Ask HN: What are we doing about Facebook, Google, and the closed internet?

609 points by vkb ↗ HN
There have been many, many posts about how toxic advertising and Facebook are (I've written many myself[1][2][3]) for our internet ecosystem today.

What projects or companies are you working on to combat filter bubbles, walled gardens, emotional manipulation, and the like, and how can the HN community help you in your goals?

[1]http://veekaybee.github.io/facebook-is-collecting-this/ [2]http://veekaybee.github.io/content-is-dead/ [3] http://veekaybee.github.io/who-is-doing-this-to-my-internet/

443 comments

[ 2.6 ms ] story [ 255 ms ] thread
Walled Gardens - Do consumers really feel that it's a big enough problem? As for filter bubbles, a consumer need only visit another news site, right?

I hope I'm wrong about this.

Consumers don't care, they'll start caring when their last dollar is squeezed out of them and they start wondering why is their life so shit. At which point, it will be too late.
Is there another way?
The UK government is working on it's own Internet [1]. It's going to really take off and be the next big thing!! No encryption too, so it's nice and safe from all those terrorists. Can't wait!!

[1] http://www.independent.co.uk/life-style/gadgets-and-tech/new...

That's really cool! Does that mean that my bank records will be sent in plaintext over those series of tubes?
Brings to mind the series of tubes that powered the information system in 1984's Oceania, and how antiquated the mindset that envisioned that system, with its memory holes that could eradicate past information forever.

That said, even if today's distributed system prevents a gatekeeper from having sole veto on information, today's filter bubbles and chaos of viral disinformation campaigns can be such a barrier against truth that perhaps they can be considered, for all practical purposes, a type of modern day memory hole.

Jesus fucking Christ. Global leader in online fascism, more like. I wonder at which point citizens will stop and say "wait, what the hell?". Probably too late.
May has just lost the Tories their already weak parliamentary majority maybe even her position as PM. Although both Tory and Labour agenda is virtually the same when it comes to pushing anti privacy laws.
Well if that can end the confusion caused by all these fake news and trolling on social media, I'm all in. Plus last week's attacks really reminded me of how dangerous the world can be, hopefully the new internet will catch more terrorists than the pathetic current one does.
Should we add github to that list?
(comment deleted)
and netflix
I am curious why you are suggesting Netflix? The filter bubble created by the recommendation system? It seems like they are relying on original content more and more. Or maybe you mean because of the centralization of it? Is there a decentralized and legal alternative?
The meat of this is really anti-DRM and while I agree with that sentiment completely I am failing to see how this relates to the centralization trend or filter bubbles that are the topic of this discussion.
Are you aware of usable alternatives to Netflix? (I am not). This is the problem I guess...
Useable? What do you mean? Bit Torrent, iTunes, Amazon are all "useable." Netflix is hardly the only game in town.
It's interesting so many jobs now want you to provide a link to your github account as part of the application process. There's no option to specify "I run my own Gitlab server." I always feel that I am in the minority that I find this disheartening.
Building matrix.org as a decentralised & e2e encrypted comms alternative.

The filter bubble problem is particularly relevant for us because it's critical for an open network to let users filter out abusive content (whether that's spam, stuff they find offensive, or just a topic they don't care about)... but doing that in a way which doesn't result in creating a profiling db or creating bubbles and echo chambers. The problem is one of letting users curate their own filters (including blending in others' filters), whilst keeping the data as privacy protecting as possible. It's a fun problem, but on our medium-term radar.

What would it take for a new social network to take users off facebook in 2017?
Someone with the talent and drive to create a billion dollar closed social network that eclipses Facebook.
What about a for-profit open-source social network then? Reading through comments on threads here it seems the events pages make it difficult for people to switch somewhere else without having a large part of their social life cut off.
Start by making a list of cons. What do people not like about facebook? What's the problem with using facebook? That's where your answer lies.
Most people don't have any problem at all with Facebook. We're in a very small echo chamber here on this thread.
The real problem would be network effects. Nobody uses a new social network, because nobody they know uses it.

To get people off of Facebook, you'd have to find a way around that.

Yep. You need a niche. Like yik yak, but not.
Integrate with Facebook. Don't force people to choose one system or another. Then people will diffuse across the barrier.
use Facebook oAuth to log into a facebook clone? Will they let that happen?
A CEO that says "no" to an $X billion acquisition.
It would have to be something that makes facebook irrelevant. For example: a telepathic group mind meld - where you could interact with other people synchronously or asynchronously.
Would any solution be tangible for the type of user who is attracted to Favebook? That is, would there be any solution which a non-technical user would flock to? Would it meet their needs and abilities in a meaningful way?
I am a member of the W3C Social Web Working Group (https://www.w3.org/wiki/Socialwg), and have been organizing IndieWebCamp (https://indieweb.org/) conferences in this space for the last 7 years. We've been making a lot of progress:

* https://www.w3.org/TR/webmention/ - cross-site commenting

* https://www.w3.org/TR/micropub/ - API for apps to create posts on various servers

* https://www.w3.org/TR/websub/ - realtime subscriptions to feeds

* More: https://indieweb.org/specs

We focus on making sure there are a plurality of implementations and approaches rather than trying to build a single software solution to solve everything.

Try commenting on my copy of this post on my website by sending me a webmention! https://aaronparecki.com/2017/06/08/9/indieweb

This looks like an interesting list. I'm giving myself homework: Read the above. Now, Attempting a Webmention right now.
I had no idea these standards were in any phase of existence and I'm really excited about them.
Existing is one thing. Adoption is something else entirely.
More important I think is this misunderstanding that this is a technical problem to solve.
The technology is insufficient but necessary. Users want features. Open standards that allow implementation of those features are a (small) but necessary part of the solution.
> Users want features.

They want more than just features, they want to get them for "free."

We've had equivalent standards in the late 90's and early 2000's (RSS, ATOM, XML-RPC pingbacks, etc.), had open/free code for that (MovableType and WordPress) and yet personal blogging mostly died because it was easier to just post on Facebook and there was a bigger audience there.

Facebook from that perspective is "free," as in no software to install, no updates to do and no servers to pay for. Running your own install of some blogging software entails paying for it, having a lower audience and having to handle software updates (and database upgrades, plugin upgrades, templates, etc.).

These services could all still be provided for "free" and still follow open standards. Just like email is an open standard yet we all still use "free" Gmail.

The success of Facebook is that they offered these services in a very user friendly manner and for "free". The tragedy of Facebook is that their implementations are a proprietary walled garden, and now pretty much a monopoly.

Gmail, and other big email providers, are exactly what we don't want these open/free social media protocols to become. Gmail reads your emails regurgitates them as AdSense.

Personally, I think we need to be encouraging people to pay small fees for services. A dollar a month to use Twitter? Sure! $20 a year to use Gmail minus the data mining? No problem.

There are certainly adopters, some (who even leverage plugins such as via wordpress) may not even know that they're adopters. If you're interested, i encourage you to follow along in the discussion (through various means - e.g. irc, matrix, etc.): https://indieweb.org/discuss
Who is implementing these? I saw there was an Apache project as a reference implementation a while ago but it was now abandoned. Is there a new reference implementation or are there plans for creating one?
looks awesome.

Is there way I can be notified about different such projects being done at W3C?

Hi Aaron. I didn't know you were part of that committee. Cool!
I believe it's more effective to focus on a "small business" approach to decentralizing the web, where we focus on smaller companies providing services, rather than a "tin foil" approach where we encrypt and decentralize everything into tiny islands. I work for a video player company and while we aren't a platform like Youtube, we indirectly compete with them for ad dollars (along with Facebook). Something like 90% of ad dollars go towards them already. Most publishers do not like them. I think it's a lot easier to decentralize the internet by having the websites that 99% of users visit powered by smaller internet businesses rather than AmaGooFaceSoft.
Convenience has usually won over these goals. That's why Google/Facebook/Microsoft/etc have no problem attracting users.
I agree. I moved to FastMail for stronger privacy behavior and good quality service. But it's not the level of like... ProtonMail. But I'm patronizing a great company with great customer service that treats me like an adult.

Note that while I'm happy to deal with smaller businesses, and happy to spend money on them, I am still pretty wary of advertising-based businesses. It is a slippery slope of doom, and I think it's ideal to try and stay off of it.

I don't mind ads, it's the tracking that I don't like.
>"But it's not the level of like... ProtonMail"

Can you elaborate on this? Are there some privacy issues with Fast Mail that don't exist with ProtonMail?

FastMail chooses not to mine your data (even for spam filtering, they only optionally collect emails you permanently delete from the spam folder). They're a paid service, with no advertising. And they have a very strong privacy policy.

ProtonMail encrypts your email storage in an end-to-end manner for client access and storage. (Obviously, unencrypted mail sent to or from other servers could be intercepted.) But their goal is essentially to be mathematically unable to view your email. Of course there are tradeoffs, things like IMAP don't work (without some sort of relay), for example.

Essentially, FastMail makes a point to not violate your privacy, ProtonMail tries to make it so it can't violate your privacy. I lean towards FastMail because it's 'good enough' on privacy, and has a lot of powerful features, but if you're looking to run afoul of state intelligence agencies, you might wanna lean for the latter.

>"ProtonMail encrypts your email storage in an end-to-end manner for client access and storage."

Is this just TLS + block level encryption like LUKS? If so I would be surprised if FastMail wasn't offering the same. But maybe Proton is offering something else at the client level? It was my impression that the big differentiator was Proton Mail's infrastructure was all co-located in Switzerland.

From my understanding, there is no way for ProtonMail's operators to decrypt your mail storage, it requires your own private key. Whereas FastMail is not much different from Gmail in terms of "company's access", except it's privacy policy prohibits it from using it for anything but customer service on request.
I see, thank for the clarification.
Be interested in what HN thinks of Maidsafe, Storj etc. Basically decentralised versions of the internet or the cloud based around blockchain technology.

Storj for example is an order of magnitude cheaper than AWS, uses peoples spare hard drive space, encrypts everything and back it up using peer to peer tech.

I am currently pretty comfortable as an Android dev, but I am wondering if I should start learning everything I can about blockchain tech in order to help on projects such as these?

I came here to see if anyone would mention blockchain technology (which I personally believe is an important part of the solution). Yes, there are the DApps you've already mentioned, but I think the following might be as important in addressing the concern raised:

uPort: Self-Sovereign Identity (https://www.uport.me/)

Userfeeds - Content Ranking System (userfeeds.io/)

Status - Messaging Platform (https://status.im/)

Brave - Browser (https://brave.com/)

Thanks for the info. I was not familiar with Userfeeds, it looks interesting.

Work is currently offering to pay for any online/university courses I want to take in Machine Learning, which is interesting and probably profitable, but not really a huge interest for me.

Making the internet ( and the world ), more decentralised is basically my personal religion however, so trying to decide what I should do, and more info is always good, so thanks for the links!

Has Brave gotten any traction among users?
Personally I quite like the iOS app. The browser seemed slow on my arch Linux laptop.
I for one am strongly against anything involving blockchains, because I do not want to support the development of a world where each app has a multi-Gb blockchain to deal with.
I think the solution is pretty simple. Keep building things. Make person websites and build communities. Don't host everything on major hosting providers like Google or Amazon. Don't rely on Facebook or Google for login or integrations. They only have so much power because we let them. It's more often than not the easier solution. Use tools like GPG, IRC, Email and encourage your friends and family to do the same.

The internet hasn't changed, we have, and the only way to take the internet back is if we change ourselves back.

I have a love hate relationship with oAuth, and I completely agree with you statement.
How many people do you know, that are able to properly use GPG (i.e. understand the pitfalls of misconfiguration, subkeys, key verification,...)? TBH, I believe the GPG ship has sailed a long time ago, even within the IT community.

Using Email does help in what way? Most people do use Mail , Gmail that is. Do you mean Email as a protocol in opposition to Whatsapp, FB Messenger?

How does not hosting on the major hosting providers solve the problems of walled gardens and filter bubbles and the closed internet? That's just ephemeral infrastructure.

Login integrations can make a lot of sense. I don't really see how not deploying integrations will protect us from walled gardens.

>"Don't rely on Facebook or Google for login or integrations."

I think this is a really important point. When I see services that give me a choice of either 1)logging in with Google or 2) logging in with FB, I don't do either. I simply elect to not use that service.

For me and my students -- we always use a google login. With 35 students all using 4 or 5 online services each with a login....

There is no way we can keep control of all those separate login details. There needs to be a central control over login.

Sure, login details are pretty old skool bonkers.

I'm going to get downvoted to oblivion, but in the real world where I have to hand a class of 35 students over to another teacher and they need to have confidence that all 35 can log in and complete the lesson.

Repeat this across all classes and all years. That's a lot of users.

Why not use another single sign on service? Why do you have to use Google? Google is the largest advertiser in the world, and is more and more encroaching on the free and open web.
> Why not use another single sign on service?

Look. I'm not an idiot. I write open source. I love free and open web.

Google login works. We use use Gmail - it works. We use google classroom - it just works. Most websites offer Google Login - it just works.

When you have 30 students and you waste 2 minutes logging into a website -- that is 2 x 30 == 60 minutes of student learning lost. Little things like that add up.

Perhaps you should consider being less defensive. I believe (could be wrong) OP asked a genuine question and was interested to hear a response. S/he didn't call you an idiot or question your love for the free web.

I think your last paragraph would be sufficient to explain your reasons along with a single, "it just works."

Their response was perfectly reasonable and interesting.
It's not 60 minutes of learning, it's 2 minutes of learning. 2 minutes went by. You're not running a factory so you don't need to use factory-style productivity metrics. Anyway what's the hurry? What could be so crucial that not a minute can be spared? Maybe this is why school is uninspiring? The feeling of being on a breakneck treadmill, never having time for anything? Education shouldn't be about quantity, it's about quality. But I know what you're up against.
Come now. On one hand, tech ensures that things get faster, and we ask why a second could be important?

In yesteryears, no one could compute the things our phones do today in seconds.

But the demand for time has gone up, not down. Now idle time is a target to "get stuff done".

Even on HN, people have complained about how being idle during idle moments is a luxury, since everyone is on a treadmill to see how hard they can perform even in leisure.

The point being that when things just work, other long term issues being invisible, people will go for the cheaper option.

The same way people have burnt fossil fuels because the costs are sent off to the future, they will choose convenience over security.

Having worked IT at a college, I can tell you that it's very important to get every minute out of your class. When your class is only 60 minutes, and you spend the first 2-10 minutes getting logged in every single time, that's a huge chunk of wasted time. People are paying one way or another to be there, sitting there staring at a spinning cursor doesn't make anybody happy.
School is a funny old place. I'm struggling to be honest because I'm a hacker at heart and think like you.

But being observed by senior management, they would see students not learning. You could expect extremely close scrutiny for the next few lessons. To be put on special measures. Not quite a sack-able offence, but ....

Either everyone is crazy or I am -- does a site that's used by less than 100 users really need to outsource their auth?

If you're part of a school don't you have student accounts in some central place like LDAP/AD/IdM?

Yes, because outsourcing auth is less about scale and more about security and convenience.

LDAP/AD/IdM doesn't necessarily work with third party services.

Well, for one, they're much better at it than most of us. For two, on mobile, people hate typing in logins. So at least offering an integrated one can provide a huge uptick in usability.
Google login is great. The problem is just when a site only provides a Google login or Facebook login, and not a site-specific login.

Which does seem to be a passing fad. "Log in with your Facebook account or go away" was a thing a couple years ago, but now most sites do offer an independent login method.

What's wrong with hosting on Google/Amazon? I understand that there is a paranoia of them taking control of your servers or stealing all of your data, but that is almost certainly not going to happen. I think the real issue is that they're monopolizing services that non developers use.
It's less about them taking control and stealing data and more about spreading out. If we keep only choosing Google/Amazon then one day there will be no more competitors. There are also plenty of good competitors for smaller/personal projects.
True, but there arent many places that I can host my side projects for free with zero server maintenance like I can on App Engine. Its a trade off.
If they're the easier solution, then we need to make not using them even easier. You're never going to win by saying, "Yes, using their stuff is easier, but it's bad! Use this complex thing instead!" The only way to encourage others to use the other things is to make them easier.
In some sense open and federated information networks go against the grain. Popularity of Facebook is a pretty strong indicator that all the things techies worry about are irrelevant to the general public.

Most walled gardens are built for convenience of consumption whereas most federated networks seem to assume a more active and informed participant. The kinds of features you'd build for one group are at odds with what you'd build for the other one.

Then again Brave seems to be tackling the problem from the right angle. I hope their model takes off and people start incorporating similar ideas into other open networks that respects the network participants instead of just treating them as passive consumers.

Here's a thought I've been turning over for a little while now.

It occurs to me that all extant social media apps have, at a high level, exactly the same requirements:

1. Allow users to upload some data to cloud storage 2. Make that data discoverable to certain other users 3. Show everyone ads

Whether FB, Twitter, etc were to be dislodged by another app that is essentially the same app is not terribly interesting. So let's look at which of these reqs are amenable to change:

a. "ads" - No one actually wants them, so get rid of them b. "Cloud storage" - Lots of people would rather own their data, so switch this to "the user's own server."

That sounds pretty compelling. I don't hate FB, but I'd sure rather switch to something that allows me to own my own data, and share pics of the kids with Nana without having to run them through Facegoog's billion-dollar snooping engine. However, there are two big hurdles:

i. Most people don't have a server on which to host it ii. Most people won't pay for it, so someone would have to write it and make it really easy to use, for free

...and by a lucky cooincidence, both of those objections have the same answer: Amazon. Most people don't have a server? Amazon will rent you one. Who would develop a self-hosted FB clone for free? Amazon, to get people to rent servers.

Just a thought...

You're kidding yourself if you think people actually want to run their own server for the purposes of social networking.
You're implicitly assuming that Amazon does a bad job of implementing the front end. If the goal is to get even a tenth of FB users to be paying EC2 customers, they can probably spare a couple of UX developers to give it a easy-as-a-ios-app interface.
It could be pre-made and run on AWS automatically be default. More advanced users could tinker with it if they want. You would pay money for the costs of running it, plus an extra something.
> You would pay money for the costs of running it

Nobody except hardcore tech nerds would want to do this.

I do wonder though if you could create a compelling product that would keep the customer from ever knowing they "own" a server. I've thought about a service where I effectively would run one big "load balancer" front end that would route a customer's traffic entirely to prefab cloud servers that I would spin up & configure via tools like Terraform and Ansible on the back end. I wanted to load those mainly with privacy tools--things like Pi-Hole, encrypted DNS, etc. I don't see why I couldn't say "hey in addition to this you get an app portal" that is effectively providing a standardized social media app. So for a regular price you get privacy, ad blocking, and a social media / cloud storage app that doesn't spy on you. It seems doable.
There is a chicken-and-egg thing too - it's not normal for Joe Internetuser to have a $5/mo cloud server in addition to his Netflix/Hulu/etc because there is no easy-to-use-for-regular-people software to run on one, and no one builds such software because such users don't have $5/mo cloud servers to run it on. This is sort of the fatal flaw of app portals like Sandstorm, but it doesn't need to be that way forever.
Well, you can use a managed version, both Sandstorm and Cloudron can be subscribed to as online services. I also think there's a lot of opportunity for families and small groups. Most people I am close with would not run their own server, but perhaps would use mine if I offered it.
If users do not see a visible distinction between your app portal and Facebook, why would they pay you instead of using FB for free? Is it enough to claim privacy in order to make a sale? I really doubt it.
You could be right, but it isn't that far-fetched. Consider:

* A lot of users would be in the pennies-per-month level, charged by standard Amazon usage prices

* Owning your own data is a big deal - it's not uncommon for people to pay for backups, which would essentially be an included service

* It's not unreasonable to imagine a company of Amazon's size and competence doing a very good job of this, and including novel features that FB/IG/etc can't match

* It could also be a loss-leader to get people to own servers for other purposes, e.g. hosting a vanity domain

You might want to read about urbit [https://www.urbit.org/]. I think it might be similar to your thinking.
I'm familiar with Urbit, and intrigued by it, and a big company deciding to try a project inside it is inarguably the best thing that could happen to Urbit; but I'm not very bullish on that happening, for a variety of reasons.
I think that's an excellent way to view that project. Maybe something down the line can use some of Urbit's ideas.
Urbit is designed in theory so that proportionate incentives exist at each stage of adoption. Initially it will be curios only, like the interwebs in 1995. If it gains value then applications will be built on it.

Even if urbit fails, the theory is sound. It turns out economics is really effective. And advocacy (99% of the other solutions proposed in this thread) is as limp as it was in 2000.

Highly recommend cloudron.io. They are trying work a SaaS style deployment angle for people running their own server.
"It occurs to me that all extant social media apps have, at a high level, exactly the same requirements: 1. Allow users to upload some data to cloud storage 2. Make that data discoverable to certain other users 3. Show everyone ads"

Identification should be on that list. Allow me to uniquely identify myself, and prevent others from attempting to impersonate me.

"a. "ads" - No one actually wants them, so get rid of them"

Nobody wants them, but you need to keep the lights on somehow, and people are even less inclined to pay for things.

"i. Most people don't have a server on which to host it ii. Most people won't pay for it, so someone would have to write it and make it really easy to use, for free ...and by a lucky cooincidence, both of those objections have the same answer: Amazon. Most people don't have a server? Amazon will rent you one. Who would develop a self-hosted FB clone for free? Amazon, to get people to rent servers."

So now you're trading Google for Amazon? That's no better. And you just said that people don't want to pay for things, but now you want people to pay Amazon for servers?"

Keep a personal website (avoid Medium, et. al.)

The internet is only closed if we keep acting like it is. The protocol is the same. Go build stuff.

http://ryanglover.net

Nowadays, it's difficult to be read and to be visible to a large audience and gain followers without a platform like Medium. You can read unknown author and discover new topics. Unfortunately you still inside the Medium bubble showing you a lot more famous article than other.

You are more likely to spread your ideas about open internet in a public place like Medium than the faraway countryside like your website.

Would it help if more people would have a personal website?

Or would that just put the power into the hands of whoever runs the DNS system

It would definitely help. Use things like RSS feed features so that people can subscribe to updates from your personal site/blog.

DNS is (relatively/-ish) decentralized, and isn't AFAIK, heavily used for data collection. And you can't exactly show ads via DNS.

People do have their own personal websites. Brought to you by SquareSpace.
I strongly believe it would be good. A few friends already run their DNS, so DNS censorship is limited too. Not even mentioning .onion routing.
My biggest gripe with the "modern internet" is e-mail. MS and Google dominate the e-mail scene, and they are making it ever more unpleasant to run your own mailserver. They will frequently blackhole mails, without bounces, warnings or any recourse.

I'm not sure what can be done about that, but it's certainly becoming an up hill battle.

I try and get everyone I know to use (and pay for) Fastmail. It has a great interface. Great calendar. Awesome spam filter. Etc... It costs $30/year to send messages around the globe. That seems like a steal to me.

Ultimately, email clients are services that have maintenance and development costs - if you're not paying for it, someone is selling your information to fund the service.

He was talking about servers, not just clients, and not just free. I've been running my own email server for a couple of decades, and it's getting harder and harder over time.
Thanks for sharing your thoughts on Fastmail. I am curious if you or anyone else might be able to share any tips or resources for successfully migrating from something like Gmail to Fastmail.

How do you get everyone to update their contacts?

Also it seems like even if you forward form Gmail to your Fastmail account Google still knows your business.

I'm not trying to make a case for not doing it but rather would be interested in hearig what has worked for others.

It took a lot of time, honestly. But I really wanted to extract myself from Google and cleanup my email, so I did everything manually, sending emails to friends and family from the new account, getting rid of any old emails I absolutely did not need, and forwarding any archival stuff I could not let go of to Fastmail and/or exporting emails and docs to my PC.

That said, Fastmail does have an import function, but I did not use it when I migrated: https://www.fastmail.com/help/receive/migratemail.html

edit: word choice

$30/year isn't a big deal for people who actively use email (especially if you work in tech industry were salaries are higher), but I can tell you for a fact that non of my close relatives (and I doubt many of my friends) would be willing to spend the money for seemingly no benefit.

They mostly use email for promotion/ad emails and registering for services/games/whatever.

I've thought about switching, but last time I tried I couldn't get my own domain working on the first try, so I just gave up. I think even I would just like to have my own domain in the email and wouldn't gain any other benefits.

What's the advantage of fastmail compared to, for instance, the free iirc 5 mail addresses that gandi offers you when registering a domain name: https://www.gandi.net/domain ?
I have not explored what Gandi offers, but I can tell you Fastmail has a very user-friendly & intuitive interface for email, calendar, contact management, etc... a la Gmail many years ago. If not better. The $30/year includes all these services. And, I would think, since email is Fastmails bread and butter, it gets all the attention, as opposed to being an add-on/additional item that may not be top priority for a company.

And, to be clear, I have no stake in Fastmail, nor do I work for them, I am just enamored with their product. I wish I would have made the switch years ago.

Calendar and address book (with CalDAV and CardDAV) is another thing.
Look, if you're using email to have actual conversations with other human beings then tech giants are certainly not dominating the email scene (except for Exchange).

Running your own email server takes quite a bit of maintenance but as long as you're not using it for marketing you'll be fine.

> as long as you're not using it for marketing you'll be fine.

Really? That hasn't been my experience the last couple of years. I wasn't joking when I said that Google and MS routinely blackhole mails from my users to their users. These are legitimate mails. Sent by real people, to real people. Often people they've been conversing with for years.

You can play by the rules, set up SPF, DKIM, periodically check blacklist statuses and be perfectly fine, and suddenly mail still disappears. No bounces, and no ability to contact an MS or Google postmaster to shout at. This certainly isn't due to incompetence on their part, so I can only assume it's a strategy to frustrate mail server operators to simply give up and use their little walled e-mail garden.

I'm working on a project to separate data from presentation. Too much data is overly wrapped with presentation (e.g. HTML) so we are forced into using a certain display method (popular commercial web browser).

A related problem is that human readable data is often unnecessarily encoded into binary machine data. If we weren't wasting so much space on presentation, we could have just served the human-readable data.

In this future I think it will be considered ridiculous that you had to load an entire webpage full of unrelated images and icons just to read an article or weather report.

This concept will be huge for AR. In AR extra unnecessary information and uncontrollable presentation is beyond annoying, it actually makes users angry and uncomfortable.

Look out for Optik.io .

> Too much data is overly wrapped with presentation (HTML)

The design of HTML5 and associated web tech separates semantics (HTML) from presentation (notionally CSS, but this bleeds over into JS) and behavior (JS).

HTML does a fine job with semantics but the reality is that most of it is used for presentation. HTML says what text is but not what it means, so reading a plain unrendered HTML document is a rough experience that doesn't add much usefulness for humans.

The vast majority of internet data can be relayed through something as simple and readable as markdown and/or YAML, and still convey enough useful semantics.

(comment deleted)
I'm working on something similar. Can you email me at toomim@gmail.com, and/or check out https://stateb.us?
I'm a resident in a "neighborhood activist collective" and I made a self-hosted web site for the house. Now it's expanding into a web app that's a tool for the organization (planning, etc). It's also being set up for similar houses in the same city, and we plan to make it into a kind of federated small-scale "social network" built around our own principles and premises.

Another aspect of the project comes from a "house terminal" that I set up here, basically an offline Raspberry Pi running GNU/Linux and a custom chat/guestbook program that runs as a "kiosk". This terminal will morph into a kind of in-house only access to the federated network with real time communications etc.

Sounds interesting! Any links you can provide to the project?
Are there opportunities to cross-pollinate your efforts with GNU social? Sort of best-of-both-federated-worlds? See https://gnu.io/social/
> What projects or companies are you working on to combat filter bubbles, walled gardens, emotional manipulation,

I walled it myself by making a small social network for close friends.

Sure, it's probably a big bubble but at least I don't emotionally manipulate my friends by showing them ads or changing the order of their posts.

Seems like the first thing we need is organization. Even if the effort is spent on diversified efforts, having an organization of like-minded people agreeing on overall objectives and prioritizing would probably be the starting point. Is that organization SocialWG? Something else? I have no idea, but I would be open to participate.
Whichever team invents the best co-governing system will win, no? So the organization that arises naturally from ActivityPub, Mastodon, ActivityPub, etc. will provide the activation energy. The question is: can ANY of these solutions compete against private, financial incentives?
Make your website of record your website. Make social media platforms and others (e.g. Google) secondary to that. Don't let Google and Facebook control how you build your website. I am amazed at companies that take their websites and subjugate them to their Facebook page. You may gain social attention but you are handing over control. Never, ever, ever say to contact me go to facebook.com/xxxx or my email address is xxx@gmail.com. Your site is yoursite.com and your email is youremail.com. Your login to the sites you build are email addresses, not tied to social media providers. The closed internet providers are enhancements to your sites. They do not take the place of your site. If you follow this philosophy, you are supporting the open internet. Own your .com. Don't let others own you by taking that from you.
Looks like there's a typo in your first sentence. I could sort of figure out what you meant, but it took a bit of digging.

EDIT: Never mind, I was straight-up wrong. Sorry!

You mean the following sentence?

> Make your website of record your website.

I don't see a typo (and your comment is 3 minutes more recent than his, so I don't think he made any corrections). Maybe "record" is throwing you off?

What he means is that "Your official or authoritative website (i.e., website of record, like owner of record) should belong to and be controlled by you."

Edit: If you're saying that the sentence could be hard to parse, yes I agree.

(comment deleted)
Ah, much better way of phrasing it. Thanks
* website-of-record should be your own.
That's good. I'd probably have used quotes to indicate I'm using a phrase that's made up or not very common. Your "website of record" should be your own. So-called. If you will.
>Don't let others own you by taking that from you.

Others doesn't include whoever provides your MX records.

I don't generate my own power either, the line has to be drawn somewhere.
"Please stop posting our website on HackerNews. It's a cloudy day, and poor Kevin can only pedal his exercise bike so fast."
You're dependant on exercise bike manufacturers. We have to go deeper
If whoever provides your MX records decides they no longer want to serve you it is no problem to change that with your DNS provider. If Facebook decides to close your business page you have no alternative to maintain those connections with customers or for advertising.
Ok, but what about the other 99% of the population who are too busy to completely learn ops and opsec? My mom isn't going to leave facebook to make her own website and host her own email, even if you give her all the tutorials in the world.
Website in a box (docker), put it wherever. This might be a good idea.
I like the idea, but the goal would be to make configuration, deployment, maintenance, and good security as easy as possible. So easy that you don't have to touch a command line. Mind expanding on the idea a bit?
I think It is time to reinstate geocities.
You might be interested in its spiritual successor neocities, then

https://neocities.org/

And the founder of Neocities thinks it's time to instate a distributed web https://blog.neocities.org/blog/2015/09/08/its-time-for-the-...
ok how will neocities or anybody hosting a node be compensated? How will the artists whose works are being distributed in this manner be compensated?
How sites would make money? I'm not really thinking about that too much right now, but I suppose sites could do all the usual things they do with the current web (advertising, accepting payments via credit card gateways, Bitcoin, Patreon, etc). It doesn't have to be an all-or-nothing proposition and it certainly isn't to me. Some functionality will still require a centralized service​, just not the entire thing.
With some sort of "proof of upstream" cryptocurrency that trickles a percentage back to the content's origin node along with other nodes in between. Users would earn credits by leaving their devices connected and forwarding data, paying most of it back into the network when downloading data.

The original uploaders of very popular content would accumulate a surplus of credits, which they then sell to to mega-crawlers. Content creators would do well to be the original uploaders of their own content on such a network.

The credits would also be incentive to buy devices and leave them running in poor-coverage areas. E.g. the owners of billboards could mount repeaters along rural highways.

Why would my mother do that instead of just using Facebook which is already there and already had all of her friends and family on it?
Because maybe Facebook nukes her account, for whatever reason.
I am an advocate of having your own domain and having control. But most people don't care as much as the hacker news crowd does. "Phone broke, here is my new number..." really? For business it's critical to maintain any form of communication you have ever offered. But for personal, a lot of people don't care if they change their [email] and inconvenience their friends and family.

The internet is not crucial to everyones daily life. And honestly, it probably shouldn't be as crucial to ours.

When has this actually happened? And by this I mean that out of nowhere Facebook suddenly has deleted someone's page and then not restored it?

I get what you are suggesting, but I can't help but to think you are making this way bigger issue than it actually is.

Also all of you are missing the most obvious point: if it hasn't happened to a lot (and I mean literally more than 10-20% of user base) it is not a significant risk and thus spending extra effort for literally no gain (and actually probably more of a loss in views/users/buyers/whatever) is not worth paying someone to design you a website and paying for updates and then A) paying for (yet another) 3rd party company to host your website B) learning how to setup, host, update, and maintain your own website.

I'm sure most of people on this site could easily setup their own website and run it wherever, but the reason why people are paying you to do such things for living means that most people can't be bothered to learn all the necessary skills.

Good luck posting some controversial point of view on Facebook or similar platforms. They'll axe you in the blink of an eye.

It's real. It happens all the time. I have seen it again and again.

I may have a business one day that sells bits for model steam locos. Many people who are likely to be my customers belong to a facebook group, and probably don't use their PCs much except for facebook and e-mail.

And if I needed to post a controversial point of view on my model steam loco business page, I've got bigger problems than facebook.

I can't stand facebook, but for my purposes it is probably the cheapest, most direct, and low effort way for those people to get to me. It's also probably pretty low effort on my part.

The business would never be more than a cottage industry and I certainly wouldn't want to spend ANY money on IT that I could avoid.

Anyone here offering to donate their time to keep all my IT in order for the same cost I can do it with facebook, and give me the exposure it will to my potential customers?

If so I'll give you my gmail address to get in contact ;)

I think that your point of view is both : - totally acceptable :-) - not really answering the OP question !

The way I understand it, the question could be phrased : "What costs are we willing to pay to reduce the collective social costs of ultradependence on private companies". You clearly states what are the costs you're not willing to pay, but don't really answer the question which is : what costs would you actually be ready to pay ? (Maybe the answer is none, but I don't feel like you actually state that ?)

There are no costs for IT I'd be willing to pay for. The nature of the business is such that it wouldn't even be worth having a shopping cart type app running.

The web presence of the business would basically be an advertisement, newsletter, and contact page.

There are related businesses that sell lots of small items, eg nuts, bolts, material, that would be a lot more convenient to use with a shopping cart, but mine doesn't need it.

>And if I needed to post a controversial point of view on my model steam loco business page, I've got bigger problems than facebook.

Yeah, but what if you post it on your personal wall, and get banned for that? You won't be able to access your page, it doesn't matter you kept it clean.

I only use facebook for the model engineering group(s) and unless they decide discussions about miniature locos are dodgy I should be okay.

I can see there is a potential trap there for the people who decide to mix their personal and professional lives on something like facebook. I just think it is unlikely to get sprung, and comments like "why on earth don't they take complete control of their online presence and register their domain, get their system hosted, set up all their e-mail addresses, etc" could only be written somewhere like HN. The rest of the world would just shake their head slowly.

Yeah, I agree. But I think mixing personal and professional on Facebook is pretty much by default, and most people do it. Also, the illusion that people could control their own presence comes from the fact that this is how it used to work, back when the internet was a much different place.
I think you could have a connector between your site and Facebook. Basically an app that would synchronize content. You should certainly start on Facebook, see if you have something valuable and then think about transferring to a self hosted solution. At that point you might find it worth it but maybe not.

Docker containers make sense because they are portable apps. You can choose where to deploy them, upgrade them, and store the data or what not.

My day job is software development, and your second paragraph made me shudder. So imagine what someone who doesn't want anything to do with IT would think!

The majority of the world do not want to know about containers, hosting services, domain names, or anything else that is related to computers.

I'm not even sure that is changing with younger people - they're happy enough to dick around with social media but don't want to get involved in running a web site and all the software on it.

If a business can work with a "no obvious cost" platform like facebook, the owner won't start paying for something "better" in response to non-quantifiable downsides and threats possibly posed by the platform.

You're going to need to show examples for people being banned for JUST posting a controversial point of view. Most of the time I hear this, it wasn't for the point of view, but because the person was actually breaking the ToS, and they knew it.
What happened for me was that people stopped seeing my controversial posts to the point where the only reason I still had facebook, which was to discuss tech, philosophy, and politics with the masses, became void.

That was an awakening moment for me. Promptly deleted the damned thing and every other social media account I had. Technological echo chambers are going to do so much harm to society.

Yes, Facebook has an insidious shadow-ban system. Its goal is showing people what they like, and not what they don't like. So they're happy Facebook users, seeing happy Facebook ads.
Some suggest it shows a healthy balance of things users like and dislike. That addicting loop of frustration and redemption we often find in the mobile gaming sphere. Not to mention it does this using machine learning techniques to get the timing down juuuust right.

Something something something beauty without pain.

I think my posts were well beyond the "frustrating but redeemable" category, because I had a purposeful tendency to discuss abrasive subjects in order to elicit strong reactions.

So the question is, how the hell do we create a platform that encourages people to challenge their preconceived notions in a way that doesn't make them unbearably uncomfortable in an age where people will do just about anything to not feel uncomfortable, even if it leads to stronger discomfort later?

I have a nascent idea of an anonymous conversation app that pairs users and groups together with various conversation starters, migrating them to new groups over time, while still allowing them to have conversations with users and groups they have befriended over time.

What do you think of such an app and its potential utility for solving this problem?

> ... I had a purposeful tendency to discuss abrasive subjects in order to elicit strong reactions.

That sounds a little like trolling, but I get that you meant it as educational. Maybe a distinction that simple machines don't make.

> ... anonymous conversation app that pairs users and groups together with various conversation starters ...

And that sounds a little like Usenet, or discussion forums. Except that group selection and migration are totally voluntary. In my experience, unless there's moderation, you eventually get trolling wars. Which seem like harassment, to people who don't want to (and/or don't know how to) play those games. And everyone but the trolls eventually leaves.

If you could build an app that facilitated intense discussion, and prevented trolling and harassment, that would be very cool. Forcing anonymity would largely prevent harassment, because anyone who felt harassed could just move to a new persona. And there would be no meatspace impact.

Did you ever go on talk.masked? It used to be a main branch off core.onion (Tor onion services).

I rarely started abrasive discussions, but I would jump on the abrasive statements of others pretty quickly to call out bullshit.

A little off topic, but an example: Someone declared that if you ever doubt any woman's claim about being raped or assaulted, you are the worst kind of person, and you're sexist.

Well, I was assaulted once, and then the girl turned around and told all of my friends that I attacked her.

I lost a LOT of friends over this and it had a pretty negative impact on my life. I shared this experience, and next thing I know dozens of women I'd never met are telling me I'm likely to be a rapist when I grow up and I should just kill myself and I was probably lying about not attacking her. I was just a white male who has no experience with abuse and should keep my mouth shut. Nevermind that I was physically abused for 15 years until I left home.

The complete irony of the situation, what with the victim-blaming and being called sexist while being told my opinion as a white male was invalid, was not lost on me. That was the first big sign that Facebook had become a cesspool.

This is exactly the kind of harmful backwards thinking I want to eradicate. However it seems that some rich and powerful have decided it is in their best interest to manufacture this kind of thought and impress it into the masses. I want to find out how technology can create a level playing field.

The app's just a thought experiment but I wonder if group moderation could be done in a way that doesn't produce social bubbles or echo chambers.

I haven't been on talk.masked. Is it not active anymore? I haven't been on Usenet in a while.

Facebook's real name policy affects some people lots more than others - particularly lgbt people, and sex workers.

I'd guess that amongst my friendship group around 5-10% of people have been affected by this. This is disproportionately high - a suburban soccer mom is far more likely to never see anyone have problems with their fb account. But amongst certain populations this is a real problem and can put people at risk.

Fb has decided that the increase in value from 99% of users is worth the pain for 1%, and that the network effect will keep the 1% in line. They're probably right. On the other hand, fb got a foothold in the market through 1% of the population who are college students, an alternative social network could get a foothold through the queer or other communities that fb is ignoring.

> When has this actually happened?

Germany and France do this regularly for what they consider "hate speech" (for example retweeting newspaper articles about attacks by migrants). Germany has just installed a law that allows imposing multi million EUR fines on companies for repeatedly violating requests to delete user content that violates these fuzzy criteria.

There's a huge influx of German users to gab.ai because of this.

(comment deleted)
She wouldn't. But there are many people who don't like Facebook for privacy reasons or other reasons mentioned in this sub-thread. They might opt for such a service. And then it would grow organically if the experience/total package really was more in line what people want out of a web presence. Its not like the whole world would switch overnight
Yes. But by website in a box, it would have to be as dirt simple as signing up for FB.

So, gramma goes to a web page, clicks the signup, the website deploys a docker image on a webhost and spins up a UI that is not unlike what she is already used to.

Next, comment and "likes". You have to have a comment system that runs on there also. Gramma would invite others to her site by clicking invite. This would generate a specific invite signature for that person and would email it out (gramma would need to know Uncle Fred's email; sorry gramma). Uncle Fred would click the link and be taken to gramma's sight and can comment. All comments stay on gramma's sight. All gramma's content, period, stay's on gramma's sight.

How does one monetize, however?

To monetize you could make referral deals with web hosts. I assume this setup means that gramma is paying the web host a fee.
There are some docker images on DockerHub which are very polished along those lines. OwnCloud for storage, Ghost for blogging. You run them with default settings and they open to a nice welcome page with a tutorial and a fully-functional setup.

With a docker UI like Kitematic, it's remarkably similar to an app store experience.

No one said anything about hosting your own email or making your own website.

eg. My wife has a small business with an online store hosted on Shopify and her email provider is Gmail. But her website is www.her_domain.com and her email address is @her_domain.com.

She can easily switch out her providers and her contact addresses don't change. No real tech knowledge needed except for how to register a domain name and follow some how-to docs from Shopify and Gmail.

I think this is the right attitude to take. It strikes the perfect balance between offloading your problems to the big guys, and keeping control if they decide to screw you over, or run off into the wild yonder.

That doesn't mean they couldn't still mess you up pretty bad. You'd want a pretty solid backup scheme, and you'll still have to accept the loss of some levels of privacy etc. but that might be worth it to you to subsidise cheap services, while still having an escape plan.

They're already screwing us over--they took sides in the election and modified/molded content and search results in an attempt to push their agenda. That was evil.
Registering a domain name may as well be magic to a large portion of the population.
The process of registering the domain behind the scenes might be a bit magic but buying one and pointing it at a hosting provider certainly isn't.
You're ignoring (or overestimating) the enormous segment of the population who wouldn't even have an Internet presence if it didn't come with the phone, and getting the phone was already the one of the most mentally challenging things they've done in years.
Not really. I know people with zero tech knowledge who have done it. Anyone able to register a trademark. Art director, actors etc.
Right, and it's not like you couldn't ask a technical friend to get it done.
I'm not an advocate for anything that results in even more people bugging me to do "computer stuff" for them
I've read all of your comments in my subthread and I agree with everything you've said. Especially this! It was immediately what came to mind but I hit my post count.

This problem of getting people to care about alternatives to Facebook seems to be something you've given a lot of thought as well. Mind if I ask what field you work in?

I work at Google (with the standard disclaimer that my opinions are my own), with a history in the financial and defense industries. Nothing particularly related to Facebook, but I'm sympathetic to the concerns around Facebook. I just think HN tends to miss the forest for the trees when discussing alternatives
Understandably so, after all HN is its own little echo chamber. Technophobia is a real problem and we can't just tell people to "get over it" and join the rest of us, who have likely spent our entire lives working with computers for hours a day.

And asking someone to rely on their geek friend for deployment, education and support instead of relying on a stable platform like Facebook is just silly. Unless we can provide a similar, stable and feature-packed platform then there is just no perceptible incentive for people to make the switch.

I mean heck, Google couldn't even do it.

I think the problem needs to be attacked from multiple vectors. Simply building a technologically superior platform with better privacy control isn't enough. There needs to be a real shift in understanding about the dangers of big social media.

You've enlarged the scope of my comment tenfold, it was that you could ask a friend to help register a domain or move it, that might happen once or twice a decade.
But what about teaching them proper security practices, deployment practices, maintenance, all of those things that go into actually running a website? Even if its just using Wordpress or a static site generator? Registering a domain is the tip of the iceberg in hosting your own content.
(comment deleted)
The are being paid to do so. Also they see it as part of the job.
So what can we do to make this simpler? Make the technology easier to understand?
You could provide a one stop shop for sharing information with the people you care about that is easy enough to use that even people who are afraid of technology can handle it... also everyone they know needs to already be on it... but then you just created Facebook.

The ease of use is only one part of the problem, the other part is that you are trying to solve a problem that a lot of people who use Facebook just don't care about. Facebook fills their need and they really don't care about walled gardens or open internet or whatever else the HN crowd views as a dire issue.

Is it more complicated than buying and owning a car? A house? More complicated than filing your taxes, managing retirement savings, having a wedding, choosing insurance?

Learning the basics of something new, enough to get by, is part of being an adult, even if you won't ever be and have no interest in being an expert.

Given the number of bad financial decisions people make because they don't really understand those things I'm not sure that those comparisons are helping your case, but even so, for a lot of people it IS more complicated than those things because they are afraid of technology in a way that they aren't afraid of tangible things.

Solving 99% of technical problems requires nothing more than Google and following instructions in the first result, but people still can't handle it. Most people haven't given running a website enough thought that they would even know what to look for. A good portion don't even really understand URLs enough to type facebook.com into the address bar instead of Googling Facebook and clicking the first result.

I'm not sure those people are so willing to brand themselves online. If they are, they already have the capital to have someone else do it for them.
I do this as well for my personal email. It's good to decouple your front end from your back end.

The main concern I still have is that I'd lose gchat if I swapped out my email host from Google apps.

> You may gain social attention but you are handing over control.

Yeah it's a tradeoff and for many people giving up that control is worth it.

I maintain a website for a small nonprofit in my town. We did our best to get our name out there directly but 90% of our hits came from Facebook. For worse the site has serious levels of engagement.
No it's not. They think it's worth it until the negative aspects catch up to them. Then they weep.

Due to some unexplainable optimism, people always believe that injustice won't happen to them. Just like with car accidents. And just like with car accidents, there should be some sort of "insurance" against unforeseen douchebaggery.

It's like this : - let's say there's a 1% chance of FaceGoogle abuse for anyone - when faced with that 1% chance, most people (99,99%) will choose to forego the insurance - 0.99% of people are now vulnerable to injustice

People are not as rational as we'd like. We don't have a very good sense of how likely something is to happen, especially when the probabilities get smaller.

(comment deleted)
By making your email something custom instead of @gmail, you're spending some energy, time, and money to protect against a perceived threat.

I guess my real question is, what exactly is that threat, how damaging is it, and how likely is it to occur?

By my mental math, I can't really justify spending even a few bucks, or more expensively, a few hours, protecting against some consequence that I can't really quantify at any real level of risk.

For business, sure, because there are other benefits to having a custom domain, but for personal stuff, I don't really see the cost/benefit analysis making sense. The biggest threat seems to be that the government will have my data and I'll be advertised at, but having my own domain doesn't help either way. Am I missing something?

You can still host your domain on google apps which is simple and painless. The key is that you can take your domain with you and move it wherever you want later on, if you choose to.
exactly, you can protect yourself from a lot of manipulation over time by owning your own domain and always look to build traffic into your personal control, while 3rd parties often offer attractive propositions, the fact that any community built on their platform is not yours to truly 'own' is an issue over time and a risk that is easily mitigated by paying a yearly domain fee.
Exactly this. I'm lucky though in that I signed up when it was Google Apps for Domains (and free). I've been using it for years without paying (having been grandfathered in). If I ever decide that I don't want to be on Google anymore, I can take my domain and move to (e.g.) FastMail without having to go through the pain of shifting everything over. I don't have to:

* spam everyone I know to use a new email address.

* go through authorship information in any READMEs out there for projects I may contribute to.

* deal with an invalid email address embedded in public commits (ala Github).

* deal with possibly important, time-sensitive emails ending up in a blackhole.

* updating email information for online accounts. Especially for sites that use a combo of email address/password rather than login/password.

* etc...

I only have to pay ~$12/year (or less if I buy years in bulk) to keep the domain, and I also get the benefit of being able to grant emails on the domain to other people too.

i have many domains grandfathered in, and last i checked, if i created a new account for someone on those accounts, the new accounts would not be grandfathered in, and i'd have to pay.
Same here. Having my own domain at least decreases the risk of ever losing access to my email address. A lot of developers seem to do this.

It's a shame that this is not something the average person can do easily. Email addresses are by design linked to specific domains.

(comment deleted)
In the end of the day it looks like false freedom for me. You think that you can move everywhere you want, but you're still using a closed source platform (Google).

To have an "open web" we have to have as usable, hassle free alternatives. And as I don't see that day coming yet, because you have to invest your time and money to take care of something (e.g., your email) that wasn't a worry to you before, we won't have "an open web" any time soon.

Some may have the perception that they are "free" and "contributing to an open web" when they're not.

Furthermore you may argue that is best to post in your own website instead of facebook. But what if your business depends on posting on Facebook to earn more? Some may write a copy in their websites, but they will be secondary. Or everybody moves out from such closed source platforms (the masses won't), or we won't have an open web.

I'm looking forward to be completely mistaken. Tell me how wrong I am.

p.s.: my entire comment is not necessary a reply to the comment above, only part of it.

So we're doomed to the tradgedy of the commons?
> The biggest threat seems to be that the government will have my data and I'll be advertised at, but having my own domain doesn't help either way. Am I missing something?

The biggest threat is that Google removes or locks you out of your gmail account.

Right, many people have been permanently "canceled" over unwitting mistakes they've made.
One really basic threat that just seems so obvious and i controversial to me is that in another five to ten years when there is a new service that comes out that is cooler and better, you can just switch to it without effort. When you see someone with an AOL or a Yahoo address, it says something about the person: remember that a true one point they had best of breed solutions.
i controversial -> non-controversial

a true one -> at some

> to protect against a perceived threat...

It might be too romantic these days, but it you might be better if you see it as a matter of principle...Doing the right thing (Backed by your own thought ofcourse).

Think of it as selling your identity off to a thrid party. If you see that as an improper thing on its own, then you shouldn't do it no matter how much value the third party provides, right?

Things like facebook are essentially saying. "Give us your identity, secrets and your whole life, we will save you some cash and make some (nonessential?) things (slightly?) easier for you"....

Yes. My girlfriend has a bellsouth.net email address (it's our ISP). Recently, Tumblr announced that anyone with an email address belonging to AT&T (and yes, bellsouth.net is owned by AT&T) will no longer be able to use said email address to log into Tumblr. I don't have a clue why, it is what it is.

So now she's forced to get another email address to log into Tumblr. I got around that by creating an email address at my own personal domain that forwards to her current bellsouth.net address, and that was good enough for Tumblr.

Enjoy your free Internet.

Details at https://www.att.com/esupport/article.html#!/email-support/KM...

My guesses: Tumblr belongs to Yahoo. Yahoo had some agreement with AT&T to provide them services. The agreement is no more, AT&T customers can't use their AT&T email to login into Yahoo services anymore. I don't see why that should be technically our commercially necessary, but that's it.

> you're spending some energy, time, and money to protect against a perceived threat.

Perceived by some but apparently not by many others who are still clueless. I know multiple people who invested considerable time and energy into building up Facebook pages only to suddenly be cut off from fans who had followed them when fb decided to go the pay to play route. I personally lost my YouTube channel, due to sheer incompetence on Google's side after they moved to the single login system across Google, Plus, YouTube, etc. I tried many times over multiple years to get access again but their support is crappy as I'm sure you've heard many times before...

For a short term experiment, it's totally reasonable to give it a shot. But if you're trusting Google, Facebook or any other tech giant (or even small startup) with things important to you, you're making a mistake. Not backing up something as important as all your email history in Gmail would be insane, in my opinion. Even with a backup, you could lose access to a lot of other services if Google ever locks you out, as they have done to many, many people in the past.

>I know multiple people who invested considerable time and energy into building up Facebook pages only to suddenly be cut off from fans who had followed them when fb decided to go the pay to play route.

An anecdote on a similar note, there's a comedian I'm a fan of who had an Instagram account he used to post funny boudoir style photos as a big, bald, overweight man. All of his posts were well within Instagram's terms of use, in that he never showed full nudity or anything overly suggestive. Basically he was doing the same thing thousands of "butt models" do on Instagram. These weren't just cell phone snaps, either; they were staged and professionally shot images.

He gained a few thousands followers with this, until one day when he was locked out of his banned account with no explanation. With the help of a friend he managed to contact someone who works at Instagram and was told his account was removed for "harassment". Since no other explanation was given the only conclusion that seems reasonable is that people reported him for "making fun of" plus sized female models by doing the same thing himself, which is absolutely ridiculous, as he was always positive about what he was doing. He just happened to be a bald fat man while doing it.

I have been attempting this for sometime with:

http://hyperlinkserver.com/webdesigning/tomorrow/

I have had multiple developers quit and don't have the $80k budget quoted by Gigster.

Concept: in the same way you might register a username/handle on ig/twitter a user registers a new domain (or "connects" a domain the user already owns).

Using Enom API we also offer "branded" email and private registration, and in the background the name records are automatically pointed to their "tomorrowbook page". By logging into tomorrowbook the user can use the "text tool" to add posts to their website, basic website analytics, and ability to customize their follow/like buttons...also access the tomorrowbook email client for their branded email, not unlike a social messaging tool only open bc it works on email protocol.

Obviously the explanation above changes just a little for users who own domains with 3rd party registrars and/or using 3rd party hosting.

How can HN help? If there are any developers who can get the Enom API out of sandbox and fully functional where my other developers have quit.

I kind of like that idea! have you looked into getting a single technical consultant to help you outsource to india?
I'd be happy to talk with you about what you are doing with the API. I don't know if my company would have time to write it for you, but I'd be happy to talk through it with you and offer some suggestions.
Adding to that: don't host your content on other domains either. Beware of insidious threats to the WWW, like AMP.
I don't really understand this? I've never used AMP directly but I use Ghost which comes packaged with AMP. How does AMP change the domain of your content?
Google uses AMP for caching. When you click on the link, they are serving cached content from their own servers. They say it promotes user experience because it is faster. The average user can hardly tell the difference, and they might never go to your server.
It really depends on what you want to do: disseminate information (with a canonical URL that you control) or shovel users to your server?

In the former case, AMP caches are a reasonable compromise since it's really just a free CDN. In the latter case, that cache is annoying because of how it needs to fit in the design of the contemporary web. See the last paragraph of https://amphtml.wordpress.com/2017/01/13/why-amp-caches-exis... for some ideas on how to improve the platform so the caches wouldn't be necessary for much of AMP.

AMP isn't really about speed -- it's about the appification of the open WWW.

The correct way to fix these problems would be to teach people how to make their sites faster rather than enforce restrictions on how they create and monetize their online publications.

"Pinboard founder Maciej Cegłowski already recreated the Google AMP demo page without the Google AMP JavaScript and, unsurprisingly, it's faster than Google's version."

https://www.theregister.co.uk/2017/05/19/open_source_insider...

> Maciej Cegłowski already recreated the Google AMP demo page

He solved a different problem.

I don't think anybody at AMP claims that fast pages aren't possible. Their claim is that there's a need to enforce certain rules to achieve a certain quality of service.

> teach people how to make their sites faster

In a way, that's what AMP is doing. It picks a subset of HTML5 that can be rendered efficiently, and - for now - uses javascript to fill in the blanks (eg. where desired capabilities are forbidden due to how they're commonly implemented: provide build a polyfill that's better suited) and for enforcement of these rules.

As linked in my parent post, there are already efforts to offload some of these constraints into standards to be enforced by browsers - I fully expect the AAMP scaffolding to let go of that soon after (or revert to shims)

But it is an attack on the open web, Google is now sealing off the 'user leak' holes like Facebook did to keep people within their ecosystem. That's all well and good for Google, but we all rely on a relatively neutral search engine and we've relied on Google not to come back down the abstraction levels and into the application space. From a business point of view the game has changed and Google need to be treated as hostile even if they don't know it yet

If speed is the answer, then sure offer AMP, but also offer a lightning bolt next to pages that load within 'x' milliseconds. Reward speed regardless of implementation

It's only going to get worse with voice interfaces, see what Echo now does (https://www.youtube.com/watch?v=BXEu8RcneZQ).

A vibrant ecosystem is key to competition, it's not in our long term interests to let the web consolidate into an oligarchy

Google Search, when used from a mobile user-agent, such as a mobile browser or some mobile-resident Google Search integration like the Google Now Launcher Search Bar, will show some results' AMP-equivalents, and uses AMP-availability as a ranking signal.

When such an AMP search result is opened from the aforementioned Google Search source, it will open in a Google Search-wrapped frame reader, such that the outside is Google Search -- although this is not visually obvious to the user -- while the inside the AMP article. The browser-level URL for this endpoint begins with 'google.com/amp/'. While it's now possible to get the article's original link from this viewer, this was not present at launch, and it was a frequent source of criticism.

This is a brief restatement of a more in-depth description I gave in a different thread [1].

[1] https://news.ycombinator.com/item?id=14385122

I was with you until logins. I'm tired of creating accounts and managing umpteen million passwords.
I only know two passwords: one for my password manager and one to unlock my computer.
But you're still "managing umpteen million passwords", hence the name password manager.
That makes no sense. You use a password manager so you don't need to manage the passwords. If you don't like the concept of having passwords at all then use a stateless, hash-based password generator instead.
How does one integrate that with Facebook or Google or Nameasite?
A browser extension could be made pretty easily. If you have a terminal open, do `echo mymasterpassword facebook.com | shasum -a 256 | pbcopy`.
What's the alternative? To authenticate against our FB account? I'd much rather have a distributed system than to be forced to maintain a FB account just to login.
How about indieauth[0]?

Indieauth lets you authenticate to websites based on your control of a website you specify (via rel=me links).

[0]: https://indieauth.com/

I haven't fully read your link yet, but wasn't that the point of the original opened spec too?
Yes? But indieauth does not require you to personally run an auth server, which makes it easier to adopt. Basically it will search through different online identities that you list on your home page and letting you choose any of their OAuth services.
Persona seemed like a pretty good system, until it was shut down. I don't like single-sign-on systems in general, but having it managed by the Mozilla foundation seemed a lot safer than relying on Google/Facebook. I think their original long term plan was to transition users away from their single-sign-on service as browser support for the features they needed got better.

The only thing that bothered me about the general design is that it used email addresses as identification tokens, and for the site I was making I didn't even want that much personal information from my users.

"I'm tired of creating accounts and managing umpteen million passwords."

That's your choice. You can use the same credentials for all accounts you create and manage the entire mass as one. It's a bad practice, I know, but it's still a solution.

> It's a bad practice

That's the understatement of the century.

Sure, "not recommended", but works fine for 99% of people 100% of the time.
It's such a bad practice that it is not a solution.
The problem with this is that these platforms thrive because of their existing network effects. Even if you own your very own well built .com the vast majority of these dot coms will still have a combination of facebook, twitter, youtube accounts etc which mirror content available on your personal site. This provides distribution that is otherwise difficult to come across.

I have been working on a purposed solution over at http://www.peerprofile.com which allows creation of a personal domain and instead of getting locked in provides an open model.

How is this different from about.me? The user still doesn't own a domain, they just have a hosted page to link to their other profiles. Is that the full point of the product? What am I missing?
In the near future, use DApps (Decentralized Applications) a few of them are already up and running.
I like the prospect of DApps with the client-side code served out of IPFS, and the backend on Ethereum.
Yeah, I completely agree. There are already some services in this space trying to combat filter bubbles and walled gardens, Akasha [https://akasha.world/] for social networks, DNN Media [http://dnn.media/] for news and Lemon Email [https://ipfs.io/ipns/dapp.lemon.email/#/] (dApp and the full beta version) for email system. The last one is completely in line of what you're talking about. I like the approach through blockchain systems because, if used properly, they have the potential to become direction in favor of democratization and decentralization of information.
Lemon Email looks really cool, thanks for sharing.
Set up Akasha out of interest and it does seem really promising. Thanks for the tip!
+1 totally correct

Social media works well for announcing stuff on my own web site (new blog articles, new releases of open source projects, new books I have written, etc.)

Hosting long form content of someone else's domain is not playing the game right.