Archived posting to the Leica Users Group, 2000/09/30

[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]

Subject: Re: [Leica] Leica web site trouble
From: Brian Reid <reid@mejac.palo-alto.ca.us>
Date: Sat, 30 Sep 2000 21:01:21 -0700

Dear LUG people,

I've been out of town without easy access to a decent keyboard, so I
haven't answered Duane's question. I've read all of the answers that
others have posted. As users of the web and the internet we ought to
understand this. [The issue here is that Duane Birkey, in Ecuador, had
trouble seeing the Leica web site in Germany, but others did not have
such trouble.]

As an engineer I have a design principle, for myself and that I try to
teach others, which I call the "Three Mile Island principle." It is
named after the near-catastrophe at the so-named nuclear reactor in
Pennsylvania in March 1979. To me this principle is that, in designing
something, you should never try to conceal complexity. If you cannot
make an mechanism simple, then you must own up to the complexity and
make it visible to the customer. A simplified explanation of what went
wrong at Three Mile Island was that the operators' console gave them an
overly simplistic view of the insides of the reactor, causing them to
have a mental model of the reactor mechanism that was not adequate
enough to comprehend, or deal with, the problem at hand. There was a
lot of complexity in the reactor control system, and the operators'
console should have mirrored it.

People who use any technological system form mental models of what
that system does. The internet is no exception. After a few years of
using the internet, most people have a pretty good sense of what's
what, and how things are supposed to behave. The internet is, for the
most part, deliciously simple, and most of the models that users form
are quite accurate.

In web browsers, there is always, somewhere, a control panel that lets
you specify a 'proxy server'. Usually you can specify different proxies
for different protocols, though most people never learn how the
protocols differ and just use the same proxy for everything.

If you specify a proxy, then when your browser wants to access a
certain page at a certain site, it doesn't ask the site for it, it asks
the proxy for it. If the proxy has a copy, it just hands it over; if it
doesn't have a copy, then it asks on behalf of the browser, saves a
copy, and then hands it over. Proxies typically have large short-term
storage areas but do not do long-term storage.

The most refined proxy technology comes from Australia, New Zealand,
and Sweden, which are all high-tech places that are far away from North
America. There aren't very many wires to Australia, and it is to
everyone's benefit to have only one copy of a web page travel to
Australia, and then have multiple copies handed out within the country.
Ditto for New Zealand. Or Ecuador.

It is very hard to convince the entire population of a country to
configure their web browsers to use a certain proxy. And many of them
would get it wrong. There needed to be some way to force people in
places like Australia and New Zealand and Ecuador to use proxies
whether they wanted to or not.

So the 'transparent proxy' or 'web interceptor' was invented. This is a
device that more or less pretends to be a piece of wire, except that if
web requests come through, it won't pass them on, but will intercept
them and force them to use a proxy. These things are very popular with
ISPs, because it allows you to serve more customers with fewer data
circuits. And they are almost universal in long-distance connections to
places that are not heavily wired. Ecuador is such a place.

There's a good article about transparent proxies in ZDNet news from
April, 1998:
http://www.zdnet.com/eweek/stories/general/0,11011,310741,00.html

The problem with transparent proxies is that they aren't always
transparent. If the proxy decides that it has a current copy of a web
page, but it doesn't, then a person will see the old one instead of the
new one. Proxies also keep copies of name information, as well
as of web pages, to avoid having to repeat the name lookup over and
over again.

I am quite certain that what happened to Duane Birkey is that there is
a Web Gateway Interceptor in the data path between Ecuador and Germany,
and that this device kept copies both of the Leica web page and of the
name-server information for www.leica-camera.com.  Leica's ISP likely
moved the Leica site to a different server computer (making the
corresponding change to the name service) but Ecuador's link was
keeping copies of the outdated name information longer than the cached
pages themselves, thereby creating a protocol error when the cache went
to update itself. These problems will fix themselves as soon as the
cached-too-long information expires and is refreshed from the live
copy, and there is precious little that anybody can do about it in the
interim.

Transparent proxies violate the Three Mile Island principle because
they are vastly more complex than they admit to being, and create
failure situations (such as this one that bit Duane) that are
incomprehensible with respect to the standard mental model that
internet users form.

For many years I maintained a reverse proxy server here at
mejac.palo-alto.ca.us, which people could use to bypass web
interceptors if they knew how, and I could have offered it to Duane.
But I had to turn it off because some people in Slovenia figured out
how to use reverse proxy servers to bypass audit controls in some
e-Commerce systems, and the US Secret Service asked very politely if I
would please turn it off, so I did.

Brian Reid