Web 3.0 Thoughts
New York Botanical Garden: sculpture by Yayoi Kusama for her installation "Cosmic Nature"

Web 3.0 Thoughts

Someone mentioned recently that they have been reading about “web 3.0” and were not entirely sure just what that was supposed to mean. So I spent a few minutes to collect my own thoughts on the subject and to put it into context.

web 1.0 - websites of the 1990s and 2000s had little client-side processing or user-generated content. A veritable “one-way street” of data being downloaded and presented to the early adopter denizens of the Internet. I call these “brochure” websites and was building them back when I worked at Organic Online during the dotcom rise and fall. It was heady days… the “roaring 20s” of my generation with IPO stock options being calculated and big names were setting up shop on the Internet for the very first time like Volvo, Levis and Starbucks.

web 2.0 - then into the 2000s and 2010s traffic becomes much more of a two-way street, with users contributing content and client-side processing power being harnessed to render experiences and new application features/functionality. The first "digital natives" of the Internet were born at this time, knowing only touch-screens (the iPad was introduced in 2010) and personal devices are infinitely more powerful than the computers that landed us on the moon. The rest of us are “digital immigrants” because we had experience of "the before times" with trips to the library to research topics of interest, reading newspapers, buying CDROMs, cassette tapes, vinyl LPs and (for some of us) 8-tracks for our musical consumption.

web 3.0 - emerging in the 2020s is an age of https-only/https-everywhere, API traffic eclipsing traditional traffic flows (API calls represent 83 percent of web traffic, according to an Akamai report), hundreds of web browser cookies tracking us *per site*, hyper-connectivity (5G, gigabit ethernet to the home) and, for better or for worse, an Internet of Things that might eventually lead to machine-to-machine transactions where humans become less relevant or significant, intelligent voice assistants evolving into personal AIs that broker and arrange our calendars and meetings, events and entertainment plans.

That same person also invoked the word “decentralized” to describe web 3.0 which struck me as odd and incorrect. The Internet has always been, due to the nature of it being a packet-switched network, decentralized. It was designed and built to survive the nuclear annihilation of Washington DC: a historical location for the US government’s hierarchical command center.

In web 1.0 the Internet brought a wave of democratization where (just about) anyone could have a presence, create a website and participate in access to a growing wealth of content, data and information. In web 2.0 the content became more dynamic (the only "upstream data" in web 1.0 was what you typed into a search box on early search engines) with the birth of things like Napster, YouTube, Reddit and other communities with forums and "discussion as content." This was a wave of democratization of voice... of authorship. The power to publish just like Gutenberg's printing press gave voice to new publishers of texts that were not the king or god/church/state.

But this web 2.0 expansion and growth gave rise to some mega entities like Facebook, Twitter, Apple, Google and AWS. I suspect that web 3.0 is the "extreme position" of the “Internet as pendulum.” Where the pendulum swings one direction but then stops, pauses and begins to swing back in the opposite direction. Web 3.0 feels like it might be an inflection point of intentions. Where the denizens of the Internet "take back" control of their data and identity from the sprawling control of the mega entities. It might well also be an intentional rejection of the "tyranny of the majority" (or the tyranny of homogenization thru machine learning algos for recommendation engines "people like you also bought ... ") and a desire to strike at the heart of centralized authority and attention span control that these meta entities have attained.

So web 3.0 as a broad concept generally includes references to crypto, blockchain and decentralized finance (DeFi). It has already managed to "win" the battle of language and names for things. We already speak of "stable coin" when talking about legacy currency (or fiat currency). Smart contracts and NFTs are but fledgling first forays into how we might be able to better honor the creators of content, rather than merely enrichen the aggregators and arbiters of taste and attention.

With smart contracts and blockchain or “hyper ledger” technology, residual income from a Bruce Springsteen concert ticket that is resold a few times and increases in price leading up to the night of the performance might make its way back to him. Why should StubHub or some other ticketmaster get to keep the profits on that increase in final sale price? Can we construct a system that makes the distribution of artistic creation (largely) unmediated? Take out the middlemen (and middlewomen) who extract value from the ecosystem of music writer, creator and performer. Record labels are really not needed anymore to anoint rising stars. DTC (Direct to Consumer) is not just a power play for Disney to stream it's content without giving a tithe to third parties like Hulu and Netflix. It's also about artists and authors of content democratizing the production and consumption chain and requisite channels of distribution. How can Daniel Ek, founder of Spotify, be worth $4 billion if he did not extract value from the music ecosystem? What did Spotify actually contribute to the world of music? Some would argue it accelerated a downward spiral of mechanical recording rights from dollars per song to millicents per play/listen.

As for musing about cybersecurity in the era of web 3.0 waves of economic disruption and resulting tidal currents and information flows, we will soon need to deal with the spectre of quantum computing. I was invited to join the World Economic Forum's working group on quantum security. The current thinking is that we are around 10 years away from the creation of a CRCQ (Cryptographically Relevant Quantum Computer). We're currently operating in a cooperative phase at the moment as IBM, Google and Microsoft (and others) are collaborating with one another and building 40 qubit and 100 qubit quantum computers. These are not CRCQs though until they reach 1,000 or 1mm qubits and can then challenge classical computing for their ability to do work and solve complex math problems (and break our current tools for cryptography and thus secrets and ability to enact digital privacy). Quantum computers can, it should be noted, also model complex systems down to the level of molecules and can also generate truly random numbers. But the crypto threat is on a lot of people’s minds because it will be a great disruptor. And whoever manages to build one first will have a tremendous tactical and strategic advantage over the rest of the digital universe.

The mission of information security is threefold: availability, integrity and confidentiality (of data and information). Post-quantum or quantum-resilient cryptography is being birthed in the next 2-3 years (NIST is working on vetting “Round 3” candidates for new algos, which will beget new protocols and allow for new standards to emerge for e-commerce, secure communications, and for global finance to survive the arrival of quantum computing). Even the integrity of data classified as "public" will be in jeopardy let alone confidential or restricted data. Think of the wikipedia edit wars on the Donald Trump page, or of the Covid19 pandemic response. But with regard to confidentiality, some kinds of secrets (or data) need to remain secret for a long time. Other secrets can change and expire quickly. If you rotate your password every 90 days it does not matter if someone can tap that datastream of you checking your back account balance and decrypt and expose your password by observing the traffic and using a CRQC to "crack" it since it will have rotated by the time they get it. Even if the basis for our current https secrecy of using RSA 2048-bit encryption can be attacked by a CRCQ within 4 hours we can likely just use password managers that auto-rotate our passwords for us every 3 hours and keep ahead of the game. For a while at least. Other data though is going to need or want to be protected for years like the details of your DNA genome.?

Lastly I invoke the pendulum metaphor again and posit that many people won't actually care about whether their data (the quantified-self, the infinite time series data of our heart beats recorded by an Apple watch or fitbit) is shared and made public. Millennials are oversharing their digital life already. And let's not forget that privacy did not always exist in the form that we know it today. In medieval times everyone in the village knew everything that was happening with all of their neighbors. There was no such thing as what we call privacy in today’s terms. Everyone was in each other's business. It was not until the advent of cities and industrial-grade domestication and production of crops and animal husbandry that we gathered in such large tribes that we lost the ability to know everyone by name in our immediate vicinity, town or village. Privacy emerged due to population growth and modernization of our societies and economies. Perhaps privacy will fade away again as the surveillance state takes hold and the "sheeple" do not protest or particularly mind. Perhaps web 3.0 will mean a transformation of the concept and practice of privacy itself.

Linking another person's musings on web3 here as well. Their observation that there is precious little cryptography going on in web3 is telling. And also that there are centralization forces playing out which enthusiasts are unaware of or don't care to notice. https://moxie.org/2022/01/07/web3-first-impressions.html

Bojan Simic

Co-Founder and CEO at HYPR - Creating Trust in the Identity Lifecycle

3 年

Security in Web 3.0 will be critical. The good thing is that most modern computing devices support hardware backed keystores that can be used to securely manage keys and do cryptographic signatures without the threat of trivial malware. It's exciting to watch for sure but like anything that's new, mistakes will be made and lots of people will learn security best practices the hard way.

Zack Conord

GHAS Business Lead

3 年

Mike, I found this write up to be super informative…. Thanks for sharing!

Matthew Howard

2x Founder. Investor. Software growth guy. SVP & CMO at Virtru.

3 年

Nicely done, Mike. Thanks for sharing. In regard to “data privacy”, I believe the pendulum is ready to swing NOW, in advance of web3 and quantum. Selectively revealing yourself and your sensitive data. If people and companies could easily do it, they would, but they can’t, so they don’t. ?They don’t know how. It’s too hard. Not convenient. Etc. My new teammates at virtru are on fascinating mission to make #tdf (trusted data format) into the “easy privacy button” for sensitive data. It’s going to be a fun journey and I am excited to share more with you and get your take.

Rick Krueger

Very excited now to be shifting gears to enjoy other pursuits. ;-)

3 年

Great article, Mike, for us Web 3.0 newbies. Off to ensure my pw manager is rotating pw’s as expected. :-/

要查看或添加评论,请登录

Mike Wilkes的更多文章

  • Half Tacit

    Half Tacit

    Musings on thought, authorship and extending the concept of silence in music. by Mike Wilkes, December 15th, 2024, New…

    1 条评论
  • To vCISO or not to vCISO?

    To vCISO or not to vCISO?

    Note: I first wrote this piece in October of 2022 for a blog that has since misplaced the article, so republishing it…

    8 条评论
  • Internal Audit Imperatives

    Internal Audit Imperatives

    Thoughts inspired by (and taken directly from) Richard Chambers’ excellent keynote at the 2024 AuditBoard Connected…

    1 条评论
  • Nobody owns this...

    Nobody owns this...

    So I was about to go to bed when I saw this interesting post from my friend. He had asked ChatGPT to write lyrics to a…

    1 条评论
  • The SPoF that is DNS

    The SPoF that is DNS

    It is fairly unlikely that you will not have already heard of the term SPoF. It stands for “Single Point of Failure”…

  • My Recent AI Translation Experiments

    My Recent AI Translation Experiments

    While I would presume that we're all aware of the adversarial uses of deep fake technology and AI to convince people to…

    7 条评论
  • A Waterfall of GPT-3 Art and Prose

    A Waterfall of GPT-3 Art and Prose

    If you’ve not been thinking about or reading about GPT-3 (Generative Pre-trained Transformer 3) then you’re definitely…

  • Ethical Principles for Infosec

    Ethical Principles for Infosec

    What are some of the ethical principles that can be incorporated into a board’s infosec committee? This question came…

    4 条评论
  • NJMH 2021 Annual Gala on June 8th

    NJMH 2021 Annual Gala on June 8th

    Dear Friend, On behalf of the National Jazz Museum in Harlem I am extremely excited to present our 2021 Gala Event, the…

  • Support Music and Jazz 2020

    Support Music and Jazz 2020

    If music be the food of love, play on… -- William Shakespeare Unfortunately 2020 has brought many challenges to the…

社区洞察

其他会员也浏览了