Thanks for responding! Sadly the signal:noise ratio on HN really plummets when urbit gets mentioned. Zaphar's response is good but I'll go in to more detail (as I see it):
- bandwidth : there's nothing in Urbit itself to address this, but one presumes that if you host an urbit on EC2, you'd also be putting cloudflare in front of its webserver. More generally, if Urbit got even moderate adoption, the hosted-server companies would fall over themselves supporting it, because it's a new customer base for them.
- mail : Agreed, I would never want to run a mail server, on urbit or anywhere else, due to how convoluted it is. However, Urbit uses a federated addressing system that would make spam unprofitable. Read their page on identities if you want details, but the short version is that full-fledged identities on the Urbit network cost a couple of bucks, and it is assumed that anyone who spammed from one would get blackholed before they recouped the investment.
- social : From a user's perspective, I think the big difference between Diaspora and the-yet-to-be-made-facebook-clone-on-urbit is that the latter is not the only thing you can put on an urbit. It's unlikely that Urbitbook would be so popular that anyone would run out to host an EC2 just to join it. But Urbit is supposed to be useful in and of itself. And if it does take off on its own merits, it seems very likely that a self-hosted social media clone would be one of the popular apps.
- viruses : Urbit is designed to be essentially impervious to malware. (Which is not the same as saying it is impervious - kind of depends on whether the people who architected it are as good as they think they are. I'm not qualified to weigh in on that.) In a worst-case scenario (say, your whole urbit got bitlocker'd), recovering would require you to a) get your hosting provider to restore from a backup, and b) notify your "galaxy" (your parent in the distributed network architecture) that you have lost continuity, and convince them that you are your urbit's rightful owner. That last bit would be nontrivial (because this is exactly how someone would go about stealing your identity) so it is assumed that the most galaxies would have stringent requirements, or if Urbit is as stable and unhackable as its supposed to be, not allow it at all.
I don't think the acerbic swipe at HN here was merited; as threads about programming environments go, this one seems pretty high-signal, with less flamage than any of the recent large threads about Go or Rust.
If your expectation about threads for Urbit is that they center on its real-world applications or potential, the project itself has done you no favors. It doesn't so much beg as howl madly for the kind of meta discussion that dominates this thread.
That's a fair point, I was complaining about past Urbit threads, which sometimes spend a lot more time on the founder's weird-but-irrelevant politics than on the technical merits of the project. I expect and welcome flaming about why it's built the way it's built! I would so love a big deep thread between the urbit devs and some really smart people who have deep misgivings about its architecture, because the outcome of that would help me decide whether it's worth investing time learning hoon.
You say his politics are irrelevant. I disagree: the only person in the world who probably has a complete picture of what this system is meant to be is Yarvin, and there are troubling indications that his political principles influence the design. See, for instance:
But that's neither here nor there, because this thread hasn't really centered on his odious politics, but rather on the dubiousness of its design and the steps the team has taken to conceal the basic details of the design behind a wall of obfuscation. We generally don't like distributed systems that go out of their way to make themselves harder to reason about.
I'd further add that a lot of basic support Urbit receives on places like HN seems premised on the idea that there's something intrinsically novel about it. But that's not so: overlay networks are a relatively well-trodden topic in CS, including overlays based on what we used to call "mobile code", including functional mobile code overlay networks.
I'd like to see more discussion of decentralized overlay networks, including compute overlays, on HN. I find it unfortunate that all those discussions for the past year or so have more or less been captured by this goofy system.
shrug As you like. If whoever wrote Jira revealed that the reason "stories" and "bugs" and "epics" all have the same default fields was because he thinks capitalism is better than socialism or what have you, I would entirely ignore it, and I don't think I'd be any poorer for it.
I would also wish for more projects in this vein. If something came down the pike with similar aims but minus the spooky political baggage and the eccentric syntax, believe me, I'd subscribe to their newsletter. But AFAIK there is nothing in the offing even remotely similar to urbit other than urbit.
That's because Jira is just a bug tracker. None of us need any assistance understanding the implications of a bug tracker, even one as sprawling as Jira.
> - bandwidth : ... More generally, if Urbit got even moderate adoption, the hosted-server companies would fall over themselves supporting it.
I am highly skeptical -- the Wordpress has pretty high adoption, and it is useful for "non-techy Mom", but there are very few companies which support wordpress integration, and if they do, it is at a much higher price (bluehost: $3/mo regular hosting, $20/mo wordpress hosting)
> - mail : ... full-fledged identities on the Urbit network cost a couple of bucks, and it is assumed that anyone who spammed from one would get blackholed before they recouped the investment.
This blackhole mechanism is very much like spam problem, so it has all the usual questions: Is it going to be managed by someone? Does identity get un-blackholed after some time with no spam? Can you pay $$$ to make this process faster? Can someone blackhole whole galaxy? What if your computer gets malware which spams other users on your behalf?
I am not asking for immediate answers to these questions, I just wanted to point that having "federated identity" will not fully solve spam problem.
> - viruses : Urbit is designed to be essentially impervious to malware. ... In a worst-case scenario (say, your whole urbit got bitlocker'd), recovering would require you to a) get your hosting provider to restore from a backup, ...
That's not the worst case scenario. The worst-case scenario is bitlocker reaches in your urbit (via whatever mechanism you use) and encrypts all the your data there, slowly over time (so your backup is corrupted, too) and starting with least-recently accessed files first, to minimize chance of early detection.
Looks like in this situation, your only hope is that your hosting provider kept your backups, and this is not guaranteed at all. So basically not much better than existing self-hosting systems.
Note: I have not actually checked, but I suspect that Urbit may keep all the previous versions of the files around. This will help against bitlockers, but:
(1) Is there a mechanism to permanently remove data, say because you accidentally uploaded 25GB blue-ray movie? If yes, this is what bitlocker will use.
(2) Are you sure that every user will have different urbit credentials and admin credentials to the hosting provider? Because if not, then bitlocker will ssh into your hosted machine and damage the files directly.
(3) There are other things other than bitlockers. Malware will use your account to send SPAM, use your webserver to sell illegal drugs, use your CPU to mine bitcoins, and generally make a botnet out of your urbit.
> Wordpress has pretty high adoption, but there are very few companies which support wordpress integration, and if they do, it is at a much higher price (bluehost: $3/mo regular hosting, $20/mo wordpress hosting)
What's stopping you from getting the $3/mo package and installing wordpress yourself? The pain of learning how to administer and secure and update it, right? Urbit is (or claims to be) painless enough that you would install it yourself and not need to do any maintenance afterward.
> This blackhole mechanism is very much like spam problem, so it has all the usual questions: Is it going to be managed by someone? Does identity get un-blackholed after some time with no spam? Can you pay $$$ to make this process faster? Can someone blackhole whole galaxy? What if your computer gets malware which spams other users on your behalf?
This is all up to apps and users to handle. If you did write an app that defaulted to "accept messages from anyone" then you'd need to include some sort of "report spam" feature in it I suppose, but I think it's assumed that most apps would just ignore unsolicited messages. You could also do more nuanced rules, like "Ignore messages from accounts that are less than a week old; if the account is older than that, you can show me one message, but ignore any subsequent ones unless I respond to the first one." Up to the developer of the app.
> Looks like in this situation, your only hope is that your hosting provider kept your backups, and this is not guaranteed at all. So basically not much better than existing self-hosting systems.
"Your hosting provider might not do a good job of managing backups" is a) well outside of urbit's purview, and b) something I thought was pretty much a non-issue these days.
> Are you sure that every user will have different urbit credentials and admin credentials to the hosting provider?
At the end of th day, urbit is just an executable. You log in to your shell, you run ./urbit, and you tell it what to do. Anyone who can log in to your shell can run your urbit and tell it to do something you don't like. So of course you need to keep your login and password safe, and the host OS needs to be secure, and so forth.
But, if the claims of the people who made it are true, it should be impossible for J. Random Cracker to send a message to an urbit over the network that makes it do something bad. Not "we think we found all the buffer overflows" impossible, I mean "mathematically proven to be impossible" impossible. That's why they rewrote the thing from the ground up in such a hokey way. Whether they succeeded in, or whether that claim is laughably deluded, is something I'm hoping someone much smarter than me will definitively determine someday...
> Urbit is the server-app-container thing that would make my non-techy Mom want to pay $5/mo for a hosted server instance.
> Want to see what Bill Smith is up to? finger bsmith. Want to argue about politics? talk.politics. God, how simple things were!
> Urbit is designed to be essentially impervious to malware.
... and we ended up with:
> but one presumes that if you host an urbit on EC2, you'd also be putting cloudflare in front of its webserver
> If you did write an app that defaulted to "accept messages from anyone" then you'd need to include some sort of "report spam" feature in it I suppose,
> "Your hosting provider might not do a good job of managing backups" is a) well outside of urbit's purview,
> So of course you need to keep your login and password safe, and the host OS needs to be secure, and so forth.
So what are then advantages of urbit over, say, wordpress install with some plugins? So far I have heard:
- Universal identity system for other urbit users
- Automatic application update
- Some subset of security bugs has been eliminated
- Simple application installation
Wordpress (with plugins):
- Has OAUTH and facebook/g+ auth plugins
- Has auto-update functionality
- Written in PHP, which entirely eliminated at least buffer overflow bugs and concurrency bugs from the user-written code.
- I can find EC2 images with wordpress already installed -- just create a machine based on them and you are all set! And wordpress provides somewhat easy interface to install new plugins!
And apparently neither Urbit nor wordpress take care of the hard stuff:
- How to set up backups and make sure they will not fail 6 month in (and no, most hosting providers will not do this automatically for you)
- How to prevent malware on your personal computer from destroying all your digital life
- How to prevent SPAM while still allowing messages from people you did not know before
- How to monitor the server and fix it (restart?) when it fails
- How to select the hosting plans to optimize cost for the resources you want to use
Now, you may say that urbit does [will do] much more that wordpress, but so far you have not mentioned anything like that. Your original comment mentioned: mail server, minecraft server, and apps that "let you upload a file to the cloud and they let your friends access it". Wordpress does the last one, and from I understand, urbit will not be that great for the first two ones.
So it does not make sysadmin's life much easier, nor does it give you some killer features you cannot find anywhere. What's the point then?
Dude, it's an os, a container, a thing you write and run apps in. You want it to select a hosting plan for you and help you if you forget the password to the box it runs on?
Look, if you're a hacker, and you've got some time to kill, just download it and run it and spend an evening with the "Getting started" doc and writing a little bit of hoon. You'll figure out what it is and what it might be a lot faster than by asking questions on a forum. And if you're not, ignore it, it is nowhere near being useful for end users yet.
- bandwidth : there's nothing in Urbit itself to address this, but one presumes that if you host an urbit on EC2, you'd also be putting cloudflare in front of its webserver. More generally, if Urbit got even moderate adoption, the hosted-server companies would fall over themselves supporting it, because it's a new customer base for them.
- mail : Agreed, I would never want to run a mail server, on urbit or anywhere else, due to how convoluted it is. However, Urbit uses a federated addressing system that would make spam unprofitable. Read their page on identities if you want details, but the short version is that full-fledged identities on the Urbit network cost a couple of bucks, and it is assumed that anyone who spammed from one would get blackholed before they recouped the investment.
- social : From a user's perspective, I think the big difference between Diaspora and the-yet-to-be-made-facebook-clone-on-urbit is that the latter is not the only thing you can put on an urbit. It's unlikely that Urbitbook would be so popular that anyone would run out to host an EC2 just to join it. But Urbit is supposed to be useful in and of itself. And if it does take off on its own merits, it seems very likely that a self-hosted social media clone would be one of the popular apps.
- viruses : Urbit is designed to be essentially impervious to malware. (Which is not the same as saying it is impervious - kind of depends on whether the people who architected it are as good as they think they are. I'm not qualified to weigh in on that.) In a worst-case scenario (say, your whole urbit got bitlocker'd), recovering would require you to a) get your hosting provider to restore from a backup, and b) notify your "galaxy" (your parent in the distributed network architecture) that you have lost continuity, and convince them that you are your urbit's rightful owner. That last bit would be nontrivial (because this is exactly how someone would go about stealing your identity) so it is assumed that the most galaxies would have stringent requirements, or if Urbit is as stable and unhackable as its supposed to be, not allow it at all.