I think it's fascinating to see distributed social networks from a tech perspective. From what I've seen so far they exacerbate the problems that Facebook has been seeing so much backlash against.
1. The whole Cambridge Analytica issue was caused by APIs that are too open. For distributed systems there are more ways to exploit the APIs and gather data on users.
2. There is a clear issue with Facebook's accountability in these areas. Distributed systems are typically open source, they run on multiple servers by different owners, this leads to zero accountability.
3. GDPR compliance about deleting data is almost impossible in a distributed system.
4. Some of the problems with Facebook are more about usability and clarifying how things work to users. For instance the scandal with people giving away access to their private messages. Open source software and distributed software tends to be much harder to use.
5. Any future concern/issue will be much harder to resolve if there are thousands of different instance running decentralized social networks.
6. Using AI to detect abusive content or spot fake news is much harder if you only have a subset of the data. So it becomes harder to address those concerns in a distributed setting.
So while I think this stuff is awesome from a tech perspective, in many ways it just makes these problems harder to solve.
I think your post hints at a general schizophrenia in the latest, culture-war-fueled push against Facebook. On the one hand, the public debate is still significantly dominated by the old guard of anti-Facebook activists, whose objectives can be summarised as "Facebook's power over its users must be reduced". On the other, the renewed interest in doing /something/ about Facebook in the wake of Cambridge Analytica and fake news (and, before that, cyberbullying, stalking, harassment...) essentially amounts to "Facebook's power over its users must be exercised to quell evil". More often than not, the two are actually diametrically opposed (as when quelling evil turns out to require an increase in power). A hypothetical actually usable decentralised social network would advance the former cause, and, as you pointed out, set back the latter.
> The whole Cambridge Analytica issue was caused by APIs that are too open. For distributed systems there are more ways to exploit the APIs and gather data on users.
Huh? Scuttlebutt is fully encrypted.. doesn't that make the API vastly more locked down than Facebook/etc?
> There is a clear issue with Facebook's accountability in these areas. Distributed systems are typically open source, they run on multiple servers by different owners, this leads to zero accountability.
This is no worse than Facebook though. With Facebook, your friend could steal all of the data you let them see. With Scuttlebutt, your friend could steal all of the data you let them see.
At least with this I control who sees my data, no? Sure, I can't have accountability with a friend, but at least no company/etc has access to my data.
> GDPR compliance about deleting data is almost impossible in a distributed system.
Doesn't GDPR apply to companies? If my mom sends me a physical card, do I have to adhere to GDPR laws with her address/name? How is that any different than Scuttlebutt?
1. Follow you from site to site, scooping up all the data they can on you.
2. Allowed all of that data to be accessible not just by you opening up to a bad actor app, but by any of your friends opening up to a bad actor app.
Calling it "overly open APIs" is misleading at best. The point of an API is that it is a public interface. If Scuttlebut has proper permissions controls then they wont have these problems... and because they're open source those problems can be scrutinized rather than remaining opaque.
You're missing one very large differentiator: user control.
With Scuttlebutt, largely, the client controls every one of your points. Different clients (with different settings/controls) can interact with a network upon which other users are using completely separate clients, each with separate settings controlling how user data is contributed to the network. Consent is not an issue.
With Facebook, as a user, you need to agree to Facebook's strict terms to be a part of their closed network, and—largely—cannot do so with your own client with its own data-contributing settings. The only close equivalent is using something like uBlock with your own browser, but the control you have their is very limited.
I say consent is not an issue but I'll devil's advocate myself and describe a Scuttlebutt setup where it would be. Say a company sets up a normal centralised service, which you visit in your browser, sign up for a central account, and it's backed by Scuttlebutt behind the scenes. Users of that centralised service can connect to a larger Scuttlebutt network upon which other users may be using their own dedicated clients to access. Consent is an issue for that central service (which acts as a defacto client on your behalf), but not for the network at large.
In my case, I don't care about the "privacy protection" of a given social network: I assume that everything I post is public (except private messages), so I filter what I upload based on that assumption.
Things I do care about:
-No censorship
-Chronological feed
-Open source & non-abusive client. (i.e. no tracking what users see or read)
-Good usability
I don't care about abusive content or fake news. If I see fake news, I just stop following whoever posted it.
We fail to consider policy when thinking about centralized/federated services. Centralized services provide strong, regular policy adherence across the network, whereas federated services provide weak, irregular policy adherence across the network. Centralized services can effectively silence a bad actor. They may also silence a good actor, but generally only under external pressure from government. Federated services have little or not ability to silence bad actors across the network, though individual instances may effectively silence "bad" actors. However in this capacity "bad" is not well understood and can simply mean the instance administrator does not like the person the silence. Individual instances may also give voice to bad actors.
The GDPR argument is a bit moot because Scuttlebutt is no different than sharing pictures in gossip style (a.k.a. memes). If one of your childhood pictures happens to become the new meme, there's little hope that GDPR enforcement would suffice to de facto delete it from the internet: from Reddit, from Imgur, from independent websites, from Torrent, etc. The same is with Scuttlebutt, but data is primarily shared between friends without contracts, not from people to a particular company. GDPR applies to institutions.
The other points are just stating "much harder", which seems to just bring skepticism and little actionable suggestions.
I have similar concerns. If I had a magic wand, I'd solve this by splitting Facebook into an infrastructure-and-core-data non-profit and one or more for-profit companies that are building tools or interfaces on that platform.
I think there is a natural monopoly for some aspects of this, which is why Facebook is so hard to quit. But I don't think the whole thing need be in private, for-profit hands. Mozilla shows that a nonprofit can be a good steward of important web assets, with much stronger user advocacy than for-profit companies normally do.
Doing something like that for identity and interconnect between messaging and micropublishing providers seems much more robust than pure decentralization to me, which I expect would have the same failure mode as OpenSocial [1], where forces pushing toward natural monopoly are basically unchecked.
It's a philosophical issue, negative liberty vs. positive liberty.
Positive liberty is the distribution of responsibility to the collective (and managing/controlling the collective through central bureaucracy), negative liberty is distributing the responsibility to the individual, self organization, or stateful components in dev lingo.
Your error is that you're set on only one perspective, positive liberty, like many people in europe. GDPR is like that, instead of giving people the tools to protect themselves, and not leak data in first place, and educate them about voting with their wallets, they just take it from the individual and apply it to the collective.
That's the mindset of centralization. It's clear that decentralization efforts fail if you insist on distributing the responsibility collectively.
Personally, I hope (and I think I'm not alone here) that on a network like scuttlebutt, there will be much less "noise" than on facebook.
My timeline on facebook (whenever I check it, like weekly) is a mishmash of...
* ads (if using a browser that doesn't get rid of them)
* "you missed someone's birthday who you didn't even remember you were "friends" with
* look at this really popular post in your social vicinity, ENGAGE!!!
* cat/dog/food pictures
* politics of the same kind I had to ignore as a teenager, back then by mail. Sign $petition here!
* the occasional thing I give a flying fk about
This is not accidental. It is what facebook is built to do: keep you on their page, engaged.
Scuttlebutt and such don't have that incentive. Liking "Pizza" or "Justing Bieber" doesn't exist. You can like a specific post, but that's not the same as putting your entire preferences on there. The possibility to digitally model your entire family and social graph and all your preferences in the open doesn't exist, simply because... why would someone implement that? And why would they then gear the UI to reward you for doing that?
And it's not as inherently in danger of becoming an across-sites profile kept by a single entity.
> 1. ... For distributed systems there are more ways to exploit the APIs and gather data on users.
However there is no global state, users only push-pull feeds of friends and friends of friends. (In part for privacy and in part for performance, you don't need to carry all the data for a social network to be useful)
> 3. GDPR compliance about deleting data is almost impossible in a distributed system.
However that doesn't apply to individuals that aren't providing a public service.
> 4. ... Open source software and distributed software tends to be much harder to use.
> 5. Any future concern/issue will be much harder to resolve if there are thousands of different instance running decentralized social networks.
There are no instances, only peers. (Pubs are sort of easy to connect to peers and there is work being done on peer discovery to outdate most pubs; they could still be used to connect communits around topics, hobbies, etc as a way to reduce the distance between peers)
> 6. Using AI to detect abusive content or spot fake news is much harder if you only have a subset of the data.
There is no retweeting/sharing, though there is work being done on Out of Order Messaging to propagate a single message along the follow graph and there is work being done on flagging/tagging feeds/ids and posts. (Along with some semantics around how to interpret the flags/tags to improve UX and user control)
Well, it's not a Facebook replacement for the masses. It's more of the alternative in the way that Linux used to be an alternative to Windows long time ago. Linux was a nightmare for the majority, but for tech-inclined people (with a lot of spare time one might add) it offered a lot more safety and power, at the price that you had to learn how to set it up and use properly first. Same applies here. If you share data that shouldn't be shared it will not protect you, but if you know what you're doing it gives you a lot more control and safety.
Your concern about APIs in distributed systems seems to neglect the fact that cryptography can be used to ensure that only the right people have access to the data.
Although I do agree on the fake news point you make.
It’s hilarious that people think Facebook could be held accountable. Senators didn’t say we need rules for privacy protection or that any specific response should be made by them to CA leaks, just a vague “do suff better or we might regulate you”
These guys really have free reign and just get a slap on the wrist WHEN ELECTIONS ARE MEDDLED WITH.
We should leave their platforms in droves to deprive them of power cause it seems like even the US Congress won’t stand up to them.
"1. The whole Cambridge Analytica issue was caused by APIs that are too open. For distributed systems there are more ways to exploit the APIs and gather data on users."
No, the issue was that other people had access to data they shouldn't have. there's no problem with the API being open if only the right person has access to the right data, ie, if access management is done right
You are mixing up openness of the code and protocol with access to data. Access to data should be managed by security features, and security through obscurity isn't the proper method anyway.
this entire complaint centers on the over-paternalistic notion that it is the service operators responsibility, rather than the users, to solve these problems, and that this is the desired state of affairs.
1) ... on the users that have chosen to enable this
2) ... for the users that use other peoples servers or servers from disreputable people, or share to those who do the same.
3) ... and? this presumes GDPR is a good thing
4) ... it's impossible to view a list of viewed messages, perform bulk operations, flag, sort, group etc. facebook to the same level that can be done in other 'archaic' technologies such as email. presuming commercial ui's are designed for user friendlyness rather than increasing user engagement, etc. is a red herring. also, strawman.
5) much like HTML, TCP/IP, SMTP, HTTP and everything else the internet runs on?
6) which is why spam filters don't work? and users don't have brains to do this themselves?
The principle is that the network can become federated, which makes it possible to switch providers while remaining on the same network. This allows there to be competition between providers. Presumably, providers would compete based on their ability to protect your data. Facebook, on the other hand, competes almost solely based on the size of their network, which eclipses every other factor like accountability.
You are assuming the network holds personalized data.
While this is true for facebook (because this is their business model) it is not necessarily true for a non commercial social network.
Not saying that scuttlebutt is useless, but within the parent's perspective, almost everything applies as well on HTTP and HTTPS. But no one seems to care? I mean, google caches your website on their machines and so on, be it personal or not.
I guess once things become ubiquitous enough, they start to become invisible.
Whois service, I heard recently, was being scrutinized over personal data in the context of GDPR, so it's not ALL invisible.
> 6. Using AI to detect abusive content or spot fake news is much harder if you only have a subset of the data. So it becomes harder to address those concerns in a distributed setting.
Maybe people will have to start paying the market what this data is worth, as opposed to burying it in EULAs and using venture and angel funding to create a next generation data oligarchy more difficult to overcome than any financial oppression?
I think the idea is no ads -> nothing to target -> no need/value for personal data. Sure, maybe Cambridge Analytica can scrape Scuttlebutt or Mastodon but then what can they do with that data?
Okay Hackernews, I get it. Scuttlebutt isn't fully ready for everything yet. I wrote that article hoping that it would sparkle interest to both use it, plus make it happen.
This is not your usual startup launch, it's a community project by multiple open source hackers. If something is missing, you can make it happen. And there are so many ongoing developments right now (see list below), that it really doesn't make sense, at this point, to point out the current problems with the protocol. It's evolving fast, and can evolve even faster if you choose to make it your own and do something about it.
Here are a couple of things being developed:
- Mobile app for Android
- Better cryptographically-verified user invites
- P2P replication over WebRTC
- P2P replication over DHT (Kademlia)
- Better scalability (Epidemic broadcast trees)
- GitHub alternative
- "Out-of-order" replication (get messages from distant friends of your friends)
- Private groups
- Moderation tools (every person as a moderator)
- Socio-technical discussion around data accountability
- New RPC stack, rewrite
- Rust client
- Go implementation
- C implementation
- Groundwork for iOS support
- Multi-devices accounts
- Scuttlebutt on Firefox as an extension
- Overall improving onboarding and docs
- Replication over Bluetooth and Wi-Fi P2P
- Web viewer
- Scuttlebutt cloud (easy way of setting up servers)
2018 will be the year of "alternative to facebook" apps that are in no way an alternative to facebook.
To be an alternative to facebook, it should at least do 50% of what facebook does, and it should be accessible to all.
Anything that takes more than 3 steps to get it running it's going to keep people out. And if you keep people out, you don't have a social network, at least not anything like facebook where your grandma and people you went to school with but never met (or pretend you never met) are.
Plus you need marketing, a business plan, and so much more than just code that puts people together on the same page.
I hope for a social network where the data belongs to the user, but unless you get the complication out of it... it will be just something cool but not worth the time.
I really love the concept of this. I travel a ton and am without internet for days/ weeks at a time. Scuttlebutt allows me to keep up to date with friends and communities while offline and when I do eventually get online, just grab the newest updates and download them locally.
This is such a cool thing in my eyes for parts of the world with little / no internet access. The creator of the project (AFAIK) sails around the world and, again, has little internet access. this allows him to keep people updated when he eventually does find internet.
It isn't an alternative to Facebook unless my grandma can use it, and she couldn't set this up for herself.
The idea that centralized storage is the problem masks the actual concern. There is nothing inherently wrong with centrally stored data. There is a problem is when it is locked down by a 3rd party, and/or you don't control how it is used.
> There is nothing inherently wrong with centrally stored data.
I'd argue that a 3rd party having the personal details and communication logs of 2 billion people is a massive problem. Privacy, governmental data requests, accidental information leakages, profiling, job applicant scrutiny, fake news, spam, data misuse by employees etc. Or even worse, in times of war.
Actually with a few tweaks, this technology would be much simpler to use than Facebook, for a person like your grandma, simply because it removes that annoying registration process. You just open the installed app, and that's it.
It's odd that we got used to the idea that "(1) registration, (2) strong password creation, (3) username selection (in case of conflicts), (4) email verification link, (5) login" is somehow a good user experience.
Okay, but FB wasn't something your grandma used when it began.
Arguably it isn't FB if regular college kids can't use it. If they can subsequently onboard less tech savvy people, so be it, but that could be a future goal.
Why do we even want to be in a creepy digital relationship with our grandma? I used to think like you, then one day I realized that the real life is outside, I began calling my aunties, visiting them, and also created a Whatsapp group so the big family can have fun & share updates.
I downloaded Patchwork after someone talked about Scuttlebutt on HN, but when I tried to join any pub servers on their Github repo, none of them worked/connected. 30 minutes later, I uninstalled the thing.
The idea was interesting, the UI was pleasant, and I could see this working at some tech conference where people connect with each-other and there's a common pub server so people can keep in touch afterward, but I don't see uncle Joe or grandma using this thing over FB.
It's not an alternative to Facebook (or even Google+) for two reasons on viability for users. Firstly, it seems to have one client in development for Android, and none for iOS. Secondly, it doesn't offer a way to use multiple devices (with activity synced). [1] This restricts the platform a lot. I've been looking at Scuttlebutt once in a while for sometime, but I don't think it's developing fast enough to be a contender.
I'd really like to have a decentralized offering, but unless it provides the key features Facebook does, like the timeline, newsfeed, groups and pages, it'll be a very hard sell to get others on board.
Okay, but the immutable references sure make it hard to get rid of stuff once you've put it up there...
I much prefer the DAT protocol, which has mutability built into its assumptions about how people will use it.
I know you could do the same thing with an immutable protocol, but Scuttlebutt is a perfect example of why immutability shouldn't be the default. Try deleting something you put on there and maybe you'll see why. I couldn't figure out any obvious way to do this. I'd imagine that's because nobody has coded the "mutability feature" for deleting posts.
Mutability needs to be built in. You shouldn't have to reinvent the wheel (mutability) every time you need it.
Beaker Browser/DAT is a much more interesting decentralized experience in my opinion.
I wanted to take a look at how it works but the on-boarding process is not really welcoming. Getting started [0] redirects to this weird site [1] served over plain HTTP, installer is also not signed :(
Anyone else not even use social networks anymore? Privacy or not, it's just garbage. Facebook, myspace, hello, whatever it's all the same crap with different CSS values.
Not to be too meta, but the magazine this was published in is all about decentralization — I'm biased because I was involved in it, but if you're on this thread, you may want to check it out. Just launched: https://inthemesh.com
Why are we finding alternatives to Facebook, when in fact we should really be educating ourselves and people to stop sharing every single bit of personal information about themselves online, be it on Facebook or a decentralized application.
The problem with Facebook is that it holds way too much personal information about a person - phone numbers, emails, a person's likes/dislikes, hometown, current location, etc, and because society has been 'programmed' to share so much about themselves, no thanks to social networks like Facebook that promotes building your 'profile'.
In fact, strip away all that personal information and have people share their thoughts and their dinner photos and what you get is just Twitter, Instagram, Snapchat or a blogging platform.
A decentralized alternative to Facebook will not solve the problems Facebook has because in the end even if you own the private key to your own data it's up to you if you want to share your data with someone or an app, and once you've done that to a malicious party, your social network is compromised. And as some have pointed out in this thread, a decentralized and open source alternative would be worse.
In the end, it's up to the individual to be smart about what to share and what not to share, and reveal as little about themselves as possible rather than parade it all out to the world or to their 'friends' list. All it takes is for someone not too technical to download a hacked 'client update' to their decentralized Facebook alternative to have everything they thought to be secure be leaked out.
An alternative that promises to be more secure than what it's replacing is just asking for more complacency. I'm sure we thought Facebook was extremely secure at some point, so why not share everything?
The fact that one cannot delete or modify the history of a feed one "owns" is a show-stopper. Of course, people can always mirror stuff, but that is no argument against modifications.
Are there others like me who tend to read "alternative" as a misnomer in stories about "decentralized X as alternative to centralized Y?"
I take git vs. svn as what I think is a fair reference point. Someone can still argue in favor of svn, but I don't think they could seriously argue that git isn't a viable alternative.
Moreover, git is so popular because it specifically targeted svn's users. Scuttlebutt does not yet meet that standard-- at best its a framework on top of which a yet-to-be-built Facebook alternative might sit.
I don't want to be a pest but the barrage of FLOSS "alternatives" to Facebook/Twitter can have a numbing or frustrating affect on readers who don't reflect on this discrepancy.
But I don't see any of these services taking over Facebook or even making a slight dent. What might happen is that Facebook dies a slow death and none of my friends keep in contact on there. But then none of us really built up and real friendships on there so there's no incentive to start again on another site.
I guess, even say we all got our wish and Facebook died, I don't see utopia running up behind it. Utopia for most geeks was probably the early days of the internet. I don't see anything bringing those back.
Scuttlebutt is a great idea and has some really smart people working on it ( like Andre and Dominic ) .
With that being said, I don't think Scuttlebutt has any chance of succeeding. SB network has some fairly serious architectural issues which may or may not have solutions that are achievable with the current design. I ended up uninstalling.
[+] [-] tschellenbach|8 years ago|reply
1. The whole Cambridge Analytica issue was caused by APIs that are too open. For distributed systems there are more ways to exploit the APIs and gather data on users.
2. There is a clear issue with Facebook's accountability in these areas. Distributed systems are typically open source, they run on multiple servers by different owners, this leads to zero accountability.
3. GDPR compliance about deleting data is almost impossible in a distributed system.
4. Some of the problems with Facebook are more about usability and clarifying how things work to users. For instance the scandal with people giving away access to their private messages. Open source software and distributed software tends to be much harder to use.
5. Any future concern/issue will be much harder to resolve if there are thousands of different instance running decentralized social networks.
6. Using AI to detect abusive content or spot fake news is much harder if you only have a subset of the data. So it becomes harder to address those concerns in a distributed setting.
So while I think this stuff is awesome from a tech perspective, in many ways it just makes these problems harder to solve.
[+] [-] 4bpp|8 years ago|reply
[+] [-] notheguyouthink|8 years ago|reply
Huh? Scuttlebutt is fully encrypted.. doesn't that make the API vastly more locked down than Facebook/etc?
> There is a clear issue with Facebook's accountability in these areas. Distributed systems are typically open source, they run on multiple servers by different owners, this leads to zero accountability.
This is no worse than Facebook though. With Facebook, your friend could steal all of the data you let them see. With Scuttlebutt, your friend could steal all of the data you let them see.
At least with this I control who sees my data, no? Sure, I can't have accountability with a friend, but at least no company/etc has access to my data.
> GDPR compliance about deleting data is almost impossible in a distributed system.
Doesn't GDPR apply to companies? If my mom sends me a physical card, do I have to adhere to GDPR laws with her address/name? How is that any different than Scuttlebutt?
[+] [-] crowbahr|8 years ago|reply
1. Follow you from site to site, scooping up all the data they can on you.
2. Allowed all of that data to be accessible not just by you opening up to a bad actor app, but by any of your friends opening up to a bad actor app.
Calling it "overly open APIs" is misleading at best. The point of an API is that it is a public interface. If Scuttlebut has proper permissions controls then they wont have these problems... and because they're open source those problems can be scrutinized rather than remaining opaque.
[+] [-] lucideer|8 years ago|reply
With Scuttlebutt, largely, the client controls every one of your points. Different clients (with different settings/controls) can interact with a network upon which other users are using completely separate clients, each with separate settings controlling how user data is contributed to the network. Consent is not an issue.
With Facebook, as a user, you need to agree to Facebook's strict terms to be a part of their closed network, and—largely—cannot do so with your own client with its own data-contributing settings. The only close equivalent is using something like uBlock with your own browser, but the control you have their is very limited.
I say consent is not an issue but I'll devil's advocate myself and describe a Scuttlebutt setup where it would be. Say a company sets up a normal centralised service, which you visit in your browser, sign up for a central account, and it's backed by Scuttlebutt behind the scenes. Users of that centralised service can connect to a larger Scuttlebutt network upon which other users may be using their own dedicated clients to access. Consent is an issue for that central service (which acts as a defacto client on your behalf), but not for the network at large.
[+] [-] sandov|8 years ago|reply
Things I do care about:
-No censorship
-Chronological feed
-Open source & non-abusive client. (i.e. no tracking what users see or read)
-Good usability
I don't care about abusive content or fake news. If I see fake news, I just stop following whoever posted it.
So, under my criteria: decentralized > facebook
[+] [-] erkose|8 years ago|reply
[+] [-] staltz|8 years ago|reply
The other points are just stating "much harder", which seems to just bring skepticism and little actionable suggestions.
[+] [-] wpietri|8 years ago|reply
I think there is a natural monopoly for some aspects of this, which is why Facebook is so hard to quit. But I don't think the whole thing need be in private, for-profit hands. Mozilla shows that a nonprofit can be a good steward of important web assets, with much stronger user advocacy than for-profit companies normally do.
Doing something like that for identity and interconnect between messaging and micropublishing providers seems much more robust than pure decentralization to me, which I expect would have the same failure mode as OpenSocial [1], where forces pushing toward natural monopoly are basically unchecked.
[1] https://en.wikipedia.org/wiki/OpenSocial
[+] [-] colordrops|8 years ago|reply
[+] [-] deltron3030|8 years ago|reply
Positive liberty is the distribution of responsibility to the collective (and managing/controlling the collective through central bureaucracy), negative liberty is distributing the responsibility to the individual, self organization, or stateful components in dev lingo.
Your error is that you're set on only one perspective, positive liberty, like many people in europe. GDPR is like that, instead of giving people the tools to protect themselves, and not leak data in first place, and educate them about voting with their wallets, they just take it from the individual and apply it to the collective.
That's the mindset of centralization. It's clear that decentralization efforts fail if you insist on distributing the responsibility collectively.
[+] [-] black_puppydog|8 years ago|reply
* ads (if using a browser that doesn't get rid of them)
* "you missed someone's birthday who you didn't even remember you were "friends" with
* look at this really popular post in your social vicinity, ENGAGE!!!
* cat/dog/food pictures
* politics of the same kind I had to ignore as a teenager, back then by mail. Sign $petition here!
* the occasional thing I give a flying fk about
This is not accidental. It is what facebook is built to do: keep you on their page, engaged. Scuttlebutt and such don't have that incentive. Liking "Pizza" or "Justing Bieber" doesn't exist. You can like a specific post, but that's not the same as putting your entire preferences on there. The possibility to digitally model your entire family and social graph and all your preferences in the open doesn't exist, simply because... why would someone implement that? And why would they then gear the UI to reward you for doing that? And it's not as inherently in danger of becoming an across-sites profile kept by a single entity.
[+] [-] fabianhjr|8 years ago|reply
However there is no global state, users only push-pull feeds of friends and friends of friends. (In part for privacy and in part for performance, you don't need to carry all the data for a social network to be useful)
> 3. GDPR compliance about deleting data is almost impossible in a distributed system.
However that doesn't apply to individuals that aren't providing a public service.
> 4. ... Open source software and distributed software tends to be much harder to use.
Yes, however there has been some exiting discussion around what UX could become possible in a decentralized context. See https://coolguy.website/writing/the-future-will-be-technical...
> 5. Any future concern/issue will be much harder to resolve if there are thousands of different instance running decentralized social networks.
There are no instances, only peers. (Pubs are sort of easy to connect to peers and there is work being done on peer discovery to outdate most pubs; they could still be used to connect communits around topics, hobbies, etc as a way to reduce the distance between peers)
> 6. Using AI to detect abusive content or spot fake news is much harder if you only have a subset of the data.
There is no retweeting/sharing, though there is work being done on Out of Order Messaging to propagate a single message along the follow graph and there is work being done on flagging/tagging feeds/ids and posts. (Along with some semantics around how to interpret the flags/tags to improve UX and user control)
[+] [-] ivanhoe|8 years ago|reply
[+] [-] wybiral|8 years ago|reply
Although I do agree on the fake news point you make.
Edit: It seems that scuttlebutt does support optional end-to-end encryption: https://github.com/ssbc/secure-scuttlebutt#security-properti...
[+] [-] marricks|8 years ago|reply
These guys really have free reign and just get a slap on the wrist WHEN ELECTIONS ARE MEDDLED WITH.
We should leave their platforms in droves to deprive them of power cause it seems like even the US Congress won’t stand up to them.
[+] [-] make3|8 years ago|reply
No, the issue was that other people had access to data they shouldn't have. there's no problem with the API being open if only the right person has access to the right data, ie, if access management is done right
[+] [-] shmerl|8 years ago|reply
[+] [-] cat199|8 years ago|reply
1) ... on the users that have chosen to enable this
2) ... for the users that use other peoples servers or servers from disreputable people, or share to those who do the same.
3) ... and? this presumes GDPR is a good thing
4) ... it's impossible to view a list of viewed messages, perform bulk operations, flag, sort, group etc. facebook to the same level that can be done in other 'archaic' technologies such as email. presuming commercial ui's are designed for user friendlyness rather than increasing user engagement, etc. is a red herring. also, strawman.
5) much like HTML, TCP/IP, SMTP, HTTP and everything else the internet runs on?
6) which is why spam filters don't work? and users don't have brains to do this themselves?
[+] [-] syrrim|8 years ago|reply
[+] [-] john61|8 years ago|reply
[+] [-] arithma|8 years ago|reply
[+] [-] KirinDave|8 years ago|reply
Maybe people will have to start paying the market what this data is worth, as opposed to burying it in EULAs and using venture and angel funding to create a next generation data oligarchy more difficult to overcome than any financial oppression?
[+] [-] woodandsteel|8 years ago|reply
And if that is not what you are implying, perhaps you could explain what it is you do think we should be doing instead.
[+] [-] wmf|8 years ago|reply
[+] [-] staltz|8 years ago|reply
This is not your usual startup launch, it's a community project by multiple open source hackers. If something is missing, you can make it happen. And there are so many ongoing developments right now (see list below), that it really doesn't make sense, at this point, to point out the current problems with the protocol. It's evolving fast, and can evolve even faster if you choose to make it your own and do something about it.
Here are a couple of things being developed:
- Mobile app for Android
- Better cryptographically-verified user invites
- P2P replication over WebRTC
- P2P replication over DHT (Kademlia)
- Better scalability (Epidemic broadcast trees)
- GitHub alternative
- "Out-of-order" replication (get messages from distant friends of your friends)
- Private groups
- Moderation tools (every person as a moderator)
- Socio-technical discussion around data accountability
- New RPC stack, rewrite
- Rust client
- Go implementation
- C implementation
- Groundwork for iOS support
- Multi-devices accounts
- Scuttlebutt on Firefox as an extension
- Overall improving onboarding and docs
- Replication over Bluetooth and Wi-Fi P2P
- Web viewer
- Scuttlebutt cloud (easy way of setting up servers)
- Websites on scuttlebutt
- etc
It's a moving target
[+] [-] ibdf|8 years ago|reply
To be an alternative to facebook, it should at least do 50% of what facebook does, and it should be accessible to all.
Anything that takes more than 3 steps to get it running it's going to keep people out. And if you keep people out, you don't have a social network, at least not anything like facebook where your grandma and people you went to school with but never met (or pretend you never met) are.
Plus you need marketing, a business plan, and so much more than just code that puts people together on the same page.
I hope for a social network where the data belongs to the user, but unless you get the complication out of it... it will be just something cool but not worth the time.
[+] [-] patrickbolle|8 years ago|reply
This is such a cool thing in my eyes for parts of the world with little / no internet access. The creator of the project (AFAIK) sails around the world and, again, has little internet access. this allows him to keep people updated when he eventually does find internet.
[+] [-] codingdave|8 years ago|reply
The idea that centralized storage is the problem masks the actual concern. There is nothing inherently wrong with centrally stored data. There is a problem is when it is locked down by a 3rd party, and/or you don't control how it is used.
[+] [-] jeswin|8 years ago|reply
I'd argue that a 3rd party having the personal details and communication logs of 2 billion people is a massive problem. Privacy, governmental data requests, accidental information leakages, profiling, job applicant scrutiny, fake news, spam, data misuse by employees etc. Or even worse, in times of war.
[+] [-] staltz|8 years ago|reply
It's odd that we got used to the idea that "(1) registration, (2) strong password creation, (3) username selection (in case of conflicts), (4) email verification link, (5) login" is somehow a good user experience.
[+] [-] madamelic|8 years ago|reply
Facebook isn't an alternative to email if my grandma can't use it.
Computers aren't an alternative to telephones if my grandma can't use it.
Telephones aren't an alternative to mail if my grandma can't use it.
etc.
---
It'll get easier and simpler, I promise.
[+] [-] lsiebert|8 years ago|reply
Arguably it isn't FB if regular college kids can't use it. If they can subsequently onboard less tech savvy people, so be it, but that could be a future goal.
[+] [-] roadbeats|8 years ago|reply
[+] [-] projektir|8 years ago|reply
I wonder if Facebook is perhaps just not worth it.
[+] [-] remir|8 years ago|reply
The idea was interesting, the UI was pleasant, and I could see this working at some tech conference where people connect with each-other and there's a common pub server so people can keep in touch afterward, but I don't see uncle Joe or grandma using this thing over FB.
[+] [-] newscracker|8 years ago|reply
I'd really like to have a decentralized offering, but unless it provides the key features Facebook does, like the timeline, newsfeed, groups and pages, it'll be a very hard sell to get others on board.
[1]: https://www.scuttlebutt.nz/faq/applications/multiple-devices...
[+] [-] blurbleblurble|8 years ago|reply
I much prefer the DAT protocol, which has mutability built into its assumptions about how people will use it.
I know you could do the same thing with an immutable protocol, but Scuttlebutt is a perfect example of why immutability shouldn't be the default. Try deleting something you put on there and maybe you'll see why. I couldn't figure out any obvious way to do this. I'd imagine that's because nobody has coded the "mutability feature" for deleting posts.
Mutability needs to be built in. You shouldn't have to reinvent the wheel (mutability) every time you need it.
Beaker Browser/DAT is a much more interesting decentralized experience in my opinion.
[+] [-] Promarged|8 years ago|reply
[0]: https://www.scuttlebutt.nz/getting-started.html
[1]: http://dinosaur.is/patchwork-downloader/
[+] [-] sergiotapia|8 years ago|reply
Do we even need social networks anymore?
[+] [-] hackbinary|8 years ago|reply
What's new/different here over this and other efforts?
[+] [-] blamestross|8 years ago|reply
- Providing a "secure" system in nodejs (it does not matter how good your crypto code is I I can poison left-pad)
- Bad privacy behaviour: you can follow anybody, limited ability to have private/friend-only messages.
[+] [-] daniper|8 years ago|reply
[+] [-] hw|8 years ago|reply
The problem with Facebook is that it holds way too much personal information about a person - phone numbers, emails, a person's likes/dislikes, hometown, current location, etc, and because society has been 'programmed' to share so much about themselves, no thanks to social networks like Facebook that promotes building your 'profile'.
In fact, strip away all that personal information and have people share their thoughts and their dinner photos and what you get is just Twitter, Instagram, Snapchat or a blogging platform.
A decentralized alternative to Facebook will not solve the problems Facebook has because in the end even if you own the private key to your own data it's up to you if you want to share your data with someone or an app, and once you've done that to a malicious party, your social network is compromised. And as some have pointed out in this thread, a decentralized and open source alternative would be worse.
In the end, it's up to the individual to be smart about what to share and what not to share, and reveal as little about themselves as possible rather than parade it all out to the world or to their 'friends' list. All it takes is for someone not too technical to download a hacked 'client update' to their decentralized Facebook alternative to have everything they thought to be secure be leaked out.
An alternative that promises to be more secure than what it's replacing is just asking for more complacency. I'm sure we thought Facebook was extremely secure at some point, so why not share everything?
[+] [-] dlwiest|8 years ago|reply
[+] [-] johnny313|8 years ago|reply
[+] [-] madez|8 years ago|reply
[+] [-] jancsika|8 years ago|reply
I take git vs. svn as what I think is a fair reference point. Someone can still argue in favor of svn, but I don't think they could seriously argue that git isn't a viable alternative.
Moreover, git is so popular because it specifically targeted svn's users. Scuttlebutt does not yet meet that standard-- at best its a framework on top of which a yet-to-be-built Facebook alternative might sit.
I don't want to be a pest but the barrage of FLOSS "alternatives" to Facebook/Twitter can have a numbing or frustrating affect on readers who don't reflect on this discrepancy.
[+] [-] icc97|8 years ago|reply
But I don't see any of these services taking over Facebook or even making a slight dent. What might happen is that Facebook dies a slow death and none of my friends keep in contact on there. But then none of us really built up and real friendships on there so there's no incentive to start again on another site.
I guess, even say we all got our wish and Facebook died, I don't see utopia running up behind it. Utopia for most geeks was probably the early days of the internet. I don't see anything bringing those back.
[+] [-] _Marak_|8 years ago|reply
With that being said, I don't think Scuttlebutt has any chance of succeeding. SB network has some fairly serious architectural issues which may or may not have solutions that are achievable with the current design. I ended up uninstalling.