In this episode of the Computer Architecture Podcast, hosts Suvinay Subramanian and Lisa Hsu welcome Professor Jim Larus, a distinguished figure in computer science. Professor Larus is currently the Dean of the School of Computer and Communication Sciences at EPFL in Lausanne, Switzerland. His extensive career includes over 16 years at Microsoft Research as a researcher, manager, and director, as well as a professorship at the University of Wisconsin. Professor Larus has made significant contributions to various fields such as programming languages, compilers, computer architecture, and computer systems, including notable projects like the Wisconsin Wind Tunnel, the Singularity project at Microsoft, and the Orleans framework for cloud programming.
The central theme of this episode revolves around the evolving landscape of hardware-software systems, with a particular focus on security, privacy, and the control exerted by major tech companies over these ecosystems. Professor Larus shares his insights on the challenges and opportunities in both academic and industrial research environments. A significant portion of the discussion is dedicated to the development and implications of contact tracing protocols, like the DP3T protocol he was involved with during the COVID-19 pandemic. This serves as a case study to explore broader issues of user privacy, data control, and the power dynamics between national governments and large technology corporations such as Apple and Google.
Professor Larus delves into the intricacies of app permissions, the design of privacy-preserving technologies, and the trade-offs inherent in building secure yet functional systems. He reflects on his experiences leading rapid, multi-domain collaborative projects and discusses the different motivations and operational styles in academia versus industry. The conversation also touches upon the future of computer architecture, the importance of interdisciplinary collaboration, and the evolving role of hardware in ensuring system security and user privacy.
---
Chapters
00:00:12 — Introduction to Professor Jim Larus and Episode Overview
00:28:52 — Professor Larus on Current Work and Challenges in Computer Science
01:04:51 — The Evolving Landscape of Security, Privacy, and Device Control
01:56:84 — User Experience with App Permissions and Privacy Concerns
02:26:32 — Apple's Approach to App Permissions and Privacy
03:44:08 — The Power of App Stores and Manufacturer Control Over Software
04:53:65 — The Case of COVID-19 Contact Tracing: DP3T Protocol and Big Tech's Role
06:07:48 — The French Government's Stance on Contact Tracing and National Sovereignty
07:44:47 — The Public Health Domain vs. Tech Company Domains in a Crisis
08:20:46 — Contextualizing Contact Tracing Protocols: How They Work
09:58:14 — The Design and Mechanics of the DP3T Contact Tracing Protocol
12:01:07 — Privacy-Preserving Design and Bluetooth Low Energy Stack
13:20:88 — The Trade-offs and Limitations of Contact Tracing Data
14:54:91 — Comparing Research Environments: Academia vs. Industry
15:54:91 — The Rapid Development of Contact Tracing and Cross-Domain Collaboration
25:02:00 — Reflections on Career Paths and the Nature of Academic vs. Industrial Work
26:02:00 — The Importance of Multi-Domain Collaboration in Solving Complex Problems
28:57:00 — The Future of Hardware Security and Control Mechanisms
35:02:00 — The Role of Governments in Regulating Tech Companies and Privacy
35:33:00 — Closing Remarks
Takeaways
The Blurring Lines of Control: Large tech companies like Apple and Google wield significant control over hardware and software ecosystems, often dictating what applications can run and how, which has profound implications for user privacy, national sovereignty, and innovation.
Privacy by Design is Crucial but Complex: Developing privacy-preserving technologies, such as the DP3T contact tracing protocol, requires careful design to minimize data collection while achieving functionality. However, this often involves trade-offs, as seen in the limited epidemiological data available from such systems.
Security and Privacy are Not Always Aligned: While often discussed together, security measures implemented by tech companies (e.g., app store controls) can also serve as mechanisms of control, sometimes at the expense of user choice or developer freedom, rather than purely enhancing privacy.
Academia and Industry Offer Distinct Advantages: Academic environments provide freedom and the ability to pursue novel ideas rapidly with fewer bureaucratic constraints, as demonstrated by the swift development of the DP3T protocol. Industrial research, particularly in large companies, offers vast resources and the potential for wide-scale deployment and impact.
Cross-Domain Collaboration is Essential for Innovation: Complex problems, like developing effective contact tracing, require collaboration across multiple disciplines (e.g., epidemiology, privacy, systems). Such interdisciplinary work, while challenging, leads to more robust and well-rounded solutions.