Sunday, February 12, 2012
Writing high-performance code --- Managed languages aren't inherently "slow"
Historically, it was common to optimize your code at the lowest possible level to ensure that you were minimizing the number of CPU operations per second, and getting the most performance out of the CPU you were using. However, since the creation of managed languages, optimizing for specific CPUs has become less common, and less necessary. Despite the advent of these newer, platform-independent languages, many people still avoid using them in certain fields such as game design, 3D engine design, and physics simulation because they believe that these languages are "too slow" for the job. If you're writing for a real-time embedded device, a managed language MAY NOT be the best tool for the job, but for most consumer applications, managed languages are easy to deploy, easier to debug, and often more reliable than programs created in native languages such as ASM, C, and C++. In my experience with consumer games, and physics simulators, the main bottleneck is the communication between the GPU and the CPU, and even more often, the hard drive (SSDs are still too expensive for typical consumers). Using a native language rather than a managed language will not speed up disk access times, and will therefore not cause a performance increase in this area. Many managed VMs have built-in caching mechanisms, and optimized buffering mechanisms that will speed this up, if enabled (such as BufferedStream in .NET, and the ReadAhead feature in .NET 4.5/Windows 8). In addition to application performance, it is also typically faster to design code in a managed language than in a native one, and is easier to port to other platforms. Many native applications STILL are lacking 64-bit CPU support (particularly on Windows)! However, in a managed application, one can typically set their application to compile for "Any CPU" which allows their application to be compiled once and run on ARM chips, x86 chips, and x64 chips, at full-speed, after the code has been JITted.
Friday, December 16, 2011
IDWOS 2012 - Beginning the era of secure, distributed desktop computing
Soon we will be releasing our open-source version of IDWOS 2012 --- A distributed, high-performance, secure operating system which you can access anywhere. Run all your apps on your phone, your local computer, and your web browser, without the worries of a typical cloud computing infrastructure (with the exception of browser access --- modern web browsers inherently possess a number of security flaws which make them unfit for secure computing, please read this article for details on security issues with browsers).
Alternatives to direct browser access
As an alternative to using a web browser, you may download a secure connection program from our source repository, which will be published within the next few weeks. This software will be dual-licensed under the AGPL, and a proprietary license (we need to make a profit somehow). This secure connection utility will allow you to optionally synchronize your data with one of our freely available Cloud servers, after encrypting your data, to ensure that no one, including our employees is able to read your private information. This is in contrast to a number of other Cloud providers, such as Microsoft, Amazon, etc. which store your data in a form where their employees could access it if they wanted to, and read the secure information stored on their servers. As a cloud hosting company, we are concerned by these practices, and intend to modernize both our security infrastructure, and encourage other companies such as Microsoft and Amazon to do the same. Users of these services should always encrypt their information before sending it to any cloud service provider. In the future, cloud hosting providers should provide documentation about technological infrastructures in place which will prevent any employee from gaining access to sensitive customer information. The IDWOS aims to solve this problem, by giving our customers direct access to their information, and even the ability to store the data on their own computers, and access it over a P2P network infrastructure.
Our Cloud goes P2P
P2P distributed computing, and distributed storage is the future direction of the Cloud. We believe that each user of a cloud computing service should directly decide where they want their data to be stored. They can have the option of storing it only on their local computers, with the ability to access the data remotely, or they can synchronize it with our P2P cloud, and access the data anywhere. Either way; we will do our best job to keep our client's information secure. Transitioning the Cloud from the server, to P2P symbolizes the beginning of a less centralized Internet, a more democratic system of data storage, as well as increased security for our users.
What about the future of servers?
In the future, we see servers as being used as data access points, rather than data storage centers. Servers should be used solely for the purpose of accessing your data from any device, and facilitating a communication between a device which is not capable of running our Client application, and the distributed Cloud. Due to the fact that web browsers will still be used, there will not be a decreased demand for servers.
Alternatives to direct browser access
As an alternative to using a web browser, you may download a secure connection program from our source repository, which will be published within the next few weeks. This software will be dual-licensed under the AGPL, and a proprietary license (we need to make a profit somehow). This secure connection utility will allow you to optionally synchronize your data with one of our freely available Cloud servers, after encrypting your data, to ensure that no one, including our employees is able to read your private information. This is in contrast to a number of other Cloud providers, such as Microsoft, Amazon, etc. which store your data in a form where their employees could access it if they wanted to, and read the secure information stored on their servers. As a cloud hosting company, we are concerned by these practices, and intend to modernize both our security infrastructure, and encourage other companies such as Microsoft and Amazon to do the same. Users of these services should always encrypt their information before sending it to any cloud service provider. In the future, cloud hosting providers should provide documentation about technological infrastructures in place which will prevent any employee from gaining access to sensitive customer information. The IDWOS aims to solve this problem, by giving our customers direct access to their information, and even the ability to store the data on their own computers, and access it over a P2P network infrastructure.
Our Cloud goes P2P
P2P distributed computing, and distributed storage is the future direction of the Cloud. We believe that each user of a cloud computing service should directly decide where they want their data to be stored. They can have the option of storing it only on their local computers, with the ability to access the data remotely, or they can synchronize it with our P2P cloud, and access the data anywhere. Either way; we will do our best job to keep our client's information secure. Transitioning the Cloud from the server, to P2P symbolizes the beginning of a less centralized Internet, a more democratic system of data storage, as well as increased security for our users.
What about the future of servers?
In the future, we see servers as being used as data access points, rather than data storage centers. Servers should be used solely for the purpose of accessing your data from any device, and facilitating a communication between a device which is not capable of running our Client application, and the distributed Cloud. Due to the fact that web browsers will still be used, there will not be a decreased demand for servers.
Sunday, November 20, 2011
A letter to my representatives
I am writing as your constituent in the 3rd Congressional district of Minnesota, and a copyright holder on a technology product, the Global Grid. I am writing as your constituent in the 3rd Congressional district of Minnesota. Before disregarding this letter, as another "spam message", I urge you to remember the promise you took when you started your campaign; your promise to uphold the United States constitution, and to represent the people of the United States, and the people of Minnesota. Your duty is to uphold the views of the people, not the views of a few CEOs in large corporations.
I oppose H.R.3261 - Stop Online Piracy Act, and believe that it would be a violation of the US constitution, first amendment on freedom of speech. The Internet is presently a very important vehicle in communicating freely in today's society. Many people are afraid of speaking openly in society about political matters for fear of unlawful persecution, physical harm, or other needs. The Internet provides a means that people can communicate (relatively) anonymously; without necessarily disclosing their physical appearance, location, identity to the person they are talking to. This is crucial in getting out political messages, and promoting free speech in the 21st century.
This law threatens the very existence of free speech in our country. It will allow large corporations to fight each-other with frivolous copyright infringement claims, completely shutting down each other's payment services, and online websites. I understand this bill is intended to support the integrity of Intellectual Property, and increase innovation in the United States. In practice; however, it will do the exact opposite. This law will allow companies to DIRECTLY TAKE DOWN COMPETING WEBSITES WITHOUT DUE PROCESS OF LAW. PRIVATE companies themselves will be able to ACT AS JUDGES in these matters. In short; you are giving private companies, motivated SOLELY BY PROFIT; complete control over the Internet in the United States.
Sincerely,
Brian Bosak
Thursday, October 20, 2011
On shared hosting - A lightweight, secure, virtualization environment
IDWOS 2012 is a virtual OS which features application-layer virtualization for untrusted processes running on the same server. Similar to Singularity, it only supports managed code. Native code always has the potential to exploit a secure system (even on a virtual processor) by calling into code outside the virtualized environment through a security hole. IDWOS 2012 is written entirely in C#, and utilizes .NET remoting to perform communication between an application running on the server and the host system. The system features a virtual file system (which is isolated per-process), memory isolation, and the ability to quickly halt an unwanted application via a remote administration API.
Below is a diagram of the system architecture:
In this diagram, all processes running inside the "virtual kernel" are completely isolated from each other, and assigned separate "security tokens" via the Host Operating system, and the token redirection layer.
When a user requests a web page, events happen in the following order:
- Kernel looks at the URL of the web page, and determines whether or not an existing application is loaded in RAM to process the request. If no application is loaded for the URL, the system will attempt to look in its application database to find the handler application associated with the URL.
- If it does not find a handler, it returns an error page to the client. If a handler is found, it loads the assembly into the virtual kernel, and sends the security token to the virtual application as a WExecutionContext object.
- Once the virtual process is created, control is passed back to native thread running in trusted memory. At this stage, the virtual process is allowed to execute any function within the virtual environment, but is NEVER allowed to call into any native code on host operating system.
- The native thread will then jump back to step 2, and notify the remote process running in the virtual kernel that a request has been received from a client, and passes in a ClientWebRequest object, which contains a Stream to read/write data to/from the client, and information about the request headers that were received from the client.
- The virtual process is free to process the request, and close the stream when it's done. The application will keep running until the server requests the application to terminate. The application will NOT be notified prior to the firing of this event, so it should expect to lose its state at any time. The application may also submit a request to the virtual runtime to kill its process (useful for handling errors and stuff)
On an unrelated note, check out Kuder Productions here
Tuesday, May 24, 2011
Our response to the NASA security breach
This post refers to the recent NASA security described in this article (http://technology-science.newsvine.com/_news/2011/05/20/6683482-nasa-computer-hacked-satellite-data-accessed#comments)
Hackers like this should put their time into making their own society, instead of breaking into an existing one. Many "hackers" break into things like this, break the law, and these are the ones that SHOULD be put in jail. However, there's also another kind of hacker. The kind who jailbreaks phones, makes security software, custom operating systems, and develops artificial intelligence software. Unfortunately; this kind of hacker always goes unnoticed, finds it impossible to gain employment due to flawed culture in the United States, and sometimes, resorts to this. This attack is a symbol of the weakness of the international opinion against programmers, software developers, and other types of hackers. As a programmer myself, I find it difficult to find any type of employment in the field, because most US software development is outsourced to third-world countries, which usually results in breaches such as this one. If NASA does not want such a breach, they should stop outsourcing this work, and encourage other US companies to do the same.
Tuesday, February 15, 2011
New online game soon to be released–2 Sided World
I am proud to announce that IDWNet Cloud Computing will soon be releasing its first PC game, 2 Sided World. The game will span across 2 virtual networks, and connections will be VERY fast and reliable for users of all connection speeds ranging from 1.5MBPS to 100MBPS. Our goal is to give users a consistent experience despite their internet connection speeds. How far are we in developing this game? While; we’ve decided that it’s going to be an in-browser game, and we’ve finished the basic physics engine, particle effects engine, and animated water. Here’s a video showing the current progress of the engine (mainly focused on the animated water) (Our game uses the Away3D engine, which will soon have Molehill support when Molehill is actually released. This should allow all clients to get the same performance as seen in this video):
Game engine example
Monday, February 8, 2010
Various IDW projects have now been open-sourced and ported to Ubuntu – Join the dev team if you’re interested! Now available on Windows and Linux!
You can now join our development team on Launchpad at https://launchpad.net/~idwdevteam
Feel free to create branches and help contribute to the projects! We need as many developers as we can get.
Subscribe to:
Posts (Atom)
