that those defending these dogms always carefully hide the fact that, for a given task, one choice may be better than another; but that for all possible tasks, the right choice certainly is not always the same.

Applying that pragmatism to the OD idea and your remark about free (as in freedom) web services I'd like to share another personal opinion.
I wonder if public services is not *the* area where such a free software solution for fully online services would really be worth the effort.
Centralized management of data by public administrations is nearly unavoidable as the advantages of (technical) decentralization are not usually worth the cost for such big database management systems. Similarly, even though opening access to the widest users base possible is certainly useful (the famous "e-administration"), it is not really possible to offer something else than online and remote (carefully controlled) applications for such procedures which end-to-end control, in fine, *must* remain in the hand of public institutions. (I am speaking of really basic public services, like citizens identification, etc.)

Of course, nowadays, these online services are usually offered using proprietary software (and that extends to the client software too)... But imagine a full free software solution allowing states and their citizens to manage some administration procedures and documents online on a remote server.
If such a free software solution was available in fields such as demography, vehicles, taxes, safety services, etc., public institutions would probably consider it.[2] Whether they like it or not. For strong ethical reasons, but also for that very pragmatic obligation [1] which is the other side of "free". ;-)

We do not need to re-implement all the software coded by governements during 3 decades before gaining momentum on this. A few carefully chosen cases could prove useful already. But we need to write them entirely.
It could prove boring certainly to implement a boring procedure in its entirety, but I am sure there can be some fun too for those with a passion for multi-terabytes databases or careful anonymizing cryptographic algorithms...

[1] In my mother language it reads: "le souci des deniers publics"
[2] It has already started in some countries, but if I am not mistaken, it were not really fully community-driven initiatives...

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 14:23 UTC (Thu) by hp (subscriber, #5220) [Link]

There is a free server side involved here. I've been hacking on online.gnome.org all week (it's not up yet, but see mockups), and Luis Villa is spending the balance of his Red Hat internship tackling the Free Service Definition problem. We've also got people from Creative Commons and Software Freedom Law Center and others helping out. We'll use online.gnome.org to be the first ones to adopt this and once we define what a free server side is and have our first free server side functionality, we can go from there.

We are also going to insist that the free online.gnome.org is the only "required" part of Online Desktop - I say "required" in quotes, since Online Desktop itself is an optional mode of GNOME, not a required thing.

The GNOME project is mostly a client-side project and few people in it know how to code server side stuff, so I think GNOME will mostly not be about the server side for now. But of course I would love to see free software server apps and there are tons of open source developers who know how to code them. I hope they will. I hope GNOME developers will learn eventually, too.

The essence of the GNOME Online Desktop client side to me should be choice - ability to use any server apps. That will preserve our ability to do free server apps.

A number of people have talked about using P2P or federation or <insert hand waving here> to avoid the hosting issue. While I'd love to see that, the fact is that it's insanely difficult and something of a research problem. As a result, I think it becomes an excuse; "we can ignore server apps, because they suck, we should use P2P!" - I'll be in favor of that when I see running, production, Internet-scale P2P code working with the same user benefits users are getting from server apps. Until then I think P2P is more wishful thinking than anything else. (Don't get me wrong, it works in limited domains and for limited kinds of functionality, but it seems to be impractical to replicate many of the server apps people use via P2P.)

The way to think of this is that if we want open source to be popular and want users to have a completely open source experience, we have to offer the same benefits users are getting from these server apps today. No excuses.

There is absolutely no way that allowing our client OS to become increasingly irrelevant to how people are using computers is helpful to free software. If we have a client OS that's highly relevant to what people are doing, in contrast, and people thus use the client OS, then we have the ability in the future to (for example) set the default server apps to free server apps.

If Microsoft owns the client OS, then you can imagine what the default server apps will be.

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 14:41 UTC (Thu) by hp (subscriber, #5220) [Link]

One other thing: historically, the GNU Project started by slowly replacing bits of Solaris and proprietary UNIX, because they could not do a 100% free system fully formed from scratch.

We're effectively in the same situation today. Sure there's a 100% free client OS, but I don't know anyone who uses exclusively a client OS and never uses the web. How many people do you know who don't use a search engine, or that only use a free search engine?

Pretending that today we have a 100% free computing solution is just bogus. (Virtually) nobody is using only the free part. They are all using the web.

We have to solve this problem. But it will be solved by defining what freedom means for server apps, and then coding server apps that use that definition.

It won't be solved by hoping server apps go away, because the user benefits are too large. If we refuse to adapt the desktop to how people are using their computers, that just makes the desktop suck more than it could have and ensures there's one less reason to switch from Windows.

It's not like the world will say "oh, GNOME has minimal web app integration, I guess I'll stop using web apps."

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 19:41 UTC (Thu) by vmole (guest, #111) [Link]

Will I be able to set up my own server, and completely ignore online.gnome.org? Because anything less is lock-in. My data is going on a server I control 100%.

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 19:50 UTC (Thu) by hp (subscriber, #5220) [Link]

You can 1) use GNOME as it is now and ignore Online Desktop, 2) if we scaled down the server app, run it on the same system as your client, 3) run your instance of the server app on your own server, 4) use the online.gnome.org instance or 5) use an instance run by someone else of your choosing.

It's all hypothetical still of course, since we just started coding, but there's no reason you wouldn't have these choices.

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 19:57 UTC (Thu) by hp (subscriber, #5220) [Link]

Oh, I see what was confusing. When I said "online.gnome.org is the only required part" I was saying that the service provided by it is the only required part (for Online Desktop mode) - you need an "online desktop service" that e.g. stores what other services you are using. It's a "bootstrap" service.

However, the requirement is not for online.gnome.org specifically, just the server app that will be running there or another app that speaks the same protocol.

Also, you aren't required to use Online Desktop mode at all, so then you don't need any server, you can stick to Classic Desktop.

The point is that to make Online Desktop go you need the basic server app that stores your settings and stuff, but you don't have to use e.g. web mail or a web photo app, you can choose a la carte among those kind of services.

Are today's online services consistent with GNOME's mission?

Posted Jul 26, 2007 20:17 UTC (Thu) by vmole (guest, #111) [Link]

Thanks for clarifying - that is exactly the answer I hoped for.

And to clarify my point: it's not that I don't trust GNOME to run a server, it's that I don't trust *anyone* to provide a service that I rely on for as long as I might want to use it. Sure, my "server" is a virtual server provided by some other company, but all the data on it is backed up locally, and I could move it all in a couple of (painful) days. I'm completely mystified by people who trust huge amounts of work to Flickr, or Livejournal, or whatever.