What do we need? We need a really good webserver you can put in your pocket and plug in any place. In other words, it shouldn’t be any larger than the charger for your cell phone and you should be able to plug it in to any power jack in the world and any wire near it or sync it up to any wifi router that happens to be in its neighborhood. It should have a couple of USB ports that attach it to things. It should know how to bring itself up. It should know how to start its web server, how to collect all your stuff out of the social networking places where you’ve got it. It should know how to send an encrypted backup of everything to your friends’ servers. It should know how to microblog. It should know how to make some noise that’s like tweet but not going to infringe anybody’s trademark. In other words, it should know how to be you …oh excuse me I need to use a dangerous word – avatar – in a free net that works for you and keeps the logs. You can always tell what’s happening in your server and if anybody wants to know what’s happening in your server they can get a search warrant.

And if you feel like moving your server to Oceana or Sealand or New Zealand or the North Pole, well buy a plane ticket and put it in your pocket. Take it there. Leave it behind. Now there’s a little more we need to do. It’s all trivial. We need some dynamic DNS and all stuff we’ve already invented. It’s all there, nobody needs anything special. Do we have the server you can put in your pocket? Indeed, we do. Off the shelf hardware now. Beautiful little wall warts made with ARM chips. Exactly what I specked for you. Plug them in, wire them up. How’s the software stack in there? Gee, I don’t know it’s any software stack you want to put in there.

In fact, they’ll send it to you with somebody’s top of the charts current distro in it, you just have to name which one you want. Which one do you want? Well you ought to want the Debian Gnu Linux social networking stack delivered to you free, free as in freedom I mean. Which does all the things I name – brings itself up, runs it’s little Apache or lighttpd or it’s tiny httpd, does all the things we need it to do – syncs up, gets your social network data from the places, slurps it down, does your backup searches, finds your friends, registers your dynamic DNS. All is trivial. All this is stuff we’ve got. We need to put this together. I’m not talking about a thing that’s hard for us. We need to make a free software distribution device. How many of those do we do?

We need to give a bunch to all our friends and we need to say, here fool around with this and make it better. We need to do the one thing we are really really really good at because all the rest of it is done, in the bag, cheap ready. Those wall wart servers are $99 now going to $79 when they’re five million of them they’ll be $29.99.

Then we go to people and we say $29.99 once for a lifetime, great social networking, updates automatically, software so strong you couldn’t knock it over it you kicked it, used in hundreds of millions of servers all over the planet doing a wonderful job. You know what? You get “no spying” for free. They want to know what’s going on in there? Let them get a search warrant for your home, your castle, the place where the 4th Amendment still sort of exists every other Tuesday or Thursday when the Supreme Court isn’t in session. We can do that. We can do that. That requires us to do only the stuff we’re really really good at. The rest of it we get for free. Mr. Zuckerberg? Not so much.

More a Marvell plug than a Smart Card Web Server, but still, the reasons leading to it are interesting. This speech is really, really worth reading entirely.

• Consumerism has hit in full force. Advertising is everywhere, including subway handles. Brands are also very present; I can see very large Cartier and Dolce&Gabbana storefronts from my room.
• Police is not very visible. We see a few police cars around, a few officers here and there, but not more than in the U.S. .
• Internet is (almost) present. Of all the sites I use daily, Twitter and Wired are the only ones absent. Internet is a bit slow (filtering?), but nothing unacceptable.

Basically, from a naive European view, Beijing is just another modern Asian city, with no Twitter support (for those who haven’t been there in a few years, there are high-rise buildings everywhere, and more cards than bikes, even on Tiananmen Square).

However, we also have interesting information about China, from this Google attacks. The attacks may have been directly state-sponsored, or sponsored by an enthusiastic defender of Chinese interests, I am not sure that we will ever know. In fact, I am almost sure that I don’t care.

The real thing that we should all realize is that nothing we do on Internet can be kept private from our states. We may want to hail the Chinese hackers for their great expertise, but I am sure that there are quite a few states that would be able to perform the same hacks. And if we get similar attacks coming from the U.S. or from one of their allies, would Google take the same position to protect a few people, especially if they are labeled as “potential terrorists”? I don’t know, but I would not bet on it.

This situation gets me a bit worried about cloud computing. If we start putting more and more information in the cloud, it means that we make this information available to people who have enough money to pay for a zero-day vulnerability and a few hackers.

Now, here is a question for the security people: If we use smart cards (with or without Web servers), trusted execution environments, and other client-side “strong” security solutions, how much more difficult canwe make it for these hackers?

I have no answer to that question. One thing I know is that we can’t do anything against server-side bugs that make data accessible. That leaves us with many other means of protection, but how efficient are they?

The idea of the site is that you will use it as a way to directly access all your sites and/or identities on the Web. What they claim in their blog is that DandyID solves the problem of online identity dispersion. It sounds great at first, but it also reminds me that identity dispersion may be a feature, not a problem. Since I believe in self-experimentation, I have opened an account there, and you can check my public profile. Don’t expect to find any interesting information; I made sure that there was not much to learn there that you couldn’t easily find anywhere.

DandyID knows about more than 300 sites, as diverse as Google’s Picasaweb and YouTube, some more professional-oriented stuff like LinkedIn, and many, many Web 2.0 sites of all kinds. And for me, this diversity is the main problem.

I have several lives on the Web, and I try to keep them separated. If you search my name, you will easily find me on several sites, including this blog, and a few others. You will also find a few homonyms. Finding my personal stuff, like family pictures and videos is slightly more difficult, although I make no effort to hide them. You can even find a few public political ramblings, but there are other parts of my life that I keep clearly separated from work.

I have some issues with DandyID’s view that the Web is open, and that you should make it easy for people to know everything about you. On one side, it may have the benefit of making some people realize that you can’t hide on the Web, but on the other side, making everything readily accessible is quite different.

A few months ago, I was going through old student-time pictures. I scanned a few, and made them available on the Web for my friends, because they were good memories that were not incriminating for anybody on them. Many more pictures were just scanned and stored on my PC, because I did not find suited for Web publication. And a few of them were not even scanned, because I really, really don’t want them on the Web at any time. Of course, I am lucky enough to be over 40, which means that my student pictures are on film and paper, but many people aren’t that lucky, and I believe that it is important to be somehow able to sort between your different lives on the Web.

So, DandyID is an interesting idea, because it is true that an online identity is hard to build. On the other hand, the concept would be many times more interesting if it allowed us to define several identities for our different online lives.

Of course, DandyID are not alone on this space, and there is a wide variety of services. You can find out about a few of them in this study.