Hacker News new | past | comments | ask | show | jobs | submit login
Diaspora Project: Building the Anti-Facebook (readwriteweb.com)
165 points by alexandros on May 5, 2010 | hide | past | favorite | 94 comments



Meh.

I don't think software people understand just how disinclined a non-software person is to do anything requiring configuring serverside stuff.

Even torrents, where clients have essentially become good enough that all you have to do is install them, most people get a friend that has some understanding of computers to set them up for them.

The cloud is really a better model if you want to achieve widespread adoption, and what is the point of a social network without people.


That's why they build it such that people can simply pay a 3rd party that offers the service and just use them to hold their identity. Not as much control as hosting it yourself, but still not as bad as facebook where you can't leave and they hold EVERYONE's data.


I'm just not convinced that enough people actually care about that.

The largest cell phone market is the one for generic simple phones that just make calls, regardless of the smartphone hype. The reason that IE is so ubiquitous is that a huge number of people don't really care, as long as they can get on the internet, and go on facebook and youtube and maybe a few other sites, thats enough for them.

Hell, even look at dropbox, people only started using that sort of service when it went into the cloud and became dead easy. They didn't care that they were locking all their data into a hard to leave service.

Don't get me wrong, I think it would be great if there was a way to recreate facebook in an open software setting, I just don't think any social network where the average user would have to either install a complicated app or pay a fee will ever get off the ground...


If most people don't care, that's because they don't know. See, most people barely make the difference between their browser and a search engine. They don't think about the long term accessibility of their digital data, or about the preservation of their online privacy because they just don't know what it means. On the other hand, they do care about preserving (physical) family photos and important documents. They do care about their home not being spied.

I see people not caring as a lack of education. Computers are ubiquitous in the western world since less than a generation. The Internet is even younger. This is just too short for people to understand them (and their hazards). Just wait 20 years, and they will understand. At this point, they will care. Now, the question is whether we can accelerate the process or not.


What's so hard to leave about Dropbox? I don't even have to copy my data off. I already have multiple copies.


it'll probably be like openid. a few big names will host a data for a large number of people that don't care to setup their own, but for those that want more control, they can host their own data.

even if those non-technical people don't host their own data, they'll be able to switch to something else that may have different privacy policies.


Sure, just like non-software people are disinclined to configure web/email servers and set up large wired/radio communications networks.

They still surf the net, send email and talk to people on the phone though.


What if there is an app for that?


What about "plug and share" machines? I bet a plug computer[1] with everything installed on it could do the job. It doesn't need to be more complicated than Gmail.

[1]: http://en.wikipedia.org/wiki/Plug_computer


Decentralized = much harder to police by governments, authorities, big corps. This can unlock radically new usages.

For instance, in a fully decentralized system, you can get rid of storage limitations by storing stuff on your computer (or on the cloud in a private form). So you can share not only pics of your pets, but also your music and movies collection.

If this results in something as easy to use as Facebook, but uncontrollable and perfectly able to host and protect media piracy / political dissidence / etc., we get darknets for dummies. This project or a variant thereof, if successful, could deeply change Internet by taking all power out of authorities and into people's hand. Whether it's a good or a bad thing is debatable, but it certainly is interesting.


> Whether it's a good or a bad thing is debatable

Not, not really. It's a very good thing, and similar to what the web did in the first place.


Uhh, four guys and an idea for a website. You know they'll definitely succeed because they're totally willing to sacrifice their summer internships to build it in three months and release it, scouts-honor!

Sorry for the sarcasm & general negativity - but they have nothing. As someone else said, just build it. The concept of replacing Facebook with something open, private and distributed is not at all new - many have tried and failed before them. "We have the chops" and $10k isn't some kind of magic potion. And their biggest challenge isn't building it, it's getting people to leave Facebook for it.


I wonder how many people have considered building something along these lines. I know I did when I started hearing about what came out of f8, and I don't even use Facebook currently.


I also considered building something along these lines - which is why I contributed to this project.


I played with this idea a full year ago. The ability to own your own data and share it out as a web service or data host. There would be no need for a centralized server, and it would provide many competitive opportunities to host what I came to call "identity servers." This would create innovation as each value added provider can experiment with the direction.

I won't be the first to call it now - but I can imagine the popularity of decentralized architectures catching mainstream attention. Git is getting popular, vs say SVN or CVS.

Remember, the internet itself is decentralized.


Yeah the ability to easily self-host an identity server or to be able to just pay someone else to be hosted on theirs is hugely important.

Also the ability to easily move your identity and inform people you have moved so they can update. Doing that last part securely is one of the things that hung me up when thinking about it, but I also only really dug into it for an hour or so.


Dreamhost costs about $50 a year. That's not a lot. Of course, it's not a turn key solution, but I'm sure they'd support one if it emerged.

Getting people to pay for an otherwise free service might be tricky, but I'm sure google would foot the bill (and do the hosting) if they got to push more ad-words.

It will probably go: self-hosted and hosted (by techies), then big companies find a way to do the hosting for non-techies in order to push ads.

Movable identities - DNS works. A DHT with email-addresses as the primary key (rather than domain names) would also work (though you would need some karma ratings system to keep it from being hacked). You would either use DNS, or reinvent a DNS-like protocol. No big deal.


Also the ability to easily move your identity and inform people you have moved so they can update.

I think DNS is the key here; it lets you move a server while keeping the same name.


This can be handled by 301 redirect or it can be built into the protocol. When moving a profile from one provider to another, the standard could require a response indicating the location of the profile for a minimum period of time (such as a week or a month).

A standard such as this would be crawled on a frequent basis by the social network apps built on top of it, as well as the search engines. They would all update their canonical profile addresses and that would be that--an organic, self repairing network.


I don't even trust providers enough to provide a 301 redirect, but your paranoia may vary.


That works if you have a domain name just for your "identity", but if you are hosting on someone else's then it gets interesting.

Of course I may be stuck on the way I was looking at it of a fully qualified URL (say http://runevault.com/runevault for my id, and I don't think DNS currently goes farther then domains).


Being that it is the Domain Name System...:)


> Remember, the internet itself is decentralized.

I think it's a common misconception. You can be decentralised with friends. With the whole world, you need a single entity. Just look at Facebook, Twitter, Google, MSN -vs- Jabber (even gtalk is not a jabber in the mind of users - it's gtalk / google chat), money transfer services, iAnything from Apple, etc.

People seem to like centralisation - they know where to go and how to call it.


Email, the web, DNS, routing and TCP/IP are all decentralised. I think the push is to try and do that for social apps like Facebook as well, instead of having AOL-email style monopolies...


DNS, routing and TCP/IP are things you never see. They're technically decentralised and they stay like that in practice.

Email and web? Not so much really. Everyone serves their little page from their own site. But as soon as you want to interact / share, you're back to hubs like dropbox, facebook, twitter, etc. The data may flow through decentralised links, but it's still coming from FB.


If I want to view a web page that you've created, I go to a server which you control (or your ISP controls). I don't have to go to web.com and click through to an account that you've created on the web.com service.

If I want to send you an email, I talk to my server, my server talks to your server, and you get an email in your inbox. Maybe I use GMail and you use Yahoo, but the underlying protocol is the same, so it doesn't matter.

Services like Facebook and Twitter have been written as a closed protocol right from the start, so you're not used to thinking of them in open or interoperable terms, but it looks like it's happening - it's just a question of time and the right impetus.

(Perhaps you're thinking of 'decentralised' as being able to host stuff on any computer in some sort of cloud, but I prefer to think of it as 'not controlled by any one entity' - maybe that's where some of the confusion is coming from?)


Right, but you're forgetting one thing. Decentralized works for technical problems, not social problems. People fled from the decentralized alt.* on Usenet to centralized Lifejournal where they had more control over their experience. A decentralized social network would be a sewer.


Just like a decentralised web or decentralised email? The idea is to have lots of smaller silos interoperating, rather than a couple of big ones. Just because it's decentralised, doesn't mean that you have to give up control of your bit.


The technical part of it is distributed but "my inbox" is entirely under my control.


Which is the whole issue - your Facebook "inbox" or "outbox" is not under your control. If it worked more like email or the web, you'd be a lot better off, privacy-wise.


I have, although I have limited free time to work on it right now. My 'market testing' page is here: http://openf.oarsum.com/

The idea is that there needs to be a protocol such that I can friend you, even though you're hosted on a completely different server. I suspect that it's a difficult concept to wrap your head around unless there's something that you can actually play with (although it's not too dissimilar to email). Perhaps the Django/Python choice might throw people too...


I have considered it, ok scratch that, dreamed about something like this around the time Friendster craze started.

Even for a decentralized project you still need the big "seeders", that is the problem.


This idea has been around for a while I think. Freenet would be a pretty sweet platform for something like it ;p


I have been in the process of doing the same thing for a few weeks. It seems like the time is right.

My plan is similar. RESTful API built on OAuth 2.0 and Open Social, with OpenID as an option. The specification will be open and the first implementation will be OSS.


I really think that we should be thinking bigger that just social networking. Wouldn't it be cool to be able to only allow email from people in your social graph? Give all your friends SSH accounts on your server?


Yeah it would be awesome... except people I don't know email me. It's how I meet people. It's how I reach out to people I think are interesting and would like to talk to for any reason. It's how customers and potential customers contact me.


Ugh, software teams are the new bands.


If a scintilla of the glamor of being drug-addled and minimally employed gets leeched by ambitious programmers, that's probably a net gain.


Well, we'd still need "programmer groupies". If they existed, I imagine economic growth would soar in the Western world.

(Though I don't really get marcus's point/joke, probably because I haven't watched the video.)


Guy wearing the V-neck in both images?


A friend of mine just said the same thing (about another dev team photo), so I took it to the next logical step and created http://devteamorindieband.tumblr.com


Yes, but hopefully more talented...


If loads are distributed across a network, how secure would your information be? I guess you could get around that by being explicit about how open your data is and discourage people to post sensitive info.

Also, by re-federating the service of Facebook with partner companies (push pics back to flickr, status back to twitter, etc.), they could get some nice allies, reduce the bandwidth requirements dramatically, and allow granular control of users in a very clear and powerful way (flickr is set to private, for instance).

Neat idea. I'd love to see it kill facebook. If there's an elegant way to detach online socialization from the profit motive while maintaining functionality, it would be good for everyone not employed by facebook to see it succeed.


The security will be determined by your web of connections and the quality of their profile providers. For such a system to be functional and have sufficient appeal to 3rd parties such as Google and other systems that will want to crawl the graph, a certain portion will have to be open. Things like your name and connections to others.

Ultimately, a larger subset of your data will eventually become public. This will happen by users installing games and other apps on top of the system that aren't as trustworthy. This can happen today with Facebook. It just isn't talked about much. Writing an app for FB is eye opening.


The biggest sticking point is going to be the web of trust. Facebook's walled garden is excellent at managing identity, and this would be very difficult if any random 419 scammer can set up a Diaspora server and plug into the network.

Really, it seems like turn-key services are the primary solution, though the important thing is to get a competitive marketplace where some are ad-supported, some aren't, but all of them are reasonably trusted.


How many e-mail do you receive that appear to come from your friends, but don't? For me, that's none.

Diaspora server will be the same. Your random 419 scammer won't be able to make a lot of friends if people are a little careful. Add PGP keys and a proper web of trust, and the scammer won't be able to spoof any identity at all.


With your comment, we've left my technical understanding in the dust.

That said, would it be possible to get research universities to act as the network? I assume people would be trusting of that.

Or is there a way to encrypt data or split it up in ways that makes it meaningless to any individual without the right password/signature?


Trust would be an issue. In an open system, it would always be possible to set up a rogue server with spoofed profiles.

There are ways to combat this. Using OAuth for authentication keeps them from getting your credentials. It or a similar protocol for data exchange allows you to shut them off if they're proven bogus. They might have limited visibility into your network in the meantime, but that's it.

It will probably end up working a lot like the web works now. You'll have to look at the URL and decide if you trust the provider. You can also send a message along with the friend invite and prior to accepting another's invite, that gives you some confidence that you know that person. Finally, by seeing that you share common friends on common providers will be a strong indicator.



I don't full grasp the concept but it seems to me that making users set up their computer to act like some kind of peer is a great barrier to entry for everyday folks.


From the Kickstarter page:

After we open source our source code, we hope to also provide a paid turnkey hosted service in the vein of Wordpress.com to make it easy for people who want to use Diaspora, but don’t want to deal with the fuss of setting it up.


If the only way for the average person to use the service is to pay for it, that's going to be a very tough hill to climb.


Unless someone else hosts an ad-supported version that turns out to be viable. But I agree that their business model needs work.


If its kept minimalistic, along the lines of Craigslist, they will be just fine.


They won't have to do this. Most will probably go with a provider such as Google, MSN, or Yahoo!. The "cool kids" will install a Wordpress plugin or set up their own.


If facebook is stirring up this kind of sentiment then it could very well be they have a real problem on their hands.

Apparently it is ok to take your users for a ride, but only so far.

I'm pretty happy about all this, maybe there will be a serious push back against all these companies that see the information they hold about their users as their 'product'.

What's next, distributed search engines?


Facebook is stirring up this kind of sentiment in less than 0.1% of their users.


Google news currently lists 449 articles about this, NYT, WP, WSJ and so on. You can bet that it's visible to a lot of people. Facebooks users are for the most part not capable of building an alternative but there are people that can, and this seems to bring them from having stuff 'on the drawingboard' to actually doing it. The next privacy cock-up and this kind of article will carry a list of alternatives.


To add one more, I saw a big feature article in freaking Consumer Reports this month about Facebook privacy issues, and them sharing more than you think. It seems to be hitting the mainstream in a big way.


> ... What's next, distributed search engines?

Interesting idea, how might that work?


I see they were trying really hard, but... the movie was a torture. Or maybe it was just my impression.

Also, it was funny that youtube included onesocialweb.org in the related videos at the end - it seems to be a similar concept, but I've never heard about it before.


wow http://onesocialweb.org actually has working code. doesnt seem to be any demo offering public registration yet though. might try and install it myself later.


All they need is a simple migration path for users and they (or something like them) will be able to knock Facebook out of the water—but it'll happen quietly at first, like any other disruptive technology.


Considering you are now allowed to permanently store data extracted from FB with their API, I wonder just how easy/doable this would be now...


This policy was just changed. Now apps can store data as long as they like because they are in a contract with the user.


I misphrased I guess, that's what I meant is now you CAN hold onto data permanently, before it was only for 24 hours. Which is why it is now possible to make export easy.


I find this 'social' tunnel-vision saddening. The ideal model of communication is more akin to a pastebin, where you can quickly host any data abstraction, not just people profiles.


The ideal model for you. If you can host any data abstraction without increasing the complexity, that's a different story.


A team of four NYU CS students...what's the 10k for? Just build it!


rent for the summer


If a project like this were actually successful, it would be exciting news indeed. Not just for those who want to bail on facebook, but those who wish their blogs were more connected, or those who wish that livejournal wasn't dying a slow and pathetic death.

If they are hoping to be able to hook in to existing semi-closed systems like Facebook, though, they are aiming for a moving target that, as we've seen, isn't afraid to use the law to stop users from getting their data out.

I also wonder how they will handle communities. That is one thing that livejournal has always done quite well, and facebook's groups leaves a lot to be desired. I have a hard time imagining how that will work in a distributed environment, unless the community itself will not actually be distributed.


Finally! I've been waiting for someone to do something like this, and was even thinking about trying to make something similar myself recently. How hard can it be? Probably not very, compared to other projects I'm working on.

I'm sure that it's not just tech geeks who would like to have some modest amount of privacy online. Just declaring that "Privacy is dead. Get over it" may be ok for a few exhibitionists and philosophers, but in the real world people do want and expect some level of privacy - especially when it comes to things like medical conditions or relationships.


Is there a problem? Maybe, yeah, but for a limited audience.

Will anyone ever install this? I doubt it. Good thing is the people who actually think this is enough of a problem to install some server side stuff have the technical capability to do so.

I almost just typed in: Solution in search of a problem. After reading comments here + around the web I feel there is some semi problem here that might apply to a broader market- Facebook is getting creepy with how much they know and it's getting overly complicated. I just think this is a really poor way to solve the problem.


One solution i can think of is,

You Create your own data and keep it stored on your device(can be anything, laptop,desktop,mobile etc). When you visit some host, it knows where to find your data(we assign a common known to all social port to our host), but needs your permission to download the data.So now when a relation of yours visits the same host we visited, It can tell our relation that what we have done on the host, only after we both use a common key.


perhaps the most positive outcome will be the outpouring of many different - but API-compatible social networking tools - all built by various naysayers and "i can do better-ists" which result in a variety of great choices. You can choose Wordpress or Moveable Type, or perhaps Apache or IIS, or AIM or GTalk. Interoperability, done earnestly and successfully, will move the challenge to the quality of user experiences and the robustness of the platform.

Yes, there are many social network style applications waiting to be discovered, but this effort, Diaspora, not only has a lot of attention, but it hit at a good time - when people are openly dissatisfied with the incumbent service, and the team heading up this project has not only the support of groupies, but their school, open source software organizations, and a lot of very motivated community members.

Lets hope that we can build something that will endure for the long term, and reverse the trend of user exploitation.


I was just searching for something like this yesterday. I came across DiSo (http://code.google.com/p/diso/), which at first glance appears to be somewhat stale and a bit of a protocol soup.

Anyone know if that effort is still under way? (and if there are any lessons to be learned from it?)


Answering my own question here from the linked Q&A with Luis Villa: http://joindiaspora.com/2010/04/30/a-response-to-mr-villa.ht...


Donated 26 bucks. 1% chance of succeeding, but I want them to try. Facebook is just horrible when it comes to privacy.


did you sign in to kickstarter with your facebook profile?

kind of funny that's an option


I hope they get far enough for people to use it. My objection to twitter the instant I saw it was that it required a single host/company, unlike email that can be hosted by individuals or companies and offered on any terms imaginable.


It sounds like a solid idea to me, id love to see a privately owned, node-based system where anyone can own their own things. I wonder how all the separate nodes would interact with each other. Im almost tempted to back them.


It already exists. It's called status.net using the ostatus protocols.


diaspora is used for people who live outside of the traditional land of their nation of origin.

from my understanding, the name implies that people who don't have a social networking account from some service provider are expatriates. i think this gives too much importance to such services.

nice idea, i definitely would like to see how it goes. but the name should be changed, so that it is in line with the political view it is the brainchild of.


Political views aside, I agree that they'd benefit from a different name. Choose something more accessible, something like "Facebook" but not a derivative.


I wonder if any of my postings about Facebook alternatives here was inspiration for this project? (Which I would love if this were the case.)


What ever happened to FOAF? The way to do this is to build it on the web, not to try to create some new peer-to-peer system.


FOAF has some great ideas. Unfortunately, for a system to have the level of functionality that users have come to expect, it will have to be a protocol run as web services. I think many of those ideas or even parts of the standard can be leveraged, though.


I suspect that the secure sharing of music, video, and software will help drive the adoption of something like this.


I may be naive, but how is that any different from a traditional homepage?


I think it would have a private part that enables you to manage connections to other homepages, control what's public and private, and aggregates news from other connections.


Well, if you look at it that way, a blog isn't any different than a traditional homepage either. :) But if not for the structure that blogs impose and the fact that non-technical people can edit them, the web would still be majority "Welcome to the Jones Family Homepage: Click to look at our vacation pictures from 2 years ago! (We can't update anymore because our kid moved out and we don't know how to change anything.)"

That aside, it looks like they're building in GPG based sharing (to limit _who_ you're actually sharing with—a more and more common problem these days) and some kind of capability to automatically publish to/subscribe from friends' nodes.


I think the main difference is that there would be a "behind the scenes" component that would allow profiles on different sites to exchange information in a secure way, while supporting different levels of privacy, etc.

I think a home page will play a part by integrating into the service. Instead of having a Facebook home page, you might go to any of a number of sites that would provide an aggregated view into your portion of the social fabric. Instead of looking at peoples profile pages, you would go to their profile page on a blog or anywhere else. This, too, would integrate into the underlying service.

This is all supposition, of course...


Guys, we have this already. Just check out the tonido project. http://www.tonido.com


This seems to let you host media on your computer, and to work around the need to have a fix IP address or a dyndns account.

It doesn't seem to know about graphs of friends, which is the central principle of FB. FB is not about videos, YouTube is; FB is about getting the videos you like to spread across your friendship network.

However, it looks like a nice application, even if it's only remotely related to Diaspora or Facebook.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: