Bio Feross Aboukhadijeh is a programmer, designer, teacher, and mad scientist. He is currently building WebTorrent, a streaming BitTorrent client for the browser, powered by WebRTC. Before that, he built PeerCDN, a peer-to-peer content delivery network that dramatically reduces bandwidth costs. Feross is a graduate of Stanford University and has worked at Quora, Facebook, and Intel.
CRAFT is about software craftsmanship, which tools, methods, practices should be part of the toolbox of a modern developer and company, and it is a compass on new technologies, trends.
Sure, so WebRTC is a web standard that lets you do peer to peer in the browser, what that means is that you can have one browser open up a connection directly to another browser and you can have two visitors on your website talking to each other, either like a video or audio chat, think like a Skype kind of thing or even arbitrary data so you can come up with your own protocol and you can use it for really anything you can imagine, it’s the kind of thing that is low level enough that you can build any kind of application on top of it, and what's exciting about it I think that it’s the very first time that peer to peer has been possible in the browser and it means that it's making the web more powerful because it’s a primitive, it’s like the web keeps getting better and becoming more like an operating system and instead of features and this is really one of the few remaining things that the web couldn’t do that a generic operating system could do, you know what I mean?
That's a good question, so it’s up to your application how that happens and so the spec doesn’t specify how that happens and that is a good thing because every application is different. So I give you an example, if you are building a chat application like Gmail or Facebook Chat where you want to chat from one user to another, the way you might implement the way peers find each other is every peer reports to the server that they are online and that they are, this is their name, the username whatever, and then the server makes that information available to all the people who should know, so that would probably be your friends, your email contacts or maybe for some use cases just anyone who wants to know.
And then, now that the information is available so then the user has the chance to say: “I want to talk to so and so”, they select that person in the UI and then the application would send a message to the server and say: “I want to talk to this person now” and then there is a little bit of an exchange that needs to happen and that is the WebRTC part, so the one peer needs to send some information to the other peer about what the IP address is and things like that, and then the other peer sends a response back, and then the peers are able to connect directly to each other. So the central server is needed for two things, one is how the peers find each other and it helps with that and then it also facilitates that exchange of information that they can eventually connect directly to each other.
Yes, so there is a collection of hacks that people come for over time called STUN, stands for like Standard Traversal Utilities for NAT or something, I don’t remember exactly what it is, but what’s cool about WebRTC is it has built in support for STUN so you can specify a STUN server when you setup your peer connection object and then it will take care of automatically trying to traverse the NAT, so it will talk with the STUN server which will punch a hole in your NAT and the other person does the same thing, and then most of the time they’ll be able to talk to each other. There are some cases when NAT doesn’t work like if both users are behind extremely restrictive NATS like symmetric NATS, then you may have two peers that are completely unable to talk to each other, and so depending on your application that maybe is a big deal or not for a lot of things it is probably big deal because, I mean the two can’t just even chat for like a BitTorrent or something like that kind of application maybe it doesn’t matter, but the work around for that is you can specify a relay server which is called the Turn server and that will step in, in case that two peers can’t connect all the data will be relayed through that server and that’s no longer peer to peer obviously but at least the users will be able to talk to each other, you don’t want to your users to think that your application is completely broken.
Werner: That fixes a lot of those problems and it feels like peer to peer although in the worst case it'll have to go via some server.
And then sometimes even the Turn server doesn’t work, people have been finding out in practice, people who’ve been running, the reason why that sometimes doesn’t even work is, so I think it’s around five percent of connections, don’t even work even with the Turn server and that’s because the firewalls they are behind are so restrictive that they don’t even allow UDP packets to go through and the Turn server uses UDP which is unfortunate. So in that case you have to fall back to something even more reliable which is like maybe just XHR requests or WebSockets or something like that. Unfortunate, but it’s a new technology so I think it will take a little while until it’s smooth around the edges. I agree, very messy.
5. People might have heard about WebRTC as a way to write browser-based chat applications or Skype or something like that, but you found some other uses, interesting uses, for the peer to peer capability, so can you tell us about that?
Sure yes, so I have been playing around with really crazy ways of using WebRTC that maybe the creators of it didn’t anticipate the standard people didn’t anticipate. I've done a few things, so one of them is called Peer CDN, basically the idea is to use visitors who are on our website at the same time to host that site as a CDN, as a Contend Delivery Network, so the idea is if I come to a site and I want to access some resource on the site so like a picture or a video, audio file, any kind of static asset before I actually request the file from a normal CDN like Akamai or something or from the site's server, first I will ask Peer CDN “Are there any other peers who have this resource in their browser cache and who are still on the same site at the same time?”, and if it tells me “Yes these ten people are on the same page as you”, they already have resources that you need to load the page, then it will actually tell you that information you need to know to connect to them and this happens transparently, so your browser will connect to them and fetch the resources.
It also verifies that the resources haven’t been tampered with, so there is a central Peer CDN server that’s trusted that sends you the hashes of the content, so the hashes are extremely short, they are like a fingerprint and then when you get the full file from the peer you can verify that they didn’t mess with it, they didn’t replace the picture that you wanted with another picture, and so the site owner can have [certainty of ] integrity and it lowers the bandwith cost for the site owner significantly because they no longer haveto pay for any resource that you fetch from a peer is considered free for them, that is a site that their server did not have to serve. So yes, it’s kind of crazy idea and we did a company, we did a startup for it, we work on it for about eight months and then we were approached by Yahoo and they wanted to acquire company so we sold the company to them and , so now me and the other two cofounders, we are working at Yahoo.
Yes, it’s a good question, the original story is kind of silly I think, so I like to build, like I was saying before, I like to build things that make people surprised, they say: “I didn't realize that you can do that, that’s crazy”, you know, and so I was thinking about, I was trying to find ways to make people’s browsers do things that they didn’t expect and one of the things that I thought would be good to try was, when a user is on your site ,to use their CPU resources for computation. I mean I’m not the first person to think of doing this, so there is a lot of people who’ve tried it, but I thought of the idea and thought I'll try and see if it's feasible and I built a quick prototype to try to crack passwords using visitors on my site. So a visitor would come to the site and then I just had a fake password that I already knew what it was and I just had their computer try hashing every possible password and the server distribute the load among the visitors and I just saw how fast it was, it was way too slow, it was completely infeasible because it was about fifty times slower than an equivalent C program and then the thing with password cracking is that you can even do it on GPU’s which is way faster than even a C program would be.
WebTorrent is another project I started but this is an OpenSource one. Peer CDN was a company, WebTorrent is just an OpenSource project and the idea is I want to make BitTorrent work on the web, so users can visit a site and they can, if they have a URL to a BitTorrent file, they can just paste it in and then they’ll just start watching the video or looking at the images or the PDF or whatever the content is in their browser without ever having to install anything. And the idea is that I think if we can make the user experience of BitTorrent better, then a lot more people will use it and the network would be stronger and more resilient and we would just be able to get a lot more people using it who’ve never used it before, like my mom for example is not going to use BitTorrent, but maybe if it was as easy to use as Youtube then she would, and I think that would be good for the world.
That is a feature that a few clients have tried but it really none of the mainstream clients have really gotten it right or done it well I think, so if we can get that really right that will be good, so that currently is basically working as a command line app, you can download stuff on the command line and I made a whole bunch of modules, probably at least ten different modules that do ten different pieces of the client and some those are some of those that are being used by other projects and things like that which is cool, and then we make a Chrome app and the Chrome app is also usable, but have yet to make the actual native app that users will install. So that is the status of that part but then there are two more steps, so let’s say we have the client now that everyone's using because it’s awesome, it's doing BitTorrent, great.
So the people who are using those clients which I’m going to call hybrid clients now, the people who are using those they are going to be able to talk to both the web network and the normal network, so when they download something and they start to seed it, they are seeding it to both networks, they are seeding the sharing to both networks which means the web users now can download from them which is pretty cool, so hopefully a lot of people will use those hybrid clients because they are really good and the side benefit is they are helping the web users out.
Yes, so WebTorrent is on GitHub, the short URL that you can use in www.WebTorrent.io , so just visit www.WebTorrent.io and it redirects to the GitHub [repo] currently, I’ll make a site for it later but you can check up on the project there and give it a try and my blog is www.Feross.org , so if you want to follow the stuff I do later you can go to www.Feross.org and I’d say also you can just check out my GitHub page for all the other BitTorrent related modules that I’ve been writing, they are all in my GitHub if anyone is interested in that.
Werner: We'll all check it out and thank you Feross!
Thank you very much!