I did try to mention this before, with creating a Slack clone [0]. PHP and MySQL which is what this is written in are not very sexy but they're perfect for when you want the entire world to be able to use it.
There's reasons why PHP has been so successful with WordPress and Facebook.
They still got all their initial scale from PHP until they were so big that it was worth writing their own PHP engine. They would have had the same problem with Python or JavaScript.
The reason why bitcoin is so popular is because it's a "protocol" and not a specific implementation. If there was really going to be a distributed social network, it shouldn't require downloading anything at all.
Maybe instead, we can use a some already agreed upon protocol... like... english language!
I find it very strange that nobody includes, y'know, Wikipedia in these kinds of conversations. Don't you think Wikipedia is more important than Facebook and Wordpress? As a person involved in mainstream Internet adoption, I consider it as important as the Internet in establishing free, participatory hypertext information. In addition to the fact people now assume they can just find something out without commercial supplication, all the major Internet media companies and pretty much the modern field of AI depend on the knowledge it provides.
Yes, "most people" may not know it's participatory / non commercial / that search results are largely based on it / that you can download all its content and tools and run your own. It still is.
Anyway, Wikipedia is mainly written in PHP and uses MySQL.
But past this point, if we are talking about decentralized peer to peer systems, something based on Javascript that runs entirely in the browser is the real gold standard, at least until a protocol-based network breaks through.
It furthers it for early 2000s projects for sure, a time when getting your site on a Web server was easiest with PHP and most sites didn't rely heavily on AJAX. But now most startups will start in "the cloud," using SPA designs, where PHP is not significant.
Sometimes we get so wrapped up in our own bullshit that we fail to realize that the average Facebook user has no idea what "decentralized" means; nor cares that their personal data is being sold.
This is another example of faux outrage that will pass with the next news cycle.
Another thing is that this will only appeal to people who are generally tech-minded and not the average joe who uses social media.
Most people who uses social media etc. doesn't want to download a lot of things, access should be fairly easy and painless without some sort of "guide", which is what I can see as the downfall for this "social network"
It's more to do with convenience. It was more convenient (and cheaper) to just get Napster / Limewire / Soul Seek / other p2p sharing app and download music than buy it online. In the beginning it was a tech-minded group, but the software got better and easier... and the communities grew.
In short order it was not only tech-minded people who did this en-masse. If a platform is convenient for people to do X, it has a good change of also being popular.
I would say 90% or more of Facebook users couldn't care less if their data is sold to advertisers.
I'm one of those people.
Tell me why I should care. The same thing happens with loyalty cards at Walgreens.
It's the people on Facebook that make Facebook trash, not Facebook itself.
As for your "legistators" (sic), that is the faux outrage I'm talking about.
That's the name of game in politics.
1) Something happens.
2) The media tells people they should get outraged about it
3) People get outraged about it
4) Legislation is enacted to appease the outrage
5) Something else happens.
6) People move on to getting outraged about that.
Additionally, an average person is able to understand what both are. The real issue is whether people think an idea has any value, not whether they understand domain-specific terminology.
> The same thing happens with loyalty cards at Walgreens.
It's not the same thing at all. With loyalty cards I get the OPTION of being rewarded for allowing a company to track me. So I weigh getting rewarded (positive) against sharing my data (negative), and I make a decision.
With Facebook there is no option, they track everyone regardless.
> As for your "legistators" (sic), that is the faux outrage I'm talking about.
> That's the name of game in politics.
> 1) Something happens. 2) The media tells people they should get outraged about it 3) People get outraged about it 4) Legislation is enacted to appease the outrage 5) Something else happens. 6) People move on to getting outraged about that
Yes, so? Peopple are outraged and legislators act. Isn't that how democracy works? It seems you're only just now discovering this.
You have the option of using Facebook or not. If you don't have a Facebook account, they don't have your data.
If you don't have a Walgreens loyalty card, they don't have your data.
People are faux outraged. They're not really outraged at all.
Check this comment in two months and tell me how "outraged" people are at Facebook for selling their data.
It would depend on what kind of "democracy" you're referring to. In a representative democracy where all elected officials are worried about is getting re-elected, then yes, that's exactly how democracy works.
Facebook absolutely tracks non users and builds profiles in them. Those like and retweet buttons on websites are doing just that. Even if you don't click them! It isn't the same as a completely optional loyalty card.
However, I do agree its mainly fuax outrage that will pass shortly. The stock is already recovering
I very deliberately don't participate in loyalty programs. Every single time I go through a checkout at a local business, they ask me for my loyalty info. Every single time, I decline.
Then I swipe my credit card through their machine and give them the exact same credit card number to associate with every purchase I make.
I fully understand that they can track me. I am sending the message that I don't want to be tracked. I am also sending the message that I am willing to pass on their incentives to be tracked, but I am not willing to pass on the convenience of my credit card.
Then I make my credit card company send me a new card every year. So vendors get to track me through less than 50 purchases before I switch.
For businesses that track loyalty by customer name, I will give them the name of a neighbor or other acquaintance. It's astounding how often they are willing to give me back information about that person.
PCI compliance requires, among other things, that a credit card not be used to correlate purchases through time - that’s the main reason loyalty clubs exist; that’s your tracking identifier.
Whether or not this Requirement is observed, audited or enforced I have no idea.
Leaving aside "an average facebook user" (which is just an average person really), and weather they understand what decentralised means, I believe most people would care if they were aware of why the data is sold.
If you said to someone "I'm going to collect information about you whether you like it or not, and then sell it to someone who wants to manipulate your thinking", then I suspect they wouldn't be so keen on the data being collected (let alone sold) in the first place.
And yet if you said "Or you can pay me directly to use this service," how do you think people would respond?
And you literally just described the profession of marketing. So if you replaced the inflammatory phrase "manipulate your thinking" with "market toward you", I think they'd be totally fine with it.
I mean, why else do you "Like" something on Facebook anyway unless you want other people to know that you like it?
Well, your whole argument seems to be based on what ill-informed people will tolerate, not was is ethical.
I agree marketing is intended to manipulate your thinking... or "market towards you". I suspect I have a different attitude about marketing than you do.
I don't use facebook, I used for a week in 2007, and thought "this is just a marketing data machine, no thanks".
Further, the innocuous sounding "Connecting the world" mission doesn't equate to "monitor your social interactions and help people convince you to buy things" (amongst other things) in most people's minds.
I'm very well informed and I'm 100% ok with Facebook using whatever data I put on it.
The fact that some people choose to remain uninformed about what Facebook is doing with the data that these people willfully give them is on those people.
What is ethical in this situation is personal to you, so you can't make a blanket statement that marketing is or not ethical.
Again, to me, it's perfectly ethical, but I'm a big believer in personal responsibility.
As you said, you signed up, saw what Facebook was about and bailed.
That's called personal choice, and it's a wonderful thing.
For the well informed, such as yourself, choosing to share your data knowing that it will be sold and potentially used in ways that you won't like or agree with down the track, is indeed an informed choice.
What I think is not ok, and in turn unethical, is for a company to constantly represent that privacy is a top priority, openly say in the press that data will not be sold, and then do it anyway.
From a personal privacy point of view it seems significantly worse to me, but I guess the positive spin would be that there isn't a single party that can simultaneously blackmail / breach the privacy of a billion people. Although my counter spin would be that in the event of one of these decentralized things going mainstream, a large player would end up being what gmail is for email.
Whitelisting nodes is counterproductive to what federation is trying to achieve.
A decentralized network means that if things go sour, the cost of switching is small, similar to an email account. If my mail provider fucks up, I point my domain to another one and I don't even bother.
Not sure what decentralised means. Do the different hosted versions communicate together and sync users and data across each other? (like the blockchain etc. Because that would be fairly important).. Also a real sneaky pro move would be initially to allow people to "sign up" via Facebook :) - once they're registered and the network has their email address then Facebook can become useless, just lowers the barrier to entry and its ironic that Facebook can be used to replace itself.
Friendica is part of the fediverse, that is, "federated universe." The model of decentralization is "federation" here. Friendica is interoperable with Mastodon, GNU social, etc.
Looks like Friendica (along with most of these other "decentralized social media" things) is federated, not distributed in the way that Bitcoin is. They work kind of like email: each person picks one service to use, but users can follow each other across services.
Just thinking, who should provide this decentralized service for common users? Someone who already provide them email? Their internet providers? Family?
All communities have leaders, whales, whatever you want to call them. Even Bitcoin is now controlled by a small group of mostly Chinese people. Decentralization does nothing other than put control in the hands of an unpredictable and potentially unaccountable group of people, whereas centralized systems have people you can point to and hold accountable (or so we hope). There is a reason it's never worked throughout history, and why decentralized systems always collapse into a more efficient centralized form.
Exactly like email or the web. Certain services (shame on you, booking.com) now consider it a potential bug if you email doesn't end in gmail.com (they do their "did you mean: tadzik_@gmail.com?" when I enter the proper one, with my own domain). The web itself also tends to gravitate towards either "cloud" providers or at least stuff like cloudfare for ddos protection. Yes, it is still decentralized, but people keep choosing the centralized subsets of it for convenience.
This is incredibly annoying, I agree, but having run a service for which people type their email addresses, and having seen just how many people can't actually type their own email address properly (currently running at about 5%) I'm not surprised that a service aimed at non-technical people puts in attempted safeguards like this.
And my service is for technical people - I can't imagine what it's like for genuinely open services.
Omitting letters in their username, getting the domain wrong by omitting or mutating letters, commas instead of periods, spaces, and more. Some, such as commas and spaces are easy to catch, but mutations in the username are pretty much impossible to catch.
Without digging through my records I can't be more specific, but in general I was horrified at how many can't actually spell their own names correctly. Seriously, one person typed jojn.dpe instead of john.doe (name deliberately changed to protect the user). Sometimes it's possible to guess the correct username/domain, but sometimes it simply isn't.
It's funny because those are perfect examples of what they are talking about.
Gmail and Cloudflare.
For example, the web makes it cheap and trivial to DoS someone. And you often don't want your origin exposed. Hence everyone using Cloudflare and the collapse of the decentralized dream.
Its design intended it to be used that way, but that's not how people use it. Everyone uses a centralized email provider now (Google, Microsoft, Apple, etc.), and these providers act as gatekeepers to email. If they disappear, people will find an alternative centralized messaging scheme, not start learning how to run their own mail servers...
It's true that when or if you need to communicate with them, you need to play by their rules, but it's also true that email has the potential, the power, and the technical solutions to shift away from it, should it ever be needed or wanted. This is not true for centralised by design systems.
EDIT: I don't think people will be able to abandon email, given it's a replacement for paper mail (banking, official papers, etc). If the big players won't play nice, people will need to get to another provider, simply because the source of email won't be willing/fast enough to jump on [system X].
- Even if it were true that "everyone uses Google/Microsoft/Apple/etc", the ones that don't can still send/receive emails from everyone else.
- If one of the of the big providers disappear, the system as a whole will continue to function.
If all centralized providers disappeared and I had to send a message to my friend, I wouldn't setup my own SMTP server... I'd just send him an iMessage. Or I'd post to a Slack group. The system without centralized providers is useless to most people using it today because no one wants to learn how to setup a mail server when there are dozens of alternative messaging tools.
As for the few that do have the capacity to setup a mail server, they would only be able to message others that also have the capacity to setup a mail server (again we're assuming no centralized providers and thus no delegation of this task to a trusted party). So maybe the system would still work for this niche group... but then we get into the bigger question: are there entities today that control the Internet and do they have the capacity to shut down systems like email? Tor?
I am pretty sure if Google disappeared we were going to see a huge drop in the email traffic. How would I get to know the new email address of my friend who we only talked using Gmail for example?
I think you and the one that I responded to are confusing the abstract nature of a system with its practicality.
As much as Google would like to, they can't simply close their email servers for outside addresses and still call it an email provider. It would be a whole different beast.
The fact that you don't get to talk with other people only because an big email provider would disappear does not change the fact that email messaging systems are designed to be inter-operable. That is the key point. To try to argue otherwise is insane.
> Everyone uses a centralized email provider now (Google, Microsoft, Apple, etc.), ...
No, it's not the case that "everyone" does that. I don't, and many of my colleagues don't. Perhaps muggles in general don't, and perhaps you're really only talking about such non-technical people, but your hyperbole undermines your argument.
And I'm getting really tired of those big services automatically classing as spam anything that comes from a different domain.
> No, it's not the case that "everyone" does that. I don't, and many of my colleagues don't.
To add a little more nuance to that, millions (or billions?) of people working in various areas have email addresses provided by their employer with specific domain name suffixes. Even if those are using cloud based email providers like GSuite or Outlook 365, as far as someone who wants to correspond by email with these people is concerned (personal or work use), the email address is certainly not an @gmail.com or @outlook.com address. And all these people understand that quite well, even if they don't work in the tech sector.
> And I'm getting really tired of those big services automatically classing as spam anything that comes from a different domain.
This really bugs me A LOT! It's as if the systems have a knee jerk reaction based on domain names while they themselves wouldn't consider all their users (on their domains) as spammers.
It’s clearly decentralized as you cited multiple providers in your own post. These providers share no common (logical) servers. Would Apple go totally out of business every people that didn’t relied on this provider would be totally unaffected. If you own your domain and only delegate to a provider it’s almost seamless to switch to another. (Admittedly it’s more frequent for businesses than for individuals).
Ill be frank. I don't see the problem with bitcoin as you describe it. The reason the mining power is in China is because they produce the ASICS and they have cheap power.
Centralized systems offer this accountability in theory. But rarely does this work in practice.
Tresorit also announced an end-to-end encrypted social network where the company can't see the users' content. I think that's probably the angle privacy-focused Facebook alternatives will need to take. Unfortunately, they chose a strange-looking Hungarian name for it, so probably nobody will ever pay attention to it because of that:
I don't know about others, but I don't care if my social media platform is centralized or not. I use FB mainly as news feed(I don't even get that many friends' posts), but I can easily migrate that. What I need is nothing more that somehow fancy address book. FB gives me a way to contact people I don't keep strong relationships with, it lets me organize an event with those people relatively pain-free and it allows me to keep at least a bit in touch. That's all. Give me just those basic features, pour some serious privacy management over that and I will be happy to lead the way switching.
My feed it full of crap like: Silly memes in local languages, Weird shared videos of something cute or funny, Ads, Game invites, Photos from people I don't really know...
I basically only have facebook to kinda keep the contact data of old school friends. I don't even talk to them.
(And for dating. Contacting people unsolicitedly but still in a friendly and respectful way works much better than going on online dating sites...)
If you join FB groups related to things that you care about, then there is a good chance you will see more news related to the things you care about too.
> Friendica runs on PHP with MySQL as a database. If you can run WordPress, you can run Friendica.
Not the biggest fan of the stack, but no problem. These networks are getting closer. Now create a desktop installer that: has its own web server + php + mysql pieces embedded and execute on their own ports on startup. (I say I don't like the stack because I'd prefer something that can all be statically compiled). Make sure the desktop can easily setup/change/admin this self host and can guide or automatically dyndns and NAT bust. Or if you want to do it right, embed tor, and create a hidden service for me (an ephemeral v3 one would be nice, maybe from a deterministically derived key from a few factors, I'll figure out how to give the unwieldy name to my friends).
We have to make self hosting as easy as running mspaint if we're going to tackle this problem right.
Sure. If I were to give feedback, I'd say it needs a better landing and a user guide for the app (as opposed to the protocol inundated with dev jargon). Not really gonna send my mother a GitHub releases page; she needs to be the intended audience. I guess I could send her http://dinosaur.is/patchwork-downloader/ and ask her to read https://www.scuttlebutt.nz/getting-started.html and/or https://www.scuttlebutt.nz/#quick-start but even that has friction. Also, I'd like to see it shipped with Tor and just hit a checkbox (at runtime not install time) for anonymity instead of having to manage my own daemon.
Agreed. I'll add that my main issue with Patchwork is that from what I can tell it's pretty much impossible to develop for it without using Node.js. I really think that for this to take off, it needs to focus on 'developer happiness' right now. There's a solid client, a relatively vibrant and activist community, but too little in the way of (relatively) inexperienced devs like myself to build apps on top of.
this is especially problematic because the Patchwork client, while impressive, is not something I enjoy using. I'm just itching to build my own alternative clients, as well as apps that run on the SSB protocol, but I can't unless I force myself to get back into the Node ecosystem.
Another crucial issue, I find, is the inability to have multiple devices linked (by whatever means) to the same user. The impression I get is that the community is split on either fixing that, or adding more tools to deal with community management. I find that worrying because I've had multiple experiences with communities where ~50% was overly focused on 'preserving what is', and none of those experiences ended up in any kind of success.
For the time being I'm still excited about Patchwork, and looking for ways to positively contribute (contrary to this post), but I get too much of a 'sixties imploding commune' vibe to feel comfortable wasting my energy, for now.
EDIT: all this sounds somewhat negative, and my apologies for that. But I got and am really excited about the core proposition of the whole thing and just worry a lot about its viability. I'd really love to hear where I'm wrong, or how I could contribute without having to deal with the community kerfuffles that I am not too interested in. It's like CouchSurfing in reverse.
I really like the idea of SSBC, on the other hand, most of it's problems are similar to those of XMPP and which are solved with it. (See, for example, Message Carbons, Microblogging over XMPP, OMEMO for multi-device encryption, etc).
I've tried running Movim and BuddyCloud when they got released, but left me with a terrible, unstable, feature-lacking experience (this was in ~2012). Maybe revisiting the idea of social networks on top of XMPP would worth a few thoughts, given it's now in a much better state.
SSBC is a very interesting idea and solution for sneakernet issues, but it comes with a serious amount of issues on it's own.
What language would you feel more comfortable contributing in? For good or bad Node seems quite popular especially with newer programmers so I can at least somewhat understand the decision.
I'd say an implementation in all popular languages would be important. I hear decent work has been done with Rust, and I'd love to see something for Elixir. But as I understand it part of the problem is lack of spec/documentation. If we had that, perhaps it'd be easier for a variety of implementations? php, ruby, python, etc.
I think many people that are moving away from Facebook move away from social networks in general. Personally, I am not interested at all in a Facebook replacement. I gave a couple a try, but quickly realized that spending time on these social networks is even more boring than Facebook, especially if none of your friends are on there.. and therefor a total waste of my time. If I need to communicate with friends I do this “directly” via WhatsApp or email.
I don't know who's downvoting this; this is an actual trend I'm experiencing as well. Those who leave facebook tend to leave for good, and not replace it with anything. I'm yet to decide if it's good or not; I definitely want homepages (not strictly blogs) back, hence see https://indieweb.org , but I know most will just simply walk away from social media completely.
> I think many people that are moving away from Facebook move away from social networks in general [...] If I need to communicate with friends I do this "directly" via WhatsApp or email.
I'd like to see the line disappear and I'd like to see WhatsApp or email be considered social networking. I think a well built app can have both of those features in addition to the feed+post+comment style of Facebook. From the user perspective, what are all these communication mediums but just "place" configuration?
I completely agree with you, personally I am burned out by social networking. Snapchat, LinkedIn, Instagram are all gone, Facebook I barely use anymore. They offer so little and come with huge costs.
I've found FB mostly irrelevant for socialising, but very useful for interest groups - what used to be Usenet, then eGroups/Onelist, then YahooGroups, then Google (sort of.)
There are only so many possible applications in the social space, and the idea that friends/family, work colleagues, hobby/interest, and professional interest groups should all share the same space was always eccentric.
Man, people are working hard on this idea still. I like the persistence, but something tells me the ambition aught to in most cases be directed towards something less of a winner-take-all hollywood style success market, and more towards something better placed on the effort-to-returns spectrum.
This is yet another platform solution. The problem with platform solutions is that they still present one and only one choice of software.
Decentralized systems can only take off if they are built around standardized protocols - this is why email works. The choice of smtp servers to run, email clients to choose from, that's what's making it resilient.
Ideas like ActivityPub, webmentions, microsub, micropub, while not strictly protocols - all on top of HTTP - could allow us to build real decentralisation, with the weapon of choice on platform, language, client - this is what's truly needed.
Most of the platforms like Diaspora, Friendica, Mastodon, can, could, or already have adopted some of these, thus making a good step towards true federation, when anything can talk to anything.
EDIT ... but the emphasis right now should be on the glue, the protocols connecting them, not just only the software implementing it.
While I agree that the emphasis should be on the protocols traction is important and most people see the platform.
It can also show some deficiencies of the protocols which is always good.
I think most of these platforms do understand the need for true federation. For example Mastodon can now talk and
interact with PeerTube through ActivityPub, GNU Social and Mastodon can completely interoperate too.
I'm deeply aware how important UX and the actual interfaces are; however, there are still some underdeveloped building blocks, which are not getting enough attention.
It is true that user interfaces are just as important, but half-baked solutions might do more harm, than good, resulting in disappointment in those who'd be willing to try them out.
Leading with UX could be a good (the best?) way to both aid adoption by the normal folks AND let a sane set of requirements emerge that steers the solutions to the most desired set of problems.
As much as most people on HN would like to have these protocols specified ‘correctly’, this feels like a situation where the perfect is the enemy of the good.
That's a start, but I suspect we're better off thinking about all possible features, because this allows us to define a protocol that generalizes better.
In your example, users can be tagged in a photo. That's nice. But let's say that in the future we want to share who's attending what events. Perhaps we can use the same kind of constructs in the protocol for both uses.
Of course, an implementation does not need to support all features from the start.
However, I don't think there's any kind of standard-ish list for what's a minimum feature set for a social network. Please feel free to add one to the indieweb wiki, as any help is welcome.
Yup, I'd rather see an abstraction extracted from a solid system than created eagerly. There may be a first mover advantage to the "winner", but it's better than attempting to conform to a mostly unused protocol only to find each app adds on to it in their own ways because their feature set is larger than the protocol.
I see no way of controlling privacy in a decentralized system. It'd be like trying to delete all the emails you've sent to other people or stop someone from forwarding an email. Once you put the data out there in a decentralized system, it's out there permanently. Centralization allows for some control.
This is a big problem I think as well. Do we really want a social network where nothing can be deleted? I have used a few and it definitely makes me think before posting.
Here's a question I genuinely don't know the answer to: is there a standard format or file format for requirements and motivational modelling? I feel like now would be the PERFECT time for a collaborative Archimate 3.0 motivation model design, but I know of exactly zero tools that could do this remotely and at scale.
That's what Movim does, by building on XMPP and its extensions. It's still pretty rough though, and administering a node (something that regular users are NOT required to do, but I thought it would be cool) requires some knowledge of XMPP/ejabberd (which I lack, as I discovered).
Ideally I'd be happy with something like that, where a single geek can provide a secure and federated social hub to his circle of friends/family.
I have a feeling none of these "decentralized" social networks are going to succeed in capturing the users, but I believe one of these will attract the users for something else than the feature "decentralized". When it happens, whoever owns the site will then move away from the initial concept and build the site around the side-effect feature that attracted the users and then capture the entire audience and thus kill facebook once and for all-.
> ActivityPub is a "loose standard", meaning that it doesn't define precisely each interaction. "Supporting ActivityPub" doesn't make any sense, because, per the standard, implementers are forced to make local decisions about how to convey specific features via ActivityPub because of an intended lack of description.
> In this context, you can claim "supporting ActivityPub" and not being able to interact with any other service also claiming "supporting ActivityPub" just because you made different implementation decisions.
> Another angle: Mastodon implemented ActivityPub for internal communication between Mastodon instances. So they designed their usage of ActivityPub according to their specific usage and features since the standard actually encourages you to do so by leaving parts intentionally vague. However, if any other project wants to communicate with Mastodon instances, they will have to know which specific decisions were made for the intentionally vague parts of the standard because you can't just guess.
> It is different from OStatus where interactions were much more precisely defined, so you actually could rely on the standard definition to implement a single connector that would mostly work with most OStatus services because the vague parts were reduced to a minimum.
Seems that the bright minds here behind friendica could be helpful in the MIT Solid project being run by Tim Berners Lee. And/or they could be a SOLID app themselves:
After multiple facebook breaks (and now im off for more than a year) I must say, that I dont see any usage for social media platforms anymore, that work like facebook or google plus. All this egocentric stuff is based on instagram and user created news is based on reddit or twitter. Communication is based on telegram, signal etc.
So what the hell do I need FB for? I dont need it and i dont see a reason to switch to an other social media platform like friendica or diaspora anymore. But maybe im just getting old :D
Sounds interesting, but I don't think PHP & MySQL are a good stack. While it's possible to write secure software in PHP (I'd probably trust the Paragon IE) guys to do it), it's not very likely. As for MySQL — as far as I'm concerned there is essentially no reason to choose it over PostgreSQL, and a project which does so is thus instantly suspect. If they've made an error that grave, what other errors have they made?
It'd be like someone choosing Windows as a server OS: there's a small chance it was a good decision, and a far, far greater probability that it was the result of a toxic engineering & management culture.
Why do you consider choosing MySQL over Postgres a grave error? There are some cool features in Postgres. I am going to learn more about partial indexes, that looks useful! But there is plenty of precedent for large, successful MySQL projects. Uber, for example, switched from PostgreSQL to MySQL in 2016. https://eng.uber.com/mysql-migration/
> Why do you consider choosing MySQL over Postgres a grave error?
Because PostgreSQL focuses on correctness & MySQL focuses on performance & ease of use. With a database, I want correctness first, and performance & ease of use second.
Many projects chose MySQL because it was easy to use & somewhat faster, and they didn't realise how broken it was initially. I am sure that many projects failed due to MySQL, and are now lost to history. Choosing MySQL over PostgreSQL betokened the kind of culture which chooses convenience over correctness, which is not the kind of culture I wish to associate myself with.
Over time, MySQL added more & more correctness, and PostgreSQL got faster & faster. As it turned out, PostgreSQL with the right performance flags is faster than MySQL with the right correctness flags.
In the specific case of Uber, it sounds like they're essentially using MySQL as the underlying storage mechanism for a key-value store, and are able to build the mechanisms they need atop it. Also, PostgreSQL less efficient for their usage patterns than MySQL. That makes sense, and seems like a sensible engineering decision. 'Essentially no reason to choose [MySQL] over PostgreSQL' doesn't mean no reason at all.
It's kinda like how sometimes it makes sense to write an inner loop in assembly, but it extraordinarily rarely makes sense to write a word processor in assembly in 2018.
Thank you Friendica team! We need more work in this space!
> Friendica runs on PHP with MySQL as a database. If you can run WordPress, you can run Friendica.
This is a problem. I picture the future decentralized systems being a self-contained system that runs on your device (desktop or mobile) as well as servers for more technical people.
To this end the only scripting language that can pull this off is Javascript. Ruby and PHP are not needed or useful in this space.
To anyone that reads this, please take a couple weeks to learn Node (+electron or react-native), Go, or (hardest) Rust.
I wasn't talking about running a node server application. I used "node" to refer to the v8 engine being embedded into an electron or mobile app which Ruby and PHP can't do (at least with any level of ease).
This makes me think of Docker containers but for desktop rather than server use. Let the language/stack be Elixir/Phoenix if that's what the devs want to use; as long as I can pull down an app container that runs on my machine then the need to rely on a least-common-denominator language goes away and we're all better off.
Do you really think regular people are going to run docker containers?
My point is that decentralized networks need to be easy to run by normal people. Go, Rust, Java, C, Swift, etc.. can all be compiled into an app and handed off to a user to run.
Is there a whitepaper? Difficult to analyze the system and decide whether it's going to do a good job, be safe against adversaries and manipulation, etc. without seeing some sort of high level description of how it works. Knowing it uses php and mysql doesn't tell me anything about the actual application.
These decentralized social networks could benefit from that statically-linked web app post [0]. Sure, it's pretty simply to get a LAMP stack up and running to host a Friendica node. But a simple executable would lower the barrier even further!
I think ease-of-use/access, along with a well thought out federation protocol, will be critical for these networks to replace Facebook/Twitter/etc. As it is now, I can only get my techie friends to try these out.
145 comments
[ 3.6 ms ] story [ 238 ms ] threadThere's reasons why PHP has been so successful with WordPress and Facebook.
[0]: https://news.ycombinator.com/item?id=16567271
True in 2004, today options are plentiful.
More options = more skills needed.
Perl, Python, JSP, ASP, CF - people argued for and used all of those on major projects in 2004.
Maybe instead, we can use a some already agreed upon protocol... like... english language!
Yes, "most people" may not know it's participatory / non commercial / that search results are largely based on it / that you can download all its content and tools and run your own. It still is.
Anyway, Wikipedia is mainly written in PHP and uses MySQL.
But past this point, if we are talking about decentralized peer to peer systems, something based on Javascript that runs entirely in the browser is the real gold standard, at least until a protocol-based network breaks through.
This is another example of faux outrage that will pass with the next news cycle.
Most people who uses social media etc. doesn't want to download a lot of things, access should be fairly easy and painless without some sort of "guide", which is what I can see as the downfall for this "social network"
The harder problem (for me) to solve is how to build up weak ties outside of social media.
In short order it was not only tech-minded people who did this en-masse. If a platform is convenient for people to do X, it has a good change of also being popular.
Example: In the EU so many people care that legistators are taking measures to protect the people.
Perhaps it's just the people around you that don't care...?
Let's be specific here.
I would say 90% or more of Facebook users couldn't care less if their data is sold to advertisers.
I'm one of those people.
Tell me why I should care. The same thing happens with loyalty cards at Walgreens.
It's the people on Facebook that make Facebook trash, not Facebook itself.
As for your "legistators" (sic), that is the faux outrage I'm talking about.
That's the name of game in politics.
1) Something happens. 2) The media tells people they should get outraged about it 3) People get outraged about it 4) Legislation is enacted to appease the outrage 5) Something else happens. 6) People move on to getting outraged about that.
What's your point?
Quote:
> I would say 90% or more of Facebook users couldn't care less if their data is sold to advertisers.
So, changing goalposts.
I'm making the point that "a lot" is a throwaway term.
It's like saying a car is "very fast."
Well, compared to a jet, a car is not fast at all.
Also, "a lot" means something different to me than it does to you.
So saying "a lot" of people do or believe anything is meaningless.
chrstphrknwtn was responding to your comment on privacy and now you changed to talking about decentralized social networks.
I don't care if you care. That's your decision.
> The same thing happens with loyalty cards at Walgreens.
It's not the same thing at all. With loyalty cards I get the OPTION of being rewarded for allowing a company to track me. So I weigh getting rewarded (positive) against sharing my data (negative), and I make a decision.
With Facebook there is no option, they track everyone regardless.
> As for your "legistators" (sic), that is the faux outrage I'm talking about.
> That's the name of game in politics.
> 1) Something happens. 2) The media tells people they should get outraged about it 3) People get outraged about it 4) Legislation is enacted to appease the outrage 5) Something else happens. 6) People move on to getting outraged about that
Yes, so? Peopple are outraged and legislators act. Isn't that how democracy works? It seems you're only just now discovering this.
You have the option of using Facebook or not. If you don't have a Facebook account, they don't have your data.
If you don't have a Walgreens loyalty card, they don't have your data.
People are faux outraged. They're not really outraged at all.
Check this comment in two months and tell me how "outraged" people are at Facebook for selling their data.
It would depend on what kind of "democracy" you're referring to. In a representative democracy where all elected officials are worried about is getting re-elected, then yes, that's exactly how democracy works.
Not quite true, all the like buttons and other FB integration code for websites and apps still collect your data
Wow. You're so clueless you don't even realize how clueless you are.
However, I do agree its mainly fuax outrage that will pass shortly. The stock is already recovering
Then I swipe my credit card through their machine and give them the exact same credit card number to associate with every purchase I make.
I fully understand that they can track me. I am sending the message that I don't want to be tracked. I am also sending the message that I am willing to pass on their incentives to be tracked, but I am not willing to pass on the convenience of my credit card.
Then I make my credit card company send me a new card every year. So vendors get to track me through less than 50 purchases before I switch.
For businesses that track loyalty by customer name, I will give them the name of a neighbor or other acquaintance. It's astounding how often they are willing to give me back information about that person.
Whether or not this Requirement is observed, audited or enforced I have no idea.
If you said to someone "I'm going to collect information about you whether you like it or not, and then sell it to someone who wants to manipulate your thinking", then I suspect they wouldn't be so keen on the data being collected (let alone sold) in the first place.
And you literally just described the profession of marketing. So if you replaced the inflammatory phrase "manipulate your thinking" with "market toward you", I think they'd be totally fine with it.
I mean, why else do you "Like" something on Facebook anyway unless you want other people to know that you like it?
I agree marketing is intended to manipulate your thinking... or "market towards you". I suspect I have a different attitude about marketing than you do.
I don't use facebook, I used for a week in 2007, and thought "this is just a marketing data machine, no thanks".
Further, the innocuous sounding "Connecting the world" mission doesn't equate to "monitor your social interactions and help people convince you to buy things" (amongst other things) in most people's minds.
The fact that some people choose to remain uninformed about what Facebook is doing with the data that these people willfully give them is on those people.
What is ethical in this situation is personal to you, so you can't make a blanket statement that marketing is or not ethical.
Again, to me, it's perfectly ethical, but I'm a big believer in personal responsibility.
As you said, you signed up, saw what Facebook was about and bailed.
That's called personal choice, and it's a wonderful thing.
What I think is not ok, and in turn unethical, is for a company to constantly represent that privacy is a top priority, openly say in the press that data will not be sold, and then do it anyway.
Can I whitelist/blacklist nodes?
And how is the situation we're arriving at better than having a single party, in this case Facebook, who is to blame when things go sour?
Whitelisting nodes is counterproductive to what federation is trying to achieve.
A decentralized network means that if things go sour, the cost of switching is small, similar to an email account. If my mail provider fucks up, I point my domain to another one and I don't even bother.
What you're looking for is federated vs peer-to-peer decentralization.
Friendi.ca is federated and decentralized.
Water covers 70% of earth surface, therefore I should build my house on water.
http://i.imgur.com/Fp5pw9o.png
Also, most PHP developers are complete morons. And I won't apologize for generalizing.
This is incredibly annoying, I agree, but having run a service for which people type their email addresses, and having seen just how many people can't actually type their own email address properly (currently running at about 5%) I'm not surprised that a service aimed at non-technical people puts in attempted safeguards like this.
And my service is for technical people - I can't imagine what it's like for genuinely open services.
Without digging through my records I can't be more specific, but in general I was horrified at how many can't actually spell their own names correctly. Seriously, one person typed jojn.dpe instead of john.doe (name deliberately changed to protect the user). Sometimes it's possible to guess the correct username/domain, but sometimes it simply isn't.
Gmail and Cloudflare.
For example, the web makes it cheap and trivial to DoS someone. And you often don't want your origin exposed. Hence everyone using Cloudflare and the collapse of the decentralized dream.
EDIT: I don't think people will be able to abandon email, given it's a replacement for paper mail (banking, official papers, etc). If the big players won't play nice, people will need to get to another provider, simply because the source of email won't be willing/fast enough to jump on [system X].
- Even if it were true that "everyone uses Google/Microsoft/Apple/etc", the ones that don't can still send/receive emails from everyone else. - If one of the of the big providers disappear, the system as a whole will continue to function.
As for the few that do have the capacity to setup a mail server, they would only be able to message others that also have the capacity to setup a mail server (again we're assuming no centralized providers and thus no delegation of this task to a trusted party). So maybe the system would still work for this niche group... but then we get into the bigger question: are there entities today that control the Internet and do they have the capacity to shut down systems like email? Tor?
Call him up on the phone or message him on whatsapp or... whatever...
email IS decentralised. Even if we had ONLY gmail, a startup could implement a better email frontend and be successful.
The fact that you don't get to talk with other people only because an big email provider would disappear does not change the fact that email messaging systems are designed to be inter-operable. That is the key point. To try to argue otherwise is insane.
Mostly everyone, but not everyone.
No, it's not the case that "everyone" does that. I don't, and many of my colleagues don't. Perhaps muggles in general don't, and perhaps you're really only talking about such non-technical people, but your hyperbole undermines your argument.
And I'm getting really tired of those big services automatically classing as spam anything that comes from a different domain.
To add a little more nuance to that, millions (or billions?) of people working in various areas have email addresses provided by their employer with specific domain name suffixes. Even if those are using cloud based email providers like GSuite or Outlook 365, as far as someone who wants to correspond by email with these people is concerned (personal or work use), the email address is certainly not an @gmail.com or @outlook.com address. And all these people understand that quite well, even if they don't work in the tech sector.
> And I'm getting really tired of those big services automatically classing as spam anything that comes from a different domain.
This really bugs me A LOT! It's as if the systems have a knee jerk reaction based on domain names while they themselves wouldn't consider all their users (on their domains) as spammers.
This is a totally different story for Facebook.
Centralized systems offer this accountability in theory. But rarely does this work in practice.
https://www.indiegogo.com/projects/prevaat-the-privacy-focus...
I don't care about fancy tech in this case.
How did you manage to do that?
My feed it full of crap like: Silly memes in local languages, Weird shared videos of something cute or funny, Ads, Game invites, Photos from people I don't really know...
I basically only have facebook to kinda keep the contact data of old school friends. I don't even talk to them.
(And for dating. Contacting people unsolicitedly but still in a friendly and respectful way works much better than going on online dating sites...)
Not the biggest fan of the stack, but no problem. These networks are getting closer. Now create a desktop installer that: has its own web server + php + mysql pieces embedded and execute on their own ports on startup. (I say I don't like the stack because I'd prefer something that can all be statically compiled). Make sure the desktop can easily setup/change/admin this self host and can guide or automatically dyndns and NAT bust. Or if you want to do it right, embed tor, and create a hidden service for me (an ephemeral v3 one would be nice, maybe from a deterministically derived key from a few factors, I'll figure out how to give the unwieldy name to my friends).
We have to make self hosting as easy as running mspaint if we're going to tackle this problem right.
But this is very close, yes.
this is especially problematic because the Patchwork client, while impressive, is not something I enjoy using. I'm just itching to build my own alternative clients, as well as apps that run on the SSB protocol, but I can't unless I force myself to get back into the Node ecosystem.
Another crucial issue, I find, is the inability to have multiple devices linked (by whatever means) to the same user. The impression I get is that the community is split on either fixing that, or adding more tools to deal with community management. I find that worrying because I've had multiple experiences with communities where ~50% was overly focused on 'preserving what is', and none of those experiences ended up in any kind of success.
For the time being I'm still excited about Patchwork, and looking for ways to positively contribute (contrary to this post), but I get too much of a 'sixties imploding commune' vibe to feel comfortable wasting my energy, for now.
EDIT: all this sounds somewhat negative, and my apologies for that. But I got and am really excited about the core proposition of the whole thing and just worry a lot about its viability. I'd really love to hear where I'm wrong, or how I could contribute without having to deal with the community kerfuffles that I am not too interested in. It's like CouchSurfing in reverse.
I've tried running Movim and BuddyCloud when they got released, but left me with a terrible, unstable, feature-lacking experience (this was in ~2012). Maybe revisiting the idea of social networks on top of XMPP would worth a few thoughts, given it's now in a much better state.
SSBC is a very interesting idea and solution for sneakernet issues, but it comes with a serious amount of issues on it's own.
I don't have any Facebook accounts but after 15 years programming stuff, I don't see the copy/paste as a powerful solution.
Also, distribution is not really the problem here. From architecture point of view Facebook is distributed.
The problem is the need of store huge amount of data in the cloud and pretending that to be free.
I'd like to see the line disappear and I'd like to see WhatsApp or email be considered social networking. I think a well built app can have both of those features in addition to the feed+post+comment style of Facebook. From the user perspective, what are all these communication mediums but just "place" configuration?
Edit: here're some early scratch grpc services I have been toying with to abstract different communication forms: https://github.com/cretz/yukup/tree/6793fb2b281e4ea7cda1fe5b...
There are only so many possible applications in the social space, and the idea that friends/family, work colleagues, hobby/interest, and professional interest groups should all share the same space was always eccentric.
Decentralized systems can only take off if they are built around standardized protocols - this is why email works. The choice of smtp servers to run, email clients to choose from, that's what's making it resilient.
Ideas like ActivityPub, webmentions, microsub, micropub, while not strictly protocols - all on top of HTTP - could allow us to build real decentralisation, with the weapon of choice on platform, language, client - this is what's truly needed.
Most of the platforms like Diaspora, Friendica, Mastodon, can, could, or already have adopted some of these, thus making a good step towards true federation, when anything can talk to anything.
EDIT ... but the emphasis right now should be on the glue, the protocols connecting them, not just only the software implementing it.
It is true that user interfaces are just as important, but half-baked solutions might do more harm, than good, resulting in disappointment in those who'd be willing to try them out.
As much as most people on HN would like to have these protocols specified ‘correctly’, this feels like a situation where the perfect is the enemy of the good.
What do we want the system to do?
And how can we control our privacy?
Let's answer these questions first.
EDIT: https://www.w3.org/2005/Incubator/federatedsocialweb/wiki/SW... might be a better source.
Defining a minimum set of features for what a social network (media? web? system?) is is certainly a required step, and any suggestions are welcome.
In your example, users can be tagged in a photo. That's nice. But let's say that in the future we want to share who's attending what events. Perhaps we can use the same kind of constructs in the protocol for both uses.
Of course, an implementation does not need to support all features from the start.
https://indieweb.org/Facebook#Features
https://indieweb.org/Twitter#Features
However, I don't think there's any kind of standard-ish list for what's a minimum feature set for a social network. Please feel free to add one to the indieweb wiki, as any help is welcome.
And you can get all of that machine readable too: http://pin13.net/mf2/?url=https%3A%2F%2Fjeena.net%2Fevents%2...
Ideally I'd be happy with something like that, where a single geek can provide a secure and federated social hub to his circle of friends/family.
Friendica supports a ton of protocols, see the "Interoperability" section on the front page.
Regarding ActivityPub, it is good to keep in mind the reality: https://github.com/friendica/friendica/issues/4688
Quoting MrPetovan:
> ActivityPub is a "loose standard", meaning that it doesn't define precisely each interaction. "Supporting ActivityPub" doesn't make any sense, because, per the standard, implementers are forced to make local decisions about how to convey specific features via ActivityPub because of an intended lack of description.
> In this context, you can claim "supporting ActivityPub" and not being able to interact with any other service also claiming "supporting ActivityPub" just because you made different implementation decisions.
> Another angle: Mastodon implemented ActivityPub for internal communication between Mastodon instances. So they designed their usage of ActivityPub according to their specific usage and features since the standard actually encourages you to do so by leaving parts intentionally vague. However, if any other project wants to communicate with Mastodon instances, they will have to know which specific decisions were made for the intentionally vague parts of the standard because you can't just guess.
> It is different from OStatus where interactions were much more precisely defined, so you actually could rely on the standard definition to implement a single connector that would mostly work with most OStatus services because the vague parts were reduced to a minimum.
So what the hell do I need FB for? I dont need it and i dont see a reason to switch to an other social media platform like friendica or diaspora anymore. But maybe im just getting old :D
It'd be like someone choosing Windows as a server OS: there's a small chance it was a good decision, and a far, far greater probability that it was the result of a toxic engineering & management culture.
The LAMP stack, for all its problems (you're not wrong) is the bog standard and is easy to rent.
If you'd rather use Rails, check out Diaspora: the two systems federate together, anyway.
Because PostgreSQL focuses on correctness & MySQL focuses on performance & ease of use. With a database, I want correctness first, and performance & ease of use second.
Many projects chose MySQL because it was easy to use & somewhat faster, and they didn't realise how broken it was initially. I am sure that many projects failed due to MySQL, and are now lost to history. Choosing MySQL over PostgreSQL betokened the kind of culture which chooses convenience over correctness, which is not the kind of culture I wish to associate myself with.
Over time, MySQL added more & more correctness, and PostgreSQL got faster & faster. As it turned out, PostgreSQL with the right performance flags is faster than MySQL with the right correctness flags.
In the specific case of Uber, it sounds like they're essentially using MySQL as the underlying storage mechanism for a key-value store, and are able to build the mechanisms they need atop it. Also, PostgreSQL less efficient for their usage patterns than MySQL. That makes sense, and seems like a sensible engineering decision. 'Essentially no reason to choose [MySQL] over PostgreSQL' doesn't mean no reason at all.
It's kinda like how sometimes it makes sense to write an inner loop in assembly, but it extraordinarily rarely makes sense to write a word processor in assembly in 2018.
> Friendica runs on PHP with MySQL as a database. If you can run WordPress, you can run Friendica.
This is a problem. I picture the future decentralized systems being a self-contained system that runs on your device (desktop or mobile) as well as servers for more technical people.
To this end the only scripting language that can pull this off is Javascript. Ruby and PHP are not needed or useful in this space.
To anyone that reads this, please take a couple weeks to learn Node (+electron or react-native), Go, or (hardest) Rust.
Anything that ran like this would have to be contanerized anyway, meaning literally any stack would work.
My point is that decentralized networks need to be easy to run by normal people. Go, Rust, Java, C, Swift, etc.. can all be compiled into an app and handed off to a user to run.
I think ease-of-use/access, along with a well thought out federation protocol, will be critical for these networks to replace Facebook/Twitter/etc. As it is now, I can only get my techie friends to try these out.
[0] https://news.ycombinator.com/item?id=16765020