I don't get this article. Other than defining a bunch of new words, what are they exactly saying the problem is, and what are they saying the solution is?
Just saying that <the solution isn't diaspora, it's swadeshi> is complete nonsense. And the problem seems to be <something big corporations do> but they never really say what.
I take it as being about who holds (and therefore owns) the data. It's not that the corporations are evil, it's that we're operating in a system where only the corporations get to accumulate the data in their hands.
> The internet has been stolen from you. Scooped out of your hands without much of a fuss. A small number of corporations are locked in a zero-sum game of land grabs.
The solution:
> The solution is to decentralize further, relying on a peer-to-peer model...In short, create an app, one that you run on your computer or phone, that writes social data (aka “posts”) into local databases and then replicates those databases to peers using a peer-to-peer protocol
Directly from the article, and it's surprisingly detailed in implementation suggestions - I'm forced to conclude your lack of understanding is willful.
You don't seem to have understood my comment at all. In what way is Diaspora, the (failed) 2010 solution to this "problem", at all different from what you say the solution is now? And other than "controlled by corporations", what problem are you even trying to solve?
This isn't a felt need. I don't feel inconvenienced by this. I don't feel the loss of something I once owned or had the benefit of.
> The solution is to decentralize further,
The solution solves a very abstract problem. I would go so far as to say it's a religious or spiritual need only that is solved by this. Decentralization will not improve my life or meet any felt need (I am not less hungry, less lonely, more clothed, more sheltered, or more socially connected as a result of this product). The only benefit I could have is if I had a religious belief in the moral need for this type of system, and that system satisfied that moral belief. I think that's a very small minority of users.
+1. And you read it because you're visiting hackernews (also central, private, for-profit). It's a systemic problem. That's why we need new tools that let us operate outside that system.
Agree, I could share (a subset of) my sources as could you.
We could even automate it so if my post reader notices several of my sources following another source it will ask me if I want to look at or follow that source, etc.
That's federated, which is a different kind of decentralized than the one implied in the article. Federated systems are less centralized, but still require regular clients to trust the system they are federated with.
All the tools to create personal websites existed more than 20 years ago. They haven't disappeared.
If anything they're probably cheaper, easier to find and to configure now, and also, more diverse, slicker, have more features, etc... And as pointed out by others, distributed social networks have existed for probably about ten years now.
And yes, the fact that the author chose to publish this pompous trite on medium is laughable.
The big shift to mobile, however, means that people can no longer use their computers to host a server. Napster would probably not achieve critical mass nowadays.
Regardless of my opinion about the article itself, your message reminded me of this great quote from Tom Morello of Rage Against The Machine:
"When you live in a capitalistic society, the currency of the dissemination of information goes through capitalistic channels. Would Noam Chomsky object to his works being sold at Barnes & Noble? No, because that's where people buy their books. We're not interested in preaching to just the converted. It's great to play abandoned squats run by anarchists, but it's also great to be able to reach people with a revolutionary message, people from Granada Hills to Stuttgart."
There exist alternatives to get the content out in a way they control. Yet, they sure as hell aren't using them. If they won't, why would they expect most users that care less to use even more complex stuff for social networks and such? Substantiates my main comment here quite nicely. Just from a source I didn't expect. ;)
It seems to me like the Merkle DAG decentralized infrastructure with by far the most momentum right now is IPFS. It would be great to have a usable social network developed on top of that.
This article seems to culminate in a call to action to support a github project consisting solely of a README.md. I think a call-to-action post that is much better than this one is the archive.org one: http://blog.archive.org/2015/02/11/locking-the-web-open-a-ca...
[CORRECTION/RETRACTION]: I misunderstood ipfs. You can totally edit your DAG in ipfs (which gives you "delete" ability). So Yes cypherpunks01 is completely right.
The explanation of how you do "deletes" in a DAG still stands.
[Original comment:]
ipfs doesn't have delete. It's basically a global immutable data store. Brilliantly well suited for a "permanent web" but not well suited for the kind of communication where people want to edit or delete the stuff they've put out in the past.
If you append to a merkle-dag then yes it's immutable, but you can always do the equivalent of a git rebase -- effectively removing a portion of the tree and then selectively re-applying the parts that you want to keep. That creates a new DAG, one that diverges from the DAG that was shared before. For example, if you accidentally commit a database password into your git repository and push it to github, you can go back, edit the git history to exclude that commit, and force-push the new tree to github. This completely removes the info from your git repository. Of course, if someone has already pulled that old code from github, they already have your password -- you can't change that!
I don't see a problem with the truth of the internet being reflected in ipfs.
Consider the internet to be write only, forget maybe (you are not in control of that). If you accidentally commit a password someplace the correct response is changing that password.
That works for passwords, but not for everything. What happens when someone goes "Oops, didn't mean to drop those nudes into my gallery of vacation photos"? Are they irrevocably published? Or can you unpublish them and hope that nobody noticed while they were up?
IPFS reflects the truth of the public internet (and public speech/media in general): With IPFS, and any other internet technology, you can choose to stop sharing data with others, but you can't force other people to stop sharing copies they already have (except through some means outside the protocol, such as DDoS or the law).
I think a design goal of IPFS is that if you publish your nude photos to your personal IPFS node, it wont be sent to another node unless they explicitly request it by content-address. So you can use it to share sensitive data, and you can always layer encryption on top. [1]
What the author wants does exist already: Retroshare is a secure p2p communication platform you can install on your computer. It even uses Bittorrent's DHT to speed up connecting to peers. You can also install it on your server and use its web interface (recently rebuilt with Mithril.js). Retroshare development started 10 years ago. PRs welcome: https://github.com/RetroShare/RetroShare
"Retroshare has enough layers of security that the even the nsa will have to work really hard if they want to get in there." (Benni from Germany)
"And it's written in a risky language using shoddy libraries on platforms NSA has 0-days and automated attack systems for. I'm sure that this combination will be "really hard" for NSA to penetrate. ;)" (Nick P.)
It's a nice idea and little project worth some development, though. I agree it's the closest thing, outside Freenet, to what the OP describes. It needs to be clean-slated in a safer, but low-level, language with the risky libraries substituted or improved. The protocols will need to be verified and implemented by high-assurance security community. Covert channel analysis. The works. Then, it will be good enough to stop many high-strength attackers enough to matter.
Of course, anything like that will be throttled and filtered by ISP's. Might be best to start disguising the traffic as HTTPS connections or something like my homebrew solutions did.
Good to know. What sysrems has that company built that resisted nation-state or top-tier effort to break the security? Probably nothing? Further, is this one time or will they review in parallel with each code submission?
These kind of questions should lead you to the conclusion they'll merely find and patch some flaws. Others will remain or be introduced.
We don't need to take the Internet back from the various platforms, we need serious and strict legislation about what they do with both what we share and what we are. There is nothing wrong with a Facebook inherently; the simple fact is we as users have been extremely complacent in what companies like Facebook are allowed to do. I think that's starting to get better as the population gets more savvy but at the same time we're still nowhere close to where we need to be.
I think it's a fundamental problem with how you approach the relationship with a service like that: They give you a Terms of Service, or what you're allowed to do to be able to use that service. I think we need to flip that around entirely and instead mandate that Facebook has to ask, explicitly, for everything. And more importantly there need to be serious consequences for when those rules are violated. Every relationship with a network of any kind starts at a position of they own everything, and then they tell you what you actually own and I think it's backwards. We should start from a position of we own everything, and this is what you're ALLOWED to take and use.
I think that's far more feasible to do than a distributed Facebook. Not saying it's impossible, just saying it's a shorter route and betters the relationship we have with the things and companies we do business with overall.
> The new rules include provisions on:
A right to be forgotten,
"clear and affirmative consent" to the processing of private data by the person concerned,
a right to transfer your data to another service provider,
the right to know when your data has been hacked,
ensuring that privacy policies are explained in clear and understandable language, and
stronger enforcement and fines up to 4% of firms' total worldwide annual turnover, as a deterrent to breaking the rules.
To piggyback on this, any strategy that requires competing with these established private web companies is doomed to fail. People will not choose a lesser service for moral reasons. Rather, as you indicate, the key to keeping things beneficial to the community at large will be through political power.
So we don't need another facebook. We need digital tools that organize meaningful political power in an effort to re-establish a government for and by the people.
It is kind of great to think that though the phone lines held all the bandwidth, we escaped those, right? Which means that escaping the most popular and dominating websites should be considerably easier..I like the federation idea.
But all you have to do to escape the most popular and dominating websites is not use them.
People act as if Facebook and a few other sites have literally become the web but they haven't. Extremely popular, yes, but it's not as if the web gets smaller when Facebook gets bigger. Even the linked article uses the term "land grab" as if there was a limited amount of "web" to go around.
For the immediate future at least, federation seems much more feasible than wholly decentralized systems. At least for websites / applications that are expected to gain any mainstream traction.
Building a federated Wikipedia, Reddit, Twitter, Amazon, App Store, etc. that does not have a single point of censorship / failure is perfectly doable.
Hell, any of those websites could start federation initiatives today if they so wished (Waiting any day now for a Big Name to experiment with a federated model).
However from my experience p2p services (IPFS / Freenet etc.) still require a combination of technical skill and political awareness (to go out of one's way to use a service that is much less convenient -- and to develop for a platform that will make you no money) that the average user does not have.
Not to say they have no place: the internet itself was a fringe, nerds-only technology at one point. But it only became a mass phenomenon once uses were found that brought 10x improvement on things the nontechnical user already needed (sending a letter, looking up information).
Decentralized technologies (today) offer no such improvement.
And let's face it, for the average Joe, p2p offers nothing: a p2p service can at best be of equal quality as a centralized service. There's no way around it: there's nothing simpler and more performant than talking directly to a central host.
With federation, the user needn't even know the difference.
While it's clear that p2p is going to face an uphill battle to demonstrate its value to the average Joe, I would also argue that federation doesn't address the underlying issues with user control of data.
Email is federated. Does it give us any more control over our data? No, because one company controls the largest email service and monitors not just that user's emails but also the ones I send to them.
XMPP is federated. One company managed to get a large enough market share, at the first opportunity they lock other federation servers out and change the protocol.
Federation for established websites is long a thing, CDNs are taking care of that for them. Central points of contact combined with P2P distribution like WebTorrent is the worst of both worlds: The centralized site still owns all your data, and in addition you're paying with your bandwidth and CPU resources to reduce their bill.
A fully client-centric model isn't anywhere near likely to make it big in the near future. However, client-first (with personal servers provided by friends & non-profits) is the only feasible approach for reclaiming ownership of our data.
For-profit companies don't have any incentives to let you store large amounts of encrypted data on their servers for free, at best they'll use it for cross-selling. At worst they'll push for a modified protocol version that relies on the central company server for crucial functionality, scheming the next lock-in.
If the past is any indication, the future looks bleak for idealists who (merely?) want a user-controlled alternative to those data-driven monopolist platform ecosystems.
The technology might be getting there, but the average user's priorities make it a super hard sell. In the face of the Google/Apple duopoly, open standards are more and more an optional gimmick - instead of standard data transfer protocols we get CarPlay and Dropbox, instead of wireless standards we get Chromecast and Apple Multipeer, instead of mini-computer smartphones we get constrained consumption devices with tracking built in as a core feature.
The value of client-first P2P is really not about censorship or failure. It's about control. By giving control over protocols and platforms to a handful of large service providers, we got more convenience in exchange for our opportunities to tinker and improve on the status quo. Instead of being able to change things as a society, now we have to rely on shareholder-controlled entities to decide what's good for us. It used to be just code and Windows vs. Linux, now it's data and Google vs. basic assumptions of privacy.
Agree wholeheartedly. I'm a linux/GPL proselytizer among my friends. I've customized my development environment beyond recognition; I love it. That's what technology is to me: the ability to transform the world around me using my imagination. It's a beautiful, empowering feeling that I wish everyone could feel.
Every day I am saddened by enormous drift between what I know is possible with today's already existing technology (we cary supercomputers in our pockets!) and what we are actually doing with it (supercomputers we use as neutered mass-media consumption and ad-delivery devices).
I also know a lot of non technical people. Even young people, smart professional people, politically aware people; just not technical. And to 99% of the public, control is even more of a non-issue than privacy / censorship / security. "This glowing rectangle is a black box, why should I care if company A locks it down with binary blobs or if company B releases it under some GP-I-dunno-what?"
Even technology companies choose slack over improving and extending open standards. Convenience is a bitch.
Sadly, the only selling point I see today for p2p is piracy. The only issue that will get people riled up is when they lose free access to their favorite TV show. Which only further stigmatizes the hacker mindset as a front for would-be criminals. Privacy is somewhat making its way to the general population, but the message is muddled and confusing to most.
I wish I had a solution. How do you sell the inherent beauty of open, hackable technology to non-geeks? Selling it on its social merit alone seems too abstract.
I have no idea if this project has legs, but I enjoyed reading about the concept of Swedeshi and being reminded that Ghandi successfully sought political independence by pursuing financial independence. I have my own hypotheses about the importance of independent stuff. My confidence in the viability of it sometimes falters. This was a nice read on a day when I have been wondering "Why bother?" about a lot of things.
Interesting idea, but just reads like a lot of hand wringing to me. And comparing centralization of the web to colonial rule is ridiculous and honestly pretty insensitive.
I like that it acknowledges that running a personal web server is out of reach (technologically and financially) for most people. But I'm not sure if its proposed decentralized network is any better, because creating web content and having a large number of people see it are not easy.
At the end of the day, most people using the web do not have a technical background and really just want to microblog to their friends using a simple interface. Facebook/Twitter/Instagram and hell, even Snapchat do that. I'm having trouble imagining a decentralized network that replicates that.
This project doesn't serve a felt user need. If you've ever worked in a startup attempting to do a consumer product you know exactly what I mean. It's extremely hard to get a user to even use a product that solves a problem for them, and much harder if they already have a product that they think solves the problem. If they don't feel the pain of the problem being solved, it's impossible. I don't think many users have a felt need for this product, whether or not the developers believe it solves an abstract moral or spiritual need.
Virtually everything the author wants exists in a technical sense, but it's not usable for the average person.
I've said this many times, pretty much whenever this topic comes up:
A thing that works is maybe 10-20% of the way to being done. The rest of the work is making it into a product non-experts can use.
UX is tedious, time consuming, and painful. It involves a lot of the kind of work most devs hate. As a result people generally have to be paid to do it.
Almost nobody does UX work for decentralized open systems because they are free. There is no economic model. You can't make a living.
Until this changes nobody is ever going to use this stuff.
IMHO this is The Problem and if you are working on decentralization without trying to solve it you are spinning your wheels.
I like the post, and the ambitious GitHub repo with a single README made me smile. We're re-discussing an existing idea to see if maybe something sticks or clicks. An idea might be the same, but circumstances change.
That said, I agree with a lot of the comments here. Like coding, let's see if we already have a library that does what we want before writing it (again). A good question is, what's the most pressing problem we face, and how does this solve it?
I don't have a problem using Twitter or Facebook to, let's say, organize a grassroots movement or lead a protest, but I ought to be concerned about the viability of these platforms for such activities when they're unpopular with the company or government behind it. How might we solve this? Maybe this project leads to some solution...?
This project - Swadeshi - it's an idealistic and foolish idea. Which is why I'm interested in seeing where it goes. I generally make pessimistic assumptions, and I'm assuming this project will go no where. But we still need audacious ideas. Even if the concept itself doesn't succeed, the project may create and disseminate related ideas and technologies that could be transformative - a successful failure.
What follows are a few blockers, or possible failure modes for Swadeshi. The biggest potential issues are not with the technology, but with the ecosystem it has to live in.
Network Size - Facebook, Twitter, et al. have the great advantage of having huge numbers of users. To use an alternative requires not only that I adopt the alternative, but that that I convince some significant part of my friends/family/society to use the same.
It's like Bitcoin - Bitcoin is not that difficult to use, and has a number of features missing from traditional currencies. But the great potential utility of Bitcoin comes from having nearly everyone use it. Currencies, like social networks, require large numbers of users to be widely useful.
One important exception is for users who can't or won't participate in "normal" currencies or networks. Which is why Bitcoin became the de-facto currency the Silk Road and other black markets. And why, initially, Swadeshi will most likely be used by those groups who can't openly participate the normal social networks - child pornographers, white nationalists, islamic fundamentalists, freedom fighters, revolutionary groups, etc.
The danger here is that "stink" or "danger" of these out-groups will be associated with the project in popular consciousness. The network may be de-centralized, but people still think hierarchically. Swadeshi could easily become "the kid-toucher's social network" much like "Bitcoin is the Sewer Rat of Currencies"
Capture - Swadeshi is de-centralized, so there's no single entity controlling the state of the network. But that doesn't rule out capture. Look again at Bitcoin. The idea was to create a virtual currency (which it did). But it was quickly captured by speculators to the point of crippling the network. Control and capture are two different things, and solving for one doesn't preclude the other.
Facebook can still win - Suppose the Swadeshi project gains millions of active users. That's real momentum for a Facebook replacement. But Facebook can still win by embracing and extending the technology behind Swadeshi. Facebook could be all-Swadeshi under the hood, but present the familiar FB interface, with their value-adds of Photos, Groups, Pages, etc. Moderation could be FB's major advantage. If Swadeshi is the wild-west of social networks, FB could bolt on their anti-spam and abuse reporting mechanisms to tame the unruly bits.
This article is idealism that's not grounded in anything close to reality. The real problem is the demand side of the equation ensures things like Facebook and Comcast are more likely to succeed to point they drown out everything else with network, legacy, and development pace effects. Anything they build must consider and conquer that problem in its design/implementation to succeed. A better, centralized offering that respects users rights down to the company's charter and license agreement is an easier start.
Funny they mentioned Diaspora. I predicted very accurately what would happen to them sometime around 2011 on Schneier's blog:
"Diaspora is a joke. The thing is being designed, analyzed and implemented primarily by amateurs. A truly safe social network must be designed by people with expertise in cryptography, protocol analysis, secure software design, and low-defect implementation. Throw some testing and UI people in there to boot. I like that there's people trying on this, but I wouldn't trust anything that project produces. The independent reviews we've gotten so far confirmed my suspicions.
As for secure/private social networking, I don't know if there's really a way to do it that would take off. Non-paid internet services depend mainly on ad revenue. An advantage of current social networking sites is that analysis allows targeted advertising & brings in lots of revenue. Take that away & you get very little revenue in comparison. This is a problem if you are running a secure web service with tons of cryptography in it, which takes MUCH more resources to achieve performance of something like FB."
People want these independent, private, secure spaces but are unwilling to pay for them. Most of their friends and family probably are both unwilling to pay and unwilling to use them. Plus, you have to recreate most of the usefulness of modern web platforms. You have to do all that... very expensively to develop and run I'll add... while making almost no money on almost no users. Good luck.
52 comments
[ 2.7 ms ] story [ 90.3 ms ] threadJust saying that <the solution isn't diaspora, it's swadeshi> is complete nonsense. And the problem seems to be <something big corporations do> but they never really say what.
> The internet has been stolen from you. Scooped out of your hands without much of a fuss. A small number of corporations are locked in a zero-sum game of land grabs.
The solution:
> The solution is to decentralize further, relying on a peer-to-peer model...In short, create an app, one that you run on your computer or phone, that writes social data (aka “posts”) into local databases and then replicates those databases to peers using a peer-to-peer protocol
Directly from the article, and it's surprisingly detailed in implementation suggestions - I'm forced to conclude your lack of understanding is willful.
This isn't a felt need. I don't feel inconvenienced by this. I don't feel the loss of something I once owned or had the benefit of.
> The solution is to decentralize further,
The solution solves a very abstract problem. I would go so far as to say it's a religious or spiritual need only that is solved by this. Decentralization will not improve my life or meet any felt need (I am not less hungry, less lonely, more clothed, more sheltered, or more socially connected as a result of this product). The only benefit I could have is if I had a religious belief in the moral need for this type of system, and that system satisfied that moral belief. I think that's a very small minority of users.
Also, HN isn't for-profit (although YC is). Like, yeah, it's not a non-profit, but it's not designed to make any money either.
Something like RSS: Pick up all posts tagged such and such from these users.
I've thought a bit about this and if we really wanted to we could get really far with just a few hundred lines of code as well as some html templates.
Problem is, most people like facebook and instagram :-/
The thing about HN is voting and comments, both of which require manual moderation to be effective.
We could even automate it so if my post reader notices several of my sources following another source it will ask me if I want to look at or follow that source, etc.
All the tools to create personal websites existed more than 20 years ago. They haven't disappeared.
If anything they're probably cheaper, easier to find and to configure now, and also, more diverse, slicker, have more features, etc... And as pointed out by others, distributed social networks have existed for probably about ten years now.
And yes, the fact that the author chose to publish this pompous trite on medium is laughable.
"When you live in a capitalistic society, the currency of the dissemination of information goes through capitalistic channels. Would Noam Chomsky object to his works being sold at Barnes & Noble? No, because that's where people buy their books. We're not interested in preaching to just the converted. It's great to play abandoned squats run by anarchists, but it's also great to be able to reach people with a revolutionary message, people from Granada Hills to Stuttgart."
Bring back WebRings!
This article seems to culminate in a call to action to support a github project consisting solely of a README.md. I think a call-to-action post that is much better than this one is the archive.org one: http://blog.archive.org/2015/02/11/locking-the-web-open-a-ca...
The explanation of how you do "deletes" in a DAG still stands.
[Original comment:] ipfs doesn't have delete. It's basically a global immutable data store. Brilliantly well suited for a "permanent web" but not well suited for the kind of communication where people want to edit or delete the stuff they've put out in the past.
Consider the internet to be write only, forget maybe (you are not in control of that). If you accidentally commit a password someplace the correct response is changing that password.
I think a design goal of IPFS is that if you publish your nude photos to your personal IPFS node, it wont be sent to another node unless they explicitly request it by content-address. So you can use it to share sensitive data, and you can always layer encryption on top. [1]
[1] https://github.com/ipfs/faq/issues/47
What the author wants does exist already: Retroshare is a secure p2p communication platform you can install on your computer. It even uses Bittorrent's DHT to speed up connecting to peers. You can also install it on your server and use its web interface (recently rebuilt with Mithril.js). Retroshare development started 10 years ago. PRs welcome: https://github.com/RetroShare/RetroShare
"Retroshare has enough layers of security that the even the nsa will have to work really hard if they want to get in there." (Benni from Germany)
"And it's written in a risky language using shoddy libraries on platforms NSA has 0-days and automated attack systems for. I'm sure that this combination will be "really hard" for NSA to penetrate. ;)" (Nick P.)
It's a nice idea and little project worth some development, though. I agree it's the closest thing, outside Freenet, to what the OP describes. It needs to be clean-slated in a safer, but low-level, language with the risky libraries substituted or improved. The protocols will need to be verified and implemented by high-assurance security community. Covert channel analysis. The works. Then, it will be good enough to stop many high-strength attackers enough to matter.
Of course, anything like that will be throttled and filtered by ISP's. Might be best to start disguising the traffic as HTTPS connections or something like my homebrew solutions did.
These kind of questions should lead you to the conclusion they'll merely find and patch some flaws. Others will remain or be introduced.
I think it's a fundamental problem with how you approach the relationship with a service like that: They give you a Terms of Service, or what you're allowed to do to be able to use that service. I think we need to flip that around entirely and instead mandate that Facebook has to ask, explicitly, for everything. And more importantly there need to be serious consequences for when those rules are violated. Every relationship with a network of any kind starts at a position of they own everything, and then they tell you what you actually own and I think it's backwards. We should start from a position of we own everything, and this is what you're ALLOWED to take and use.
I think that's far more feasible to do than a distributed Facebook. Not saying it's impossible, just saying it's a shorter route and betters the relationship we have with the things and companies we do business with overall.
> The new rules include provisions on: A right to be forgotten, "clear and affirmative consent" to the processing of private data by the person concerned, a right to transfer your data to another service provider, the right to know when your data has been hacked, ensuring that privacy policies are explained in clear and understandable language, and stronger enforcement and fines up to 4% of firms' total worldwide annual turnover, as a deterrent to breaking the rules.
We'll see how that turns out.
So we don't need another facebook. We need digital tools that organize meaningful political power in an effort to re-establish a government for and by the people.
It was never "stolen" because "you" never owned it in the first place. The internet infrastructure has always been a monopoly.
https://en.m.wikipedia.org/wiki/AT%26T_Corporation#Monopoly
People act as if Facebook and a few other sites have literally become the web but they haven't. Extremely popular, yes, but it's not as if the web gets smaller when Facebook gets bigger. Even the linked article uses the term "land grab" as if there was a limited amount of "web" to go around.
Building a federated Wikipedia, Reddit, Twitter, Amazon, App Store, etc. that does not have a single point of censorship / failure is perfectly doable.
Hell, any of those websites could start federation initiatives today if they so wished (Waiting any day now for a Big Name to experiment with a federated model).
However from my experience p2p services (IPFS / Freenet etc.) still require a combination of technical skill and political awareness (to go out of one's way to use a service that is much less convenient -- and to develop for a platform that will make you no money) that the average user does not have.
Not to say they have no place: the internet itself was a fringe, nerds-only technology at one point. But it only became a mass phenomenon once uses were found that brought 10x improvement on things the nontechnical user already needed (sending a letter, looking up information).
Decentralized technologies (today) offer no such improvement.
And let's face it, for the average Joe, p2p offers nothing: a p2p service can at best be of equal quality as a centralized service. There's no way around it: there's nothing simpler and more performant than talking directly to a central host.
With federation, the user needn't even know the difference.
Other than all of the inherent benefits of decentralization, of course.
Email is federated. Does it give us any more control over our data? No, because one company controls the largest email service and monitors not just that user's emails but also the ones I send to them.
XMPP is federated. One company managed to get a large enough market share, at the first opportunity they lock other federation servers out and change the protocol.
Federation for established websites is long a thing, CDNs are taking care of that for them. Central points of contact combined with P2P distribution like WebTorrent is the worst of both worlds: The centralized site still owns all your data, and in addition you're paying with your bandwidth and CPU resources to reduce their bill.
A fully client-centric model isn't anywhere near likely to make it big in the near future. However, client-first (with personal servers provided by friends & non-profits) is the only feasible approach for reclaiming ownership of our data.
For-profit companies don't have any incentives to let you store large amounts of encrypted data on their servers for free, at best they'll use it for cross-selling. At worst they'll push for a modified protocol version that relies on the central company server for crucial functionality, scheming the next lock-in.
If the past is any indication, the future looks bleak for idealists who (merely?) want a user-controlled alternative to those data-driven monopolist platform ecosystems.
The technology might be getting there, but the average user's priorities make it a super hard sell. In the face of the Google/Apple duopoly, open standards are more and more an optional gimmick - instead of standard data transfer protocols we get CarPlay and Dropbox, instead of wireless standards we get Chromecast and Apple Multipeer, instead of mini-computer smartphones we get constrained consumption devices with tracking built in as a core feature.
The value of client-first P2P is really not about censorship or failure. It's about control. By giving control over protocols and platforms to a handful of large service providers, we got more convenience in exchange for our opportunities to tinker and improve on the status quo. Instead of being able to change things as a society, now we have to rely on shareholder-controlled entities to decide what's good for us. It used to be just code and Windows vs. Linux, now it's data and Google vs. basic assumptions of privacy.
And the user doesn't even know the difference.
Every day I am saddened by enormous drift between what I know is possible with today's already existing technology (we cary supercomputers in our pockets!) and what we are actually doing with it (supercomputers we use as neutered mass-media consumption and ad-delivery devices).
I also know a lot of non technical people. Even young people, smart professional people, politically aware people; just not technical. And to 99% of the public, control is even more of a non-issue than privacy / censorship / security. "This glowing rectangle is a black box, why should I care if company A locks it down with binary blobs or if company B releases it under some GP-I-dunno-what?"
Even technology companies choose slack over improving and extending open standards. Convenience is a bitch.
Sadly, the only selling point I see today for p2p is piracy. The only issue that will get people riled up is when they lose free access to their favorite TV show. Which only further stigmatizes the hacker mindset as a front for would-be criminals. Privacy is somewhat making its way to the general population, but the message is muddled and confusing to most.
I wish I had a solution. How do you sell the inherent beauty of open, hackable technology to non-geeks? Selling it on its social merit alone seems too abstract.
I like that it acknowledges that running a personal web server is out of reach (technologically and financially) for most people. But I'm not sure if its proposed decentralized network is any better, because creating web content and having a large number of people see it are not easy.
At the end of the day, most people using the web do not have a technical background and really just want to microblog to their friends using a simple interface. Facebook/Twitter/Instagram and hell, even Snapchat do that. I'm having trouble imagining a decentralized network that replicates that.
I've said this many times, pretty much whenever this topic comes up:
A thing that works is maybe 10-20% of the way to being done. The rest of the work is making it into a product non-experts can use.
UX is tedious, time consuming, and painful. It involves a lot of the kind of work most devs hate. As a result people generally have to be paid to do it.
Almost nobody does UX work for decentralized open systems because they are free. There is no economic model. You can't make a living.
Until this changes nobody is ever going to use this stuff.
IMHO this is The Problem and if you are working on decentralization without trying to solve it you are spinning your wheels.
That said, I agree with a lot of the comments here. Like coding, let's see if we already have a library that does what we want before writing it (again). A good question is, what's the most pressing problem we face, and how does this solve it?
I don't have a problem using Twitter or Facebook to, let's say, organize a grassroots movement or lead a protest, but I ought to be concerned about the viability of these platforms for such activities when they're unpopular with the company or government behind it. How might we solve this? Maybe this project leads to some solution...?
What follows are a few blockers, or possible failure modes for Swadeshi. The biggest potential issues are not with the technology, but with the ecosystem it has to live in.
Network Size - Facebook, Twitter, et al. have the great advantage of having huge numbers of users. To use an alternative requires not only that I adopt the alternative, but that that I convince some significant part of my friends/family/society to use the same.
It's like Bitcoin - Bitcoin is not that difficult to use, and has a number of features missing from traditional currencies. But the great potential utility of Bitcoin comes from having nearly everyone use it. Currencies, like social networks, require large numbers of users to be widely useful.
One important exception is for users who can't or won't participate in "normal" currencies or networks. Which is why Bitcoin became the de-facto currency the Silk Road and other black markets. And why, initially, Swadeshi will most likely be used by those groups who can't openly participate the normal social networks - child pornographers, white nationalists, islamic fundamentalists, freedom fighters, revolutionary groups, etc.
The danger here is that "stink" or "danger" of these out-groups will be associated with the project in popular consciousness. The network may be de-centralized, but people still think hierarchically. Swadeshi could easily become "the kid-toucher's social network" much like "Bitcoin is the Sewer Rat of Currencies"
Capture - Swadeshi is de-centralized, so there's no single entity controlling the state of the network. But that doesn't rule out capture. Look again at Bitcoin. The idea was to create a virtual currency (which it did). But it was quickly captured by speculators to the point of crippling the network. Control and capture are two different things, and solving for one doesn't preclude the other.
Facebook can still win - Suppose the Swadeshi project gains millions of active users. That's real momentum for a Facebook replacement. But Facebook can still win by embracing and extending the technology behind Swadeshi. Facebook could be all-Swadeshi under the hood, but present the familiar FB interface, with their value-adds of Photos, Groups, Pages, etc. Moderation could be FB's major advantage. If Swadeshi is the wild-west of social networks, FB could bolt on their anti-spam and abuse reporting mechanisms to tame the unruly bits.
Funny they mentioned Diaspora. I predicted very accurately what would happen to them sometime around 2011 on Schneier's blog:
"Diaspora is a joke. The thing is being designed, analyzed and implemented primarily by amateurs. A truly safe social network must be designed by people with expertise in cryptography, protocol analysis, secure software design, and low-defect implementation. Throw some testing and UI people in there to boot. I like that there's people trying on this, but I wouldn't trust anything that project produces. The independent reviews we've gotten so far confirmed my suspicions.
As for secure/private social networking, I don't know if there's really a way to do it that would take off. Non-paid internet services depend mainly on ad revenue. An advantage of current social networking sites is that analysis allows targeted advertising & brings in lots of revenue. Take that away & you get very little revenue in comparison. This is a problem if you are running a secure web service with tons of cryptography in it, which takes MUCH more resources to achieve performance of something like FB."
People want these independent, private, secure spaces but are unwilling to pay for them. Most of their friends and family probably are both unwilling to pay and unwilling to use them. Plus, you have to recreate most of the usefulness of modern web platforms. You have to do all that... very expensively to develop and run I'll add... while making almost no money on almost no users. Good luck.