Profile

Cover photo
Anshul Nigham
151,592 views
AboutPostsPhotos

Stream

Anshul Nigham

Shared publicly  - 
 
 
Announcing Sandstorm Personal Cloud Platform

http://sandstorm.io/

This is what I've been working towards ever since leaving Google:  Creating a platform that makes it really easy for end users to run their own personal web app servers, on which they can install apps through an "app-store-like" interface.  Every app runs in an isolated secure sandbox, so you can install apps from anyone without  worrying about malware taking down your whole server.  It's a native-code sandbox, so it's easy to port in existing Linux-based servers.  Apps will be able to talk to each other through Cap'n Proto RPC interfaces.

It's all open source.  Take a look, and start developing apps!
1
Add a comment...

Anshul Nigham

Shared publicly  - 
 
 
This is the big story in tech today: 

http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html 

*

I'm just going to post my thoughts on this. Standard disclaimer: They are my own thoughts, and not those of my employer.

*
Fuck these guys. 

I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces.

I've seen armies of machines DOS-ing Google. I've seen worms DOS'ing Google to find vulnerabilities in other people's software. I've seen criminal gangs figure out malware. I've seen spyware masquerading as toolbars so thick it breaks computers because it interferes with the other spyware.

I've even seen oppressive governments use state sponsored hacking to target dissidents.

But even though we suspected this was happening, it still makes me terribly sad. It makes me sad because I believe in America. 

Not in that flag-waving bullshit we've-got-our-big-trucks-and-bigger-tanks sort of way, but in the way that you can looked a good friend who has a lot of flaws, but every time you meet him, you think, "That guy still has some good ideas going on".

But after spending all that time helping in my tiny way to protect Google -- one of the greatest things to arise from the internet -- seeing this, well, it's just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips. 

The US has to be better than this; but I guess in the interim, that security job is looking a lot more like a Sisyphus thing than ever. 

*

Also of note, this article from September may call some recent technical decisions into relief: 

http://articles.washingtonpost.com/2013-09-06/business/41831756_1_encryption-data-centers-intelligence-agencies

#nsa   #surveillancestate  
1
Add a comment...

Anshul Nigham

Shared publicly  - 
1
Add a comment...

Anshul Nigham

Shared publicly  - 
 
 
Dizzying but invisible depth

You just went to the Google home page.

Simple, isn't it?

What just actually happened?

Well, when you know a bit of about how browsers work, it's not quite that simple. You've just put into play HTTP, HTML, CSS, ECMAscript, and more. Those are actually such incredibly complex technologies that they'll make any engineer dizzy if they think about them too much, and such that no single company can deal with that entire complexity.

Let's simplify.

You just connected your computer to www.google.com.

Simple, isn't it?

What just actually happened?

Well, when you know a bit about how networks work, it's not quite that simple. You've just put into play DNS, TCP, UDP, IP, Wifi, Ethernet, DOCSIS, OC, SONET, and more. Those are actually such incredibly complex technologies that they'll make any engineer dizzy if they think about them too much, and such that no single company can deal with that entire complexity.

Let's simplify.

You just typed www.google.com in the location bar of your browser.

Simple, isn't it?

What just actually happened?

Well, when you know a bit about how operating systems work, it's not quite that simple. You've just put into play a kernel, a USB host stack, an input dispatcher, an event handler, a font hinter, a sub-pixel rasterizer, a windowing system, a graphics driver, and more, all of those written in high-level languages that get processed by compilers, linkers, optimizers, interpreters, and more. Those are actually such incredibly complex technologies that they'll make any engineer dizzy if they think about them too much, and such that no single company can deal with that entire complexity.

Let's simplify.

You just pressed a key on your keyboard.

Simple, isn't it?

What just actually happened?

Well, when you know about bit about how input peripherals work, it's not quite that simple. You've just put into play a power regulator, a debouncer, an input multiplexer, a USB device stack, a USB hub stack, all of that implemented in a single chip. That chip is built around thinly sliced wafers of highly purified single-crystal silicon ingot, doped with minute quantities of other atoms that are blasted into the crystal structure, interconnected with multiple layers of aluminum or copper, that are deposited according to patterns of high-energy ultraviolet light that are focused to a precision of a fraction of a micron, connected to the outside world via thin gold wires, all inside a packaging made of a dimensionally and thermally stable resin. The doping patterns and the interconnects implement transistors, which are grouped together to create logic gates. In some parts of the chip, logic gates are combined to create arithmetic and bitwise functions, which are combined to create an ALU. In another part of the chip, logic gates are combined into bistable loops, which are lined up into rows, which are combined with selectors to create a register bank. In another part of the chip, logic gates are combined into bus controllers and instruction decoders and microcode to create an execution scheduler. In another part of the chip, they're combined into address and data multiplexers and timing circuitry to create a memory controller. There's even more. Those are actually such incredibly complex technologies that they'll make any engineer dizzy if they think about them too much, and such that no single company can deal with that entire complexity.

Can we simplify further?

In fact, very scarily, no, we can't. We can barely comprehend the complexity of a single chip in a computer keyboard, and yet there's no simpler level. The next step takes us to the software that is used to design the chip's logic, and that software itself has a level of complexity that requires to go back to the top of the loop.

Today's computers are so complex that they can only be designed and manufactured with slightly less complex computers. In turn the computers used for the design and manufacture are so complex that they themselves can only be designed and manufactured with slightly less complex computers. You'd have to go through many such loops to get back to a level that could possibly be re-built from scratch.

Once you start to understand how our modern devices work and how they're created, it's impossible to not be dizzy about the depth of everything that's involved, and to not be in awe about the fact that they work at all, when Murphy's law says that they simply shouldn't possibly work.

For non-technologists, this is all a black box. That is a great success of technology: all those layers of complexity are entirely hidden and people can use them without even knowing that they exist at all. That is the reason why many people can find computers so frustrating to use: there are so many things that can possibly go wrong that some of them inevitably will, but the complexity goes so deep that it's impossible for most users to be able to do anything about any error.

That is also why it's so hard for technologists and non-technologists to communicate together: technologists know too much about too many layers and non-technologists know too little about too few layers to be able to establish effective direct communication. The gap is so large that it's not even possible any more to have a single person be an intermediate between those two groups, and that's why e.g. we end up with those convoluted technical support call centers and their multiple tiers. Without such deep support structures, you end up with the frustrating situation that we see when end users have access to a bug database that is directly used by engineers: neither the end users nor the engineers get the information that they need to accomplish their goals.

That is why the mainstream press and the general population has talked so much about Steve Jobs' death and comparatively so little about Dennis Ritchie's: Steve's influence was at a layer that most people could see, while Dennis' was much deeper. On the one hand, I can imagine where the computing world would be without the work that Jobs did and the people he inspired: probably a bit less shiny, a bit more beige, a bit more square. Deep inside, though, our devices would still work the same way and do the same things. On the other hand, I literally can't imagine where the computing world would be without the work that Ritchie did and the people he inspired. By the mid 80s, Ritchie's influence had taken over, and even back then very little remained of the pre-Ritchie world.

Finally, last but not least, that is why our patent system is broken: technology has done such an amazing job at hiding its complexity that the people regulating and running the patent system are barely even aware of the complexity of what they're regulating and running. That's the ultimate bikeshedding: just like the proverbial discussions in the town hall about a nuclear power plant end up being about the paint color for the plant's bike shed, the patent discussions about modern computing systems end up being about screen sizes and icon ordering, because in both cases those are the only aspect that the people involved in the discussion are capable of discussing, even though they are irrelevant to the actual function of the overall system being discussed.

CC:BY 3.0
1
Add a comment...

Anshul Nigham

Shared publicly  - 
 
 
Booting stock LinuxMint (including kernel) on the Chromebook Pixel.
1
Add a comment...

Anshul Nigham

Shared publicly  - 
 
 
The packet capture shown in these new NSA slides shows internal database replication traffic for the anti-hacking system I worked on for over two years. Specifically, it shows a database recording a user login as part of this system:

http://googleblog.blogspot.ch/2013/02/an-update-on-our-war-against-account.html

Recently +Brandon Downey, a colleague of mine on the Google security team, said (after the usual disclaimers about being personal opinions and not speaking for the firm which I repeat here) - "fuck these guys":

https://plus.google.com/108799184931623330498/posts/SfYy8xbDWGG

I now join him in issuing a giant Fuck You to the people who made these slides. I am not American, I am a Brit, but it's no different - GCHQ turns out to be even worse than the NSA.

We designed this system to keep criminals out. There's no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.

Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement,  we therefore do what internet engineers have always done - build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.

Thank you Edward Snowden. For me personally, this is the most interesting revelation all summer.
1
Add a comment...

Anshul Nigham

Shared publicly  - 
 
 
So, you all (hopefully) saw my photos yesterday; if you didn't, you may have seen the media coverage about my employer, Google Australia, installing 2 monorail carriages in our new office space yesterday (e.g. http://www.smh.com.au/nsw/google-installs-monorail-carriages-in-its-office-20131009-2v7fl.html)

Now! For those of you who don't know, confession (and story!) time: this was my fault.

At Google, we have (like most large companies do) an internal ticketing system for keeping track of jobs for our building management team ('Facilities', or 'REWS'). This system is usually populated with requests like, you know, 'the door on level X isn't working properly' or 'the pinball machine isn't working' or 'you know what would be awesome? An electric keyboard. We don't have one, can you buy us one please?' or whatever (all real, recent examples, which all got 'fixed').

Sometimes, though, this ticket system is abused by idiots* trying to be funny.

One such example of this was at the start of this year, when one particular idiot† submitted a ticket into this system pointing out that the NSW and Sydney governments had finally announced their long-anticipated plan to remove and scrap Sydney's defunct, expensive-but-useless monorail (http://en.wikipedia.org/wiki/Sydney_Monorail — a classic 'white elephant'). At the time, Google Australia had spread from one office building in Pyrmont to two, and there were rumours of a third coming soon, so this idiot suggested that maybe Google should buy the monorail and install it between the three buildings in a loop, because we're lazy and besides how cool would it be to have a monorail.

Everyone had a chuckle at this lame joke, and then that was it, until a particularly awesome member of our Facilities team, Alecia, replied to the ticket, giving an hilarious and clever feasibility study as to why purchasing the monorail would be a bad plan (and yes, it did include the phrase "more of a Shelbyville idea"). This reply (which I wish I could share with you, but if nothing else it's filled with Google in-jokes and wouldn't make sense to you all) elevated my stupid facilities ticket into legendary status, where it did the rounds of Google and after about a week I think the whole company had seen it.

Joke dies down, everyone's happy. Until about 3 months ago.

About 3 months ago, Alecia sent me an IM saying "Are you free for a meeting now? And by meeting, I mean 'road trip'." Naturally, I was. I arrived at Alecia's desk (Alecia: "I love that I say 'road trip' and you just turn up without asking what it is."), and we head off. Eventually I ask what we're actually doing, and another colleague who was in on the plan tells me: "Monorail shopping!"

Sure enough, Alecia takes us out to a junkyard near the airport, and we all help choose which two monorail carriages we want to purchase and install as meeting rooms in One Darling Island, our new workspace in Sydney (the aforementioned rumoured third building).

Eventually, this brings us to what happened yesterday. After an months of Herculean logistics (and, I'm quite sure, horrifying expense; the SMH article linked above estimates the costs of the installation at $250,000, though I have no idea if that's accurate), yesterday our 2 monorail carriages were brought to the office, and very carefully (I heard tell that the '20cm of clearance' figure in the SMH article was actually an OVER-estimate) lifted into place, where they will become 3 meeting rooms (each carriage will be its own room, and then there will be another casual meeting area at the back)‡. HOW COOL IS THAT??!?

Anyway, check out the linked article - the timelapse footage isn't brilliant, but it will give you an idea of the logistics involved (we actually took some footage of our own, hopefully I can share that with you soon).

So: next time I tell you (as I regularly do) that working at Google is like working at Wonka's Chocolate Factory: remember, I once made a stupid joke about buying a monorail, and MY COMPANY DID IT FOR ME. I bet not many of you can say that§.


* generally, me.
† specifically, me.
‡ you, all being nerds, will be delighted to know that the meeting rooms are to be named "Brockway", "Ogdenville", and "North Haverbrook".
§ my guess: zero.
1
Geeta Khandelwal's profile photoDeepa Aravindan's profile photo
2 comments
 
That is freaking awesome!
Add a comment...

Anshul Nigham

Shared publicly  - 
 
This is awesome! 1 TB of free space, and the new layout on Flickr is gorgeous. Here's what my current public photostream looks like: http://www.flickr.com/photos/anshul

http://blog.flickr.net/en/2013/05/20/a-better-brighter-flickr/
4
Thaths's profile photoFang Hui's profile photoSatarupa Bose's profile photoDeepa Aravindan's profile photo
5 comments
 
+Thaths T. In a way she got the Google to Yahoo... this move reminds me of the 1GB GMail space when it first launched.
Add a comment...

Anshul Nigham

Shared publicly  - 
1
Add a comment...
Work
Occupation
Software Engineer at Google
Links
Basic Information
Gender
Male