Tag Archives: tech

Update: proxy software testing

For those testing the new POP3/IMAP proxy, please switch your incoming mail server to beta.webmail.us

Tonight we set up a second Dovecot proxy and slapped a load balancer in front of it, in order to closer simulate how the new proxy system will be running when it goes live.  We also set up a real SSL certificate for beta.webmail.us so that you stop getting those annoying security warnings.

Give it a try.  Post your results as a comment to this blog, or email feedback@beta.webmail.us.  Be sure to mention what mail program you are using, as well as how you are connecting (POP3/IMAP, SSL/TLS/plain-text).

New POP3/IMAP proxy software (help us test)

We have been playing around with Dovecot
this week.  Dovecot lets you compile with epoll support,
which can drastically improve the efficiency of applications that
handle a large number of concurrent of network connections.

Our current POP3/IMAP proxies run Perdition.  Perdition uses "poll" – Linux’s old network event dispatcher.  With "poll", performance suffers
when you start processing thousands of concurrent connections,
because it does a linear scan of socket file descriptors in order to
detect network events.  The more connections you have, the more file
descriptors you have, and so the longer it takes to respond to network events.  "epoll" does not need to do this linear scan, so the
response rate for network events is completely independent of the
number of network connections, making it much more scalable.

We got our first Dovecot proxy sever setup this morning.  If you are brave, please
help us test it.  Post your results to this blog post, especially if
you encounter any errors or weirdness…

Server Name: newproxy.mlsrvr.com
Supported Protocols:
   POP3, port 110 (plain text or TLS)
   IMAP, port 143 (plain text or TLS)
   POP3S, port 995 (SSL)
   IMAPS, port 993 (SSL)

If you use TLS or SSL you will get a SSL security warning.  Just ignore it.

Time for a Scan

I’m sure "it could never happen to you", but just to be safe how about downloading a copy of ClamAV and giving your computer a full scan?  300,000 people are going to lose their important documents on Friday.  Please don’t be one of them.

This virus will overwrite the following types of files on an infected computer beginning some time on February 3, 2006:  DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP.  It overwrites the files with the string "DATA Error [47 0F 94 93 F4 F5]".

Solving Complex Problems

I have a new quote on my wall:

"New hires tend to want to do complex things, but we know complex things break in complex ways. The veterans want simple designs, with simple interfaces and simple constructs that are easy to understand and debug and easy to put back together after they break."

"The best advice is just basically to keep everything as simple as possible—simple processes, simple SKUs, simple engineering. These systems get to be very big very fast. I don’t think there’s really any one particularly hard, gnarly problem, but when you add them all up, there are lots and lots of little problems. As long as you can keep each of those pieces simple, that seems to be the key. It’s more of a philosophy, I think, than anything else."

— Phil Smoot, Product Manager for Hotmail

The full interview with Phil can be found here.

If you tackle every problem with the belief that there is a simple solution, you will usually find one.  Sometimes to solve a complex problem you just need to piece together several individual simple solutions.

The Desktop — 2015

With all of the rumors (true or not) about Google PC, I figured it is time to post this to my blog.  I originally wrote this for Webmail.us management on November 4, 2005 and I have updated it a few times since.  This is my vision for where the desktop is heading…

Background

Traditional installed software is on its way out and software as a service ("SaaS") is on its way in.  Soon most, if not all, software applications will be available as a hosted service.  Both hosted and non-hosted versions of popular applications will be available for many years, because not everybody will be comfortable making the switch to hosted right away – just like there are still Windows 95/98 users today.

Over the past two years we have gained an understanding of what software as a service is and why it is inevitable.  So far all of the talk has revolved around core applications such as email, calendar, word processing, and CRM.  The conversion to SaaS for these applications is already well underway, but this is just the beginning.  Think of any application you have ever installed (photo editing, mp3 players, virus scanners, etc) and there is probably somebody out there creating a new business model which will offer the application as a hosted service.

In this great new world, you will never have to install or upgrade software.  You will just subscribe to it.  But if there are no more applications to install, where does that leave the desktop?  Better yet, where does that leave the operating system?

Google’s Plan to Break Up Microsoft’s Desktop Monopoly

In 2004, Google began exposing people to Google-branded desktop applications.  In April 2004, Google announced Gmail with a 1GB storage limit.  In October 2004, Google unveiled its first-generation desktop search application.  In August 2005, Google added its desktop sidebar, with lots of customization features.  In August they also released Google Talk – its instant messaging application.  In October 2005 they announced an RSS reader, and rumors are that Google Calendar is right around the corner.

In August 2005, Google announced plans for free Wi-Fi service in San Francisco and other major metropolitan areas.

Beginning in 2004, Google started quietly acquiring thousands miles of "dark" (unused) fiber-optic cable stretching across the entire US.  It is also acquiring super-fast connections from the nations largest telecoms.  Speculation is that they are building a national broadband network that is massive enough to rival even the countries biggest Internet service providers.  There is also speculation about Google’s data-center-in-a-box, where they plan to drop a full data center (contained in a box) at each of the 300 major Internet peering points world-wide, creating a massive computing grid optimized for high bandwidth applications.

So what is Google’s master plan?  Some say that they have no master plan, just a lot of smart engineers cranking out independent projects.  I don’t believe that.  I believe Google does have a master plan and it is aimed right at the heart of Microsoft.  I believe Google thinks it can crush Microsoft’s operating system monopoly, and thus it’s desktop monopoly, by turning more and more uses on to their hosted applications, and eventually by removing the need for an installed operating system altogether.  I believe Google can and will eliminate the traditional operating system – by introducing the world to a new choice: "Network Only" mode.

Booting in "Network Only" Mode

In just a few years, I believe that all new computers will come with a "Network Only" boot option.  In this mode, your computer will plug into the network as a terminal and can run entirely web-based applications.  There will be no software to install – you just plug in and go.  This option will be built into the BIOS so that when you turn your computer on, you can choose if you want to boot traditionally via Windows (or other installed OS) or if you want to boot in "Network Only" mode.  Intel’s EFI technology already heading in this direction – it allows your computer to connect to the Internet from a command shell before the OS is loaded.

You will be faced with two major decisions when booting in "Network Only" mode:  (1) Choose your network, and (2) Choose your desktop.

The first screen you will see when booting in "Network Only" mode is a listing of available networks to connect to, both wireless and ethernet.  Some of these networks will require identification/authentication information, such as corporate networks, and some will be completely open, such as Google Wi-Fi, T-Moble and other commercial networks.  When you connect to a commercial network for the first time, you will need to create an account with that provider.  In some cases this will cost money, and in some cases this will be free (such as Google Wi-Fi).  Either way, your computer will have a method to optionally remember your account information and automatically reconnect you to that network the next time you power on your computer.

Once connected in "Network Only" mode, you will need to choose your desktop.  This is where things get interesting.  Traditionally the desktop has been something that is stored on your local hard drive.  Your current desktop probably has a personalized background image, several icons and files scattered about, a start menu with customized program lists, a clock, taskbar, quick launch buttons, and other personalized gadgets.  All of this will still exist in the new world that I am describing, – only it will not be stored on your local computer.  It will be stored on Google’s servers, or Yahoo’s servers, or Microsoft’s servers, or your employer’s servers.

So, after you power on your computer, and after you connect to the network, you will need to log in to your desktop.  Some network providers will make this easy for you and launch you right into your personalized account on their branded desktop.  For example Google Wi-Fi will launch you right in to Google Desktop; Microsoft partnered ISPs will launch you right into Windows Live; and SBC will launch you right into Yahoo Desktop.  With all of these, there will probably be a way to switch desktops from one vendor to another simply by logging out of one desktop and into another.  Most ISPs will provide quick links to the popular desktop hosting companies, or they may prompt you for your desktop server name and login information.  Regardless of your ISP, with "Network Only" mode you will finally have a choice, instead of being forced to use a Microsoft powered desktop.

The Hosted Desktop

Your hosted desktop will look very similar to your traditional Windows desktop.  You will have a personalized background image, a customized program menu, a taskbar showing running applications, a clock, and the rest.  In fact, Microsoft will give you a very easy way to convert your conventional Windows XP desktop to a Windows Live desktop, hoping to leverage their dying operating system monopoly to gain a large share of the new hosted desktop market.  However, Microsoft will not own the network and ISPs will give their users choices.  Many users will choose to try Google Desktop or Yahoo Desktop, rather than Windows Live.

There are already some companies trying to enter this space with Ajax-based desktops.  Techcruch has been doing a great job at profiling these startups.

It will be interesting to watch what Microsoft does to retain the desktop.  They will probably create partnerships with major ISPs to become the default hosted desktop for their ISP customers.  However, this new world will be all about openness and choice.  Microsoft will have lost its monopoly.

I believe Google has a huge leg up on the competition for gaining early adoption in the hosted desktop market.  They have already built a massive computing platform to host web-based applications.  And they are more than 12-months into the process of creating a low-cost, high bandwidth, global network for users to plug in to that computing platform.  Google will be able to deliver a fast, feature rich desktop before anybody else.  It will take a few years for Windows Live, Yahoo Desktop and the others to catch up.

And lets not forget about AOL.  The AOL Broadband service is essentially already a hosted desktop.  They just need to create the "Network Only" method of plugging into it as your OS.  AOL users are already familiar with checking their email via a web-client, using a web calendar and a ton of other web-based tools.  It is lacking some key applications, such as word processing, but there are companies popping up to fill that void.  AOL will be a dominant player in the hosted desktop market as well.

There will also be several open-source hosted desktop projects – perhaps created as mutations of the Gnome and KDE desktop projects, or perhaps these will be entirely new projects.  This free hosted desktop server software can be used by ISPs to host their own branded desktop, or to provide an ad-free solution to their customers.  Open-source hosted desktops can also be used by corporations to create a private and secure hosted desktop server for their company.

Why Switch to Hosted?

You may be thinking to your self right now, "Thats great that I have a new choice, but why would I want to switch?  My current Windows XP desktop works great."  Great question.  Consider this…

You wake up early tomorrow morning and turn on your computer at home.  You launch your spread sheet program and spend an hour working an a document for a meeting later that morning.  When its time to head into the office, you don’t close any of your applications, you simply flip off the power switch.  30 minutes later you get to your desk and you turn a different computer at your office.  Your spreadsheet is right in front of you with the cursor blinking exactly where you left it, your windows as are all in tact and your taskbar and desktop look just the same as it did at home.  Later that day when your meeting starts, you arrive to the conference room with nothing in hand.  You sit down, power on a computer in that room and you log into your desktop.  Again your programs and documents are all there, and you can open your spreadsheet for the meeting just as you did at your office and at home.

With a hosted desktop you have total portability and your virtual computer is always on.  You never need to close your files, you never need to email documents to your self to get it from place to place, and your experience is always the same.  No matter where you are in the world, or which computer you are using, you simply need to login and you have access to everything.

Tomorrow’s computers are going to be a lot less bulky and require less power to operate – because the power needs to be on the server, not the client.  Right now there is a ton of wasted electricity because desktop computers sit idle 99% of the time.  A browser-based OS is a lot less wasteful.  You can even get rid of the hard drive once flash memory cards get into the 10GB+ range, which is right around the corner.  Hardware drivers will be stored online in a centralized repository, making things much easier on the end user.  Given the option, people will choose the smaller and simpler machine, which will help fuel the transition.

Tomorrow’s wireless devices will be another method you will have to get to your hosted desktop.  You will connect your wireless device to the local Wi-Fi or cell network, log into your desktop, and your desktop hosting company will display a mini version of your personal desktop.  All of your programs and documents will be there.  Everything will be the same.

Viruses

Since there is no more installed software, does this mean there will be no more viruses?  Not exactly.  Without an installed operating system, it is true that today’s viruses cannot infiltrate your computer, or if somehow one did, a simple reboot would remove it.  However, the bad guys will not stop writing malicious code.  Tomorrow’s viruses will attack "Network Only" machines in new creative ways.  Perhaps they will attack the browser platform.  Or perhaps it will become resident in memory and steal your hosted documents.  Who knows?  It may become harder for your machine to become compromised, but not impossible.

Zombies will most likely become a thing of the past.  Zombies are computers that have been infected with a virus which turns the computer in to a machine that can send spam for spammers or host porn sites or proxy malicious traffic for people committing crimes on the Internet.  Even if it is still possible to turn a "Network Only" machine into a Zombie, the network operator or desktop hosting company will have the ability to reset any machine that is connected to their network into a clean state.  Therefore these companies can detect when a machine has been compromised and automatically apply a fix – perhaps even without the user ever knowing.  For privacy reasons users will probably need to opt-in to this auto-fix solution, however if you don’t opt-in and your machine gets compromised, you can bet on them dropping you from their network.

Behind the Scenes

Hosted desktops will be built upon the web browser platforms that exist today.  Computers may come preloaded with some sort of browser platform, or the computer’s startup interface will let you easily go and grab the latest version of the browser platform of your choice.  You will probably want to download the browser platform that is built by your desktop hosting company so you can fully utilize their features.  Microsoft Live will push the Internet Explorer platform, Google Desktop will push Google Browser (built from Firefox technology), the hosted Mac Desktop will push Safari, etc.

Even though the hosted desktop will be powered by a browser, it sure won’t look like a web browser.  It will contain your familiar taskbar, program start menu, IM client, etc – however each part of the desktop will be built using Ajax, Flash, HTML and other browser-based technologies.  Look for more programming languages to be supported by these browser platforms soon such as Python and Ruby, leading to new possibilities and more powerful hosted applications.

Offline Mode

One obvious problem with "Network Only" mode is that it appears you are now completely reliant upon the network.  If your ISP has problems, or if you are traveling outside of a Wi-Fi coverage area, your computer becomes useless.  Well, not necessarily.  This problem will be solved as well.  The next-generation browser technologies will allow web application authors to write caching, queuing and prefetch code that allows their applications to be used offline.  Most likely this will be tied with a mini local web server that comes with your browser platform and runs locally on your computer.  Google’s desktop search application already installs such a mini web server on your computer.

When you are not connected to the network, you will still be able to power on your computer in "Network Only" mode.  Your personalized desktop background will still be there, your taskbar and start menu will still be there, and your core applications will still be accessible.  You will also be able to configure other custom applications to be assessable offline.  Depending upon the application, some features will not be available, but many features will.  Your local hard drive will be used to cache gigs and gigs of data for the hosted desktop and your favorite web applications.  For example you will be able to view your entire calendar offline, and you will even be able to add new events to your calendar and modify existing events.  Changes will be queued on your hard drive via your browser platform so that the next time you connect to the network, the browser will push updates out to all of your hosted applications.

The great thing for web application authors is this caching, queuing and prefetch functionality will eventually be native within all browser platforms, making it easy to create offline web applications.  With this advancement the distinction between the offline and online world will begin to blur.

File Storage

With the advent of "Network Only" mode, you will need a new place to store your files.  Yes, you will still have access to the local hard drive, but if you store it locally you will only have access to it when you are logged into that that specific machine – or at a minimum that machine must always be online for you to remotely access its hard drive.  You will want to store your files elsewhere to fully take advantage of your hosted desktop.

Several hosted file-sharing services exist today, such as Xdrive and FolderShare, and more are being created such as Omnidrive.  Some of these companies have gotten swooped up by Microsoft and AOL, because the "big four" know that the hosted desktop is coming and they know they will need to allow you to store files on their network.

In addition, many of the web applications you use will allow you to store your data files on their system.  For example your hosted spreadsheet program will let you store your spreadsheets on their system, your email provider will store your emails, etc.  Many of these applications will also let you choose to store data files elsewhere such as your local hard drive, your hosted desktop, or other remote storage devices known by your desktop.

I have mentioned three places you can store your files so far:  your hard drive, your hosted desktop, and the company who provides each of your hosted applications.  A fourth place you will be able to store your files will be on your own network-attached storage devices.  Most homes today have at least one network-attached storage device that can store several hundred gigs of data – your DVR/TiVo.  Check out the TiVo API at SourceForge.  There are also external hard drives designed specifically for network-attached storage, which you plug into your network directly via ethernet or wireless connection.  Hosted desktops and hosted web applications will give you the ability to connect securely to your DVR and other network storage devices located within your home.  And as long as these storage devices are online, you will be able to connect to them remotely from anywhere that you login to your hosted desktop.

Application Bundling

There are a handful of applications considered essential by nearly every computer user:  web browser, email, calendar, instant messaging, word processor, spreadsheet editor, and a few others depending upon who you talk to.  The desktop hosting companies will bundle their version of these core applications with their desktop.  Users will be able to choose to use programs provided by other companies, but the desktop vendors’ programs will be right in front of your face, and will be mostly free to use.

The desktop vendors will try to lock their users in to their core applications, so that they can keep the traffic, display more ads, and upsell their users on value-added services.  To survive, companies that provide competing or related services to these core applications will need to figure out how to adapt.  Existing markets related to these core applications may shrink or die, but new opportunities will emerge.  It is natural evolution – only the strong and agile companies will survive.  Webmail.us will be one of these companies.

The Title

I titled this paper "Desktop 2015" because I see the transition to the world that I describe being complete by that time.  However, I could have titled this paper "Desktop 2010" because that will probably be the height of this period of change.  That will be when the average computer user will need to consider making the switch to a hosted desktop because the old desktop will be aging.  Microsoft will stop advancing the traditional OS and people will need to switch to a hosted solution in order to have access to modern applications.  The installed personal desktop, born in the 1980s by Macintosh, dominated in the 1990s and 2000s by Microsoft, will be dead in 2015.

Switching Upgrade

In the early AM hours on Saturday morning we will be making a change to our switch configuration at Rackspace.  Currently we have four racks of servers at that data center – 62 machines and counting.  Our uplinks connect into a firewall/load-balancer on rack #1 and another on rack #2, both of which are then connected to our backend private network via interconnected switches on each of the four racks.

Racks #1 and #2 each have a 24-port gigabit switch (Cisco 2970), and racks #3 and #4 each have a 24-port 10/100 switch with 2 gigabit uplink ports (Cisco 2950).  Racks #2, #3 and #4 each connect to rack #1’s 2970 via their gigabit uplinks.

Now here is the problem we are solving this weekend…  Every time we add a new rack of servers we have to pull one server out of either rack #1 or rack #2 and move it to the new rack, so that we can free up a gigabit port on the Cisco 2970 for the new rack’s switch to plug into.  That’s just a pain.  And at the rate we’re growing, rack #1 and rack #2 will eventually become completely empty 🙂

So, we are moving the gigabit switches to a layer above all of the racks, and each rack will now plug into these external switches – creating a pyramid layout that will scale to 48 racks (and beyond with more gigabit switches).  After the maintenance, all of the rack switches will be 10/100 and the gigabit switches will be dedicated strictly to rack aggregation and hosting the firewall/load-balancer ports.

We are planning on just a few minutes of downtime for this upgrade and some latency while we verify connectivity and failover traffic from secondary to the primary firewall.  This will happen between 1:00am and 5:00am Saturday, January 7 as reported on our system status RSS feed.

How we Reject Mail using Blacklists (RBLs)

Today after I posted links to our new Spam Filtering Troubleshooting Tools, I received an email raising concern about our use of the controversial SPEWS blacklist.  Here was my response:

> I agree with you. SPEWS is a very unreliable RBL to use to block mail.
> We don’t use in SPEWS that way. We only use it as part of the
> weighting system. It takes 6 points for an email to be tagged as spam
> (or 8 points if you set your filter level to low). The SPEWS scores are
> very low in comparison to the rest of the RBLs that we use. There are
> two SPEWS lists and we use them as follows…
>
> RCVD_IN_SPEWS1 Received via a relay in l1.spews.dnsbl.sorbs.net 0.701
> RCVD_IN_SPEWS2 Received via a relay in l2.spews.dnsbl.sorbs.net 0.301
>
> SPEWS works very well as part of a weighting system. It is a good
> indicator of exactly what it says it’s purpose is for – “spam early
> warning”.

A great feature of our system is that we never reject SMTP connections based solely on any single RBL.  IPs must be listed in multiple RBLs or have additional spam checks fail in before we will reject the SMTP connection.  And the SPEWS RBL is not part of that equation.