I’m the author, Haven has been my side project for a little while. The core idea is that we should be able to make it easy for anyone to host their own private webpage as an alternative to centralized social media.
A lot of the decentralized community seems to have chosen federated models as the solution to “self-hosting is hard”. I’m trying something different. With core web technologies as the foundation, my mom or my wife’s grandmother can visit my site with any web browser and I’m still able to exclude the rest of the world. For technical people, self-hosting is made easy with a one-line AWS deployment script, and an install script for the Raspberry Pi Zero W. I’d like less-technical people to be able to use this too so I’m exploring providing paid hosting as a service.
I think of Haven as a Facebook-alternative, but probably not a Twitter alternative. I see Facebook as selling itself more as “stay in touch with your friends and family” where Twitter is more about “see what interesting people are saying”. The latter has discovery as a core component. With Haven everything is private so discovery wouldn’t make any sense.
There’s nothing new here in terms of technology--server-side rendered web pages using Ruby on Rails, no javascript frameworks, RSS using HTTP basic auth. But also no analytics libraries or ad-tracking. Pages are lightweight and load really fast. I’ve even provided a limited ability to add custom CSS so you can really make your page your own.
I would love any feedback you want to share. Both from a technical or installation side, feedback on the public webpage, as well as thoughts on communities that might be interested to learn about Haven.
How do you handle RSS using HTTP basic auth? Do RSS feeders have support for basic auth built in, or is that via embedding the username and password in the url?
I embed username and password in the URL; each user gets their own dedicated RSS Url. Support for this among feed readers is admittedly spotty, for example Inoreader requires you to be on a paid plan and Feedly doesn't support it. If there's traction/interest I plan to build a lightweight feed reader right into Haven.
Wow neat! I do something similar with Jekyll for family photos. I have thought a lot about “private social media”. My core requirements sound similar to yours:
- It should be able to easily upload photos and videos from my phone
- everything is link-private, not on Google.
- it has to be very easy for the least tech savvy to view photos/videos. Needs to work on many devices, even old browsers on older PCs out there. Possibly even to the point of printing and mailing people the images.
- photos/videos need to be long-lived, I want to view these 30 years from now
- space for kids to post messages to their family. Family can respond easily
- I own everything and grant no rights to a giant mega Corp
- it should be possible to notify family members via email when new content is posted.
I find it curious why you are supporting such old browsers. Apart from "its cool" is there any market reason for it? Like are there really people out there using netscape 2.0? Or is it a side effect of your minimal technology? But that sounds limiting unnecessarily, you know?
I have read the site and some comments here. First, your site does not explain well what do you mean by private blog which is shared. From the comments I understood that you have to create accounts for people who you want to view some content. I am guessing that would give them either a email/password or some type of secure link. If its the former I would definitely find it tedious, and if its the latter I would like to know how are you securing this link.
Magic links are fairly common (slack does them), although some people have a bad habit of forwarding emails which can be considered a security issue if links work multiple times.
So if you are encouraging people to put there private photos which they want to share, and it seems like your website is claiming some privacy, shouldn't you address that somewhere on the site? Yeah, but first, make it clear that is what will happen. Because honestly, there is no way a non technical person will infer this model from the site.
Can we maybe get an example of a running instance somewhere? There isn't even a screenshot of the UI on the home page, just a bunch of marketing clipart. And that one minute video only shows cropped screenshots.
It would be nice to have some sort of viewership stats. You've come at a brilliant time with a solution like this just as my facebook following is growing but so is my fear that they could delete my account anytime for any arbitrary reason. Twitter just isn't conducive to longform content and not everyone is a pro with threads so this is an idea solution, but seeing how many people liked a post, commented on it etc helps with the feedback loop.
I realise you're doing this primarily for people to share personal content, but there's plenty of people out there that want to share personal thoughts to a large part of the world but just don't want to get censored by FB and your solution could work well for them.
> I realise you're doing this primarily for people to share personal content, but there's plenty of people out there that want to share personal thoughts to a large part of the world but just don't want to get censored by FB and your solution could work well for them.
It's probably worth asking OP what their position on censorship is before suggesting this. It's shocking to me, but many in the tech community are very pro censorship (though they will call it "moderation" since it's not happening to them).
Also if a customer of OP's got big enough and was controversial enough, AWS could threaten their account if they don't terminate that user's pages. So even if OP is a free speech absolutist, it still may not be a solution to the problem of big tech censorship.
Anyone can spin up a website for negligible cost and put in place whatever legal content they so choose. If government interferes with that, then you have a claim to censorship.
Short of that though -- if a private company like Facebook or Twitter declines to host your content, that is entirely their right. It's not a public utility.
Free speech means you can say whatever you like. It doesn't mean you have a right to a platform and an audience.
Censorship is a tough topic. As long as Haven is restricted to private posting, then it should be able to operate with 100% freedom of speech. When you send an email to your friend, you get 100% freedom of speech. Private, access restricted posting should be equivalent.
If I were to explore public posting on Haven, then censorship/moderation becomes an issue. Public posting is outside of the focus I want to have and this would just make it more complicated for Haven so I'm not planning to explore anything that lets you "grow your audience"--I'm focusing on private sharing with your existing community.
My suggestion: add a "circles of trust" feature, where you categorize your users into different levels like: acquaintance, co-worker, friend, family, special friends. Each post would have a simple bullseye icon to select how far in to the circle of trust you must be to see the post.
That was the feature I loved about Google Plus, I used it extensively when the service was growing. But no one else went to it regularly enough. CS Friends, Video Game Friends, RPG Friends, Soccer Buddies, Family, Immediate Family, Colleagues (several for several different jobs). I could easily post things across circles that would appeal to that circle. Vacation photos go to family and some friends, most don't care (or need to see it). My nerdy tabletop RPG posts went to those friends who cared about it. CS/programming topics went to those friends who cared about it.
You just made me realize that this is implemented in Discord but very poorly. I have difficulty deciding where I should post a meme to get it to the people that will like it. Maybe I'm just on too many Discord servers...
Well, the other problem with Discord is that people have to opt-in to the groupings. Circles were publisher driven. If you were in my CS Friends circle, that was just where I categorized you. It was not akin to a FB group or a Discord server. In those, you have to accept some kind of invitation into the grouping, and you're made to communicate with everyone in the group/server. Circles were one way, from me to the circle. For a circle member to publish to all the same people they'd need to be connected to all of them directly in G+ and create an identical circle.
This is the same issue as group messaging in most instant message type systems (including SMS/MMS). It's forcing a full connection between all participants, when really we may only want a fan-out structure.
I haven't used it much (not as many people on it in my social circles) but WhatsApp's broadcast lists are like G+ circles in this regard.
I like the bullseye idea, but aren't circles often venn diagrams? That is, you might not want work posts to go to family, and vice-versa as well. Doesn't fit the bullseye idea naturally.
Yeah - maybe there needs to be a "customize" option for posts that don't fit into the bullseye. I think venn diagrams would be too complex in the interface.
> Basically any restriction on who can see what will kill the feature.
I think that's likely true for social media apps where the product is "free" in that users are the product and advertisers are the customers that fund it. In that business model, your number one goal is to maximize eyeballs.
But Haven doesn't have that business model at all, so it's not clear to me that a way to control who sees what posts would harm success.
By analogy, farmers want to grow as many plants per acre as they possibly can to maximize revenue. The idea of potting their plants individually makes no sense. But if I just want a plant on my windowsill and don't want dirt everywhere, a pot is what I want.
nextdoor pissed me off - when I moved, they sent out a postcard to people I knew telling them of my new address - and I didn't ask them or authorize them to inform people of where I moved - as there were people whom I did not want to know where I lived.
I looked into it a bit more (again, IANAL). Doxxing is a crime, but it varies from state to state and intent (so some aspect of malfeasance) seems to be relevant. There's even a proposal to make it a felony in Michigan.
It was only a failure at what Google wanted it for - displacing Facebook as the dominant social media company. IMO, they failed primarily due to network effects, as in they can't bootstrap without some killer feature to get people to switch over from Facebook. Circles probably didn't help here, since the ultimate effect is to reduce engagement, when they need to maximize it to have a chance of displacing Facebook.
Probably the big risk for this thing is that nobody wants to keep track of separate websites for dozens of individuals, most of whom only post something they can see once a week at most. You need to aggregate all of those updates from dozens of people you know into a single website and build a feed, then you have something that probably always has something the user might find interesting, and all in one place, so they'll actually check it regularly.
I don't believe Google+ let you self-host, or fully control your data, which seems to be the primary value proposition here. Google+ also wasn't open source, so for example, you couldn't see that deleted posts were actually deleted on the server (they likely weren't)
Facebook also had it long before Google+, called friend lists. The UI was not great but it was incredibly useful and I’m super frustrated they have been phasing it out over the years. There are some things I want my super liberal theater friends in San Francisco to see, and some things that are only appropriate for my conservative family and friends from back home in Georgia to see. Some things are appropriate for professional contacts and some things are only appropriate for very close friends who understand my sense of humor. Facebook used to handle all these scenarios beautifully but not so much these days, and as a result I only share things that I’m comfortable everyone seeing, which is a very small percentage of what I might otherwise share.
I think the answer to this is to keep the circles, but don’t make people curate the members of each circle.
Instead, have a system where you can categorize your posts and other people can explicitly opt-in or opt-out to following particular categories.
That way, you can do a series of detailed posts on Orson Welles (say) for interested parties without worrying about whether you’ll bore or scare off the rest of your friends.
I think there’s some unspoken stress about building and maintaining a taxonomy of your relationships. Whether someone is an acquaintance or a friend or a good friend can be fairly dynamic. Being constantly confronted with rearranging people into different “circles” feels a bit like explicitly deciding if people can sit at the cool kids table today or not.
They can be like tagging. In what context do I know Jack?
I met him through church and at work. Maybe we have some other mutual interests.
How do I know Joe?
Coincidentally also through church and work, but we're both programmers (Jack is an engineer with different technical interests), we play soccer together, we enjoy seeing movies in the theater, and we participate in team trivia at restaurants and bars together.
By tagging people (or placing them into circles in the G+ sense), I can select which group to communicate something to based on selecting a tag or set of tags. "Hey soccer peeps, I'm going to take my ball and some cones down to the field at Central Elementary this Saturday if you want to come out and practice with me." directed @soccer_peeps.
Maybe throw a few groups together that aren't fully overlapping in general: @soccer_peeps @trivia_teamsters "Party at my place this Saturday, here's a link to RSVP and sign up to bring something."
I'm not forced to put everyone into a distinct category or circle, but can use loose taggings effectively.
And having set up circles, there is also some unspoken stress in making sure you don’t inadvertently “overshare” a post to a broader circle than you intended.
I think many people creating social content mainly just want to choose between two classifications:
Option 1 is for content that won't offend anyone or tarnish the author's reputation. The audience can include all contacts including coworkers, family, etc. and the author will often use their real name. Example: Facebook.
Option 2 is for risqué content. It could cause issues with employment and other real-life relations. The audience must be carefully controlled, or if not, a pseudonym (that only a carefully controlled audience, if anyone at all, can map to a real name) must be used. Example: Reddit; private group chats.
This seems to cover most scenarios without the overhead/stress of trying to shoehorn all of these boundaries in a single platform/app.
Option 3 is for very personal stuff that you don't want to make public. Many of us put photos of our small children in this category. On a more depressing note, this could also include things like grief that a small group experiences over serious illness or death in the family. Not everything non-public is necessarily risque.
(FWIW I'm working on something in this space. Hoping to have something to share within another month or two...)
Flickr has had this from the beginning. I always appreciated their simple approach to it, similar to what you are suggesting: Private, Family, Friends, Family & Friends, Everyone. There's no guesswork, no 'Friends of Friends' where it becomes opaque who you are sharing with. Your idea having a Venn representation of it makes complete sense.
I don't think it's necessary to require a formal hierarchy. I loved google+ with it's "circles", which were just tags. Whenever you posted, you could choose who to share with. I much preferred that to Facebook.
The only bit of feedback I'll offer at the moment, having not yet seen Haven in action, is regarding the website.
Have a designer give the site a distinctive visual identity, including a logo. Once it's ready, expand that visual identity into the Haven application itself.
At the moment, the site feels a bit generic. That's not meant as a slight; just an observation.
I'm using Rails Devise[1] for user auth, and http basic auth for RSS. RSS Basic auth credentials are always auto-generated, and don't give access to anything other than fetching the RSS feed.
Rails uses the "master key" to let you check in encrypted database credentials. I don't use that but Rails still requires a key for deployment--so I just checked in a key. Rails is really designed for a codebase that matches to a single deployment so this is a bit of a workaround.
Hi OP, I'm glad you're tackling this space. But I am not willing to install social network software until I can see some screenshots of what the UI looks like. I need to know what to expect, and what my users can expect.
Why can't someone simply go to any hosting service (like bluehost) and do a point and click webpress installation on their purchased domain to host their own website. Webpress also has a bunch of add-on modules for authentication. I just don't understand why this post is the top on HN ATM. I imagine there are bunch of more worthwhile posts. Or maybe we are just too obsessed now with big tech etc?
This is like the classic DropBox comment [1]. The activities you describe seem easy to you, but are really hard for the average person. Authentication in Webpress? I imagine that is more than a 10 minute activity.
To be fair, I think setting up a raspberry pi or an AWS instance isn't 'mom friendly' either. Still more friction than Facebook, which this is positioning itself against.
It's more friction on the user's end too. My older relatives stay logged into Facebook. They have no idea what their passwords are, often not even what username / email address they used to sign up. I'm not sure that an approach that requires me to make an account and then send a username / password is going to work for people who needed a 20 minute telephone conversation for help unmuting themselves on a Zoom call.
Why AWS? I want to plug a pi into my cable modem and host it there.
On a related note, We need something like bit torrent for video. Where the chunks would come approximately in order and watchers effectively host a copy for the entire time they are watching. So we can all self host arbitrary length videos to all our friends on that same Rpi.
Unless you have pretty restricted bandwidth, or a huge number of friends, you should be able to do that pretty easily with a basic HTTP server on your pi; no torrents needed.
> I tried using WordPress but it took too many custom plugins and configurations and I still got bombarded by spam signup requests
I understand the Wordpress pain. My solution was to pay Wordpress.com $35/year to give me a hosted Wordpress instance. There is just one switch you need to flip to make the whole thing private. Family members have access through their own usernames.
I had exactly the same idea, and I’ve implemented it for myself but haven’t productised it as yet, and I’m not sure I will. Love the self hosting part, and it’s not that hard but the security part I found problematic.
I used Oauth for signup, which made it easy to share links to galleries via e.g. Facebook and then click through using Facebook login. I also went for a more open model where anyone could log in but I could block people later on if I didn’t want to share. Depending on how sensitive a particular piece of content is, both models would probably better. It seems important to minimise friction as much as possible or people just move on. Come back later when I’ve approved you is not a good model, I found people simply lost interest.
Thanks for putting this out there, I've been thinking about building almost exactly this for myself and my friends. Happy to pay you to host it for us and support development. Looking forward to testing it!
It can be hard for people to self host due to local router settings and what not of course. You should consider an option to auto configure as a Tor onion service so their desktop website is immediately available to all (that use a Tor browser of course). I do this all the time to bust NAT for simple sites. And you get encryption and anonymity mostly for free (performance cost often negligible for these kinds of sites).
Which, to me, sounds pretty great! But at the same time, MySpace lost
It's possible MySpace lost to Facebook in a very different landscape than we have today, as far as people's perception of privacy, and curated feeds, and politics, etc. So maybe your project won't share its fate. Though it might be worth studying its success and failure anyway
Anyway: good luck! I think you've got a clear vision and I'd love to see it succeed
Edit: One question, does a user need a separate account for every site they subscribe to? If so that could be pretty inconvenient. If my family wanted to use this in place of Facebook to stay in touch, that's N^2 user accounts. Not sure what the solution would be (an optional, centralized server purely for authentication and permissions?)
Things have changed. But my close circle of friends get by on a closed slack group. we have channels for work, jokes, music, kid updates, etc. a lot better than FB.
IMO, this is the way to go. With the advances in TLS, I have done expts where you can use HTTP headers and server logs as "email" or short message service like Twitter. The "website" can be nothing but some plain text, or even just a 404. Heck, you can even skip a secure backend web server like djb's httpd and just use haproxy alone with option httpclose and no server directive. You can return the headers sent to the sender to simulate "posting'.
The US is now feeling the effects of having single websites with millions of pages. It was a stupid idea and is damaging to society. Super high scalability should only be for government websites and the like.
Doesn't every open source blog software allow you to self-host? How is your solution superior to the battle-tested Wordpress or dozens of other options?
Haven is about sharing privately with friends and family. There is no option to make your blog public to the world. You get to create an account for anyone you want to have access. When they connect to your site, they use https encryption between their web browser and your server. That means nobody can intercept and read your posts. Since you create accounts for people, there is no place for spammers or internet bots try creating accounts.
If you want a public blog to build a base of followers, or promote a product, or try to profit from your blog—this isn't the right service for you. I suggest you use Wordpress instead.
I fail to see how this is different than a Wordpress private blog.
> Private. Select this option to make your site private. If you want specific people to be able to view it (and add comments, if you’ve enabled them), you’ll need to invite them to be a viewer.
What a perfectly obtuse, technical solution. Is grandma going to solve a captcha in order to sign up on a wordpress blog to view photos of her grandchildren?
Dropbox is "just" a private s3 bucket with s3cmd on a cronjob -- or a million other technical solutions -- but they're a successful business because they nailed the user experience for average joes.
The point of OP's product is that you don't have to cobble together a bunch of hacks to replicate the desired user experience, it's supported out of the box.
Wordpress lets admins create accounts and set passwords for the users as well. One can quite easily disable public signups (to prevent spam) and manually create an account for one's grandma.
For public signups it is a perfectly valid solution to use captcha!
So how do people connect? The good thing about your social media networks such as FB, LinkedIn, IG is that I can meet someone in real life, and then connect digitally. Or I can connect to the people who are important to the people who are important to me (friending my cousin's fiance). Does this provide a similar solution?
Love the idea. We've got kids and try to keep their likenesses off the public / data-slurping internet (Google, FB/WA/Insta, etc) by sending photos to friends and family via Signal.
The downside is that everything's ephemeral. I've long thought there was room for a private network where you can pub/sub to people you care about. Sort of a simple and private Livejournal / Blogger.
FWIW I think the self-hosting bit isn't where the opportunity is. It's in hosted private sharing. One thing I'd do is create landing pages for people who want to share privately and have $$. Parents are the first group that comes to mind.
I wish you success - the world needs what you're doing!
There's value in making private only and anything you post is seen by followers the default case. Mostly when marketing: if I don't ever want to publish publicly a landing page that says this:
> Haven is about sharing privately with friends and family. There is no option to make your blog public to the world. You get to create an account for anyone you want to have access.
Is more compelling than one where grandparents have to register, find my blog, I have to approve them, and for every post I have to set permissions levels.
>We've got kids and try to keep their likenesses off the public / data-slurping internet (Google, FB/WA/Insta, etc) by sending photos to friends and family via Signal.
Yeah, there's loads of these. We used to use BackThen which used to be called something else, got bought by Canon and then sold back to the founders. It's decent enough, but now I just use iCloud shared photo albums as none of the people I share with use Android.
I didn't say that. I said "presumably their privacy policies would be different".
If their service's privacy policy isn't materially different, then I wouldn't trust it. If their service's privacy policy materially restricts how they can use the data in ways that Google's would otherwise allow, then I would put more trust in it.
You're right. This is a trust issue that's difficult to reason about. I'd like to encourage people to self-host as much as possible and I plan to be as open as possible about how I'll do hosting. Paid hosting means the revenue model is clear--there isn't a need to sell data to keep the lights on. I'm also using the same AWS deployment process for paid hosting as I make available in the open source repository--so every Haven gets its own dedicated EC2 instance, with a database installed right on that instance. This makes broad querying of everybody's data much harder.
I think my biggest fear is that that this idea takes off, but some competitor makes a free offering by selling data and including ad targeting and most users don't know the difference.
I don’t think you have anything to fear. The reason people would buy is privacy. If someone gives it away for free they are the product and their privacy is at risk.
Plus the market is enormous. Probably room for a handful of good sized competitors.
Google gives you a lot of things for "free". I trust someone who I pay $9/mo to if they promise to not share my photos. If they share my photos, they'll stop getting my $9/mo.
Legally, the host can include protections for your data including not reselling or sharing your data even in cases of acquisition. If it's in the contract with the host, it's binding both ways.
Third, by allowing audits. There's a cost here and auditors are still human, but they provide outside assurance - especially when their findings are published independently.
well I pay Google to host my photos. You must not have many photos if you can fit them all in Google's free tier, but you could always buy extra storage just to make the revenue model clear and all that.
> long thought there was room for a private network
MyFamily.com was essentially this in the pre Facebook era. IIRC there was a modest annual fee for a private site/feed that let you share posts, photos, and recipes with family members.
Someone has already suggested mastadon, but I think Scuttlebutt is a much better solution for what you want. Totally decentralized, persistent, no need for a hosted server. You can set it up in a few minutes and if you're only using it for your small group there's no need to connect to anyone else.
The problem is that SSB isn’t really private. Anything you share in an offline circle of friends becomes public if any member of the group ever connects to a pub server. There is encrypted messaging, but IIRC last time I tried to use it, the threads maxed out at eight people in the client. There are seven people in my immediate family, so I hit limits very quickly.
You can make your own private network that is cryptographically unable to replicate with other networks (like the main net), but I don't think you should ask close friends and family to edit ~/.ssb/config to add a custom SHS key.
As much as I've loved working on Scuttlebutt, I can't recommend using it for this use-case.
Facebook and Instagram both let you do this, that's how I use them. All my information is private and only shared with my direct followers that I've approved.
What's different about what you envision then that?
I suggest you make a private Telegram group. Everything is synced across all members and devices, photos and videos are stored in full resolution. You can hop into the group's voice chat any time.
This is cool! I did this once for my parents, who were not on Facebook. Since I'm a WordPress guy, that's what I used and simply made the blog private (search engine indexing off) and then hosted it in a sub directory of an existing personal site. No accounts, no bots just a private little website for my folks. It ran it's course (uploading photos was a chore), now we use iMessage and the like to swap and share family photos.
The idea to have something like this is great but I would love to see an implementation that would be done as a single binary with no dependencies (like ruby) and as lightweight as possible.
A private blog for sharing photos is great, but the suggestion it's a Facebook replacement is questionable. People now use Facebook not only for photo sharing/status updates, but buying/selling stuff, communities, and (unfortunately) news. Notifications such as "Friend A commented on Friend B's post" is pretty impossible in this framework, and it's not really possible to recreate this in a world where everyone self-hosts. Projects like diaspora try a decentralized approach as the next best thing.
I would take this to mean a replacement for the "original" Facebook feature set, of sharing personal news, stories and photos with a pre-selected list of friends and family.
Many people (myself included) don't _want_ the newer marketplace / open community aspects of Facebook to be mixed into a platform where they share personal updates. If that means I have to give up 100 likes and comments on every baby/puppy picture I post, that seems like an acceptable trade-off to me. If folks want to comment on any of my updates, they can communicate with me in other channels (e-mail, text, real-life). Not for everyone, but it's definitely a market niche that's under-served right now.
I don't see anything questionable about this. Product A can be a valid replacement for Product B for only a subset of users.
A bike is a perfectly valid replacement for a car for the set of people who only drive a couple of miles to commute to work. It's obviously not a replacement for all users, but that doesn't undermine the valid claim that it is for some.
This seems like a much more polished product, but it seems more targeted as a PaaS for professional content creators. The minimum requirements[0] are pretty high for somebody who just wants to self-host a blog for friends and family:
- Ubuntu server with NodeJS / Ngninx installed
- 1 GB RAM minimum required
- MySQL running somewhere
The PaaS "Everything just works" offering is probably more attractive to the "facebook, but private" market, but for $36 / month I don't get any guaranteed SLA[1] which is worrying.
Those are great feature-rich platforms, but their focus is on public distribution. Configuring them to be private isn't trivial and even then they're much more complex to operate. Haven focuses on privacy and I've tried to make it easier to use, sort of like how Trello got a lot of popularity by being a simpler, easier-to-use alternative to Jira.
From the features, it seems like the focus is on granting different access to different people on a per-post basis.
> There is no option to make your blog public to the world. You get to create an account for anyone you want to have access
...
> If you want a public blog to build a base of followers, or promote a product, or try to profit from your blog—this isn't the right service for you. I suggest you use Wordpress instead.
...there is no facebook replacement. You can't replicate social groups via software. Facebook is not anything special other than most people use it, so the network effects are immense.
You could have the greatest software in the world and it would not be able to replicate fb's markets and groups functionality. Craigslist is the only one that comes close for replicating fb marketplace.
If you want a small private blog, just host a single user mastodon or pleroma instance. That way you're part of the fediverse but maintain control of your own personal instance.
Other platforms have different communities and users. There is absolutely no facebook replacement at this time. Whether or not it'll continue to be used in 10 years is another question. To clarify, I use neither facebook* or twitter.
My point here is that you cannot solve a human and social problem from a technical standpoint. It doesn't matter how good your product is if no one uses it. Mastodon will never be a facebook replacement, etc.
* Aside from marketplace and local buy/sell groups.
>Craigslist is the only one that comes close for replicating fb marketplace.
FB marketplace is an incredibly weak attempt to replicate craigslist and its only advantage is that FB polices its userbase so you are a bit more likely to know who you are dealing with. Nextdoor polices the userbase more.
"and its only advantage is that FB polices its userbase"
I find the biggest advantage is the network effect. In my experience I have found a lot of things through marketplace and fb groups, in addition to craiglist.
Nice work! I setup a private page for sharing baby photos with friends and family too. We only post photos with a small description, so I opted for e-mail as my “api”. The server runs a script periodically and just rebuilds the full “feed” as a single html file based on those mails. It also does some image and video optimization/normalization, but it’s all statically served via nginx.
This is a bloody brilliant idea! I think the privacy aspect, i.e. creating a wall around the content in the way you have done here is what has been the missing piece between other self-hosted blogging/content solutions and this.
On the other hand, if you want to password-protect static sites, you can make the path unguessable and use Link Lock to share a password-protected link to the page. All encryption/decryption is done fully in the browser.
Brilliant idea and nice, honest business model it seems:
Share the code, offer hosted solution for a reasonable price.
The only thing I can't remember seing covered is data export.
I might very well sign up tonight to test it out a bit to put the money where my mouth is (I have been a long time paying customer/supporter of a couple of other projects with kind of similar business models but it might be time to change now soon.)
Data export is important, and it doesn't exist yet. Exporting the users table and the text content of posts/comments will be straightforward, but extracting all the images is going to take a little bit more work.
Ive tried to give family members access to private sites, but do you think they remember their login user/pw? Nope. That is the hard problem. Each person should have a publuc/private key so they don't need usernames/pw.
The problem I have with this is that it makes people create and manage an account. My 90 year old grandmother is not gonna manage that.
I made a little hack for wordpress that lets you run a wordpress blog and have a shared security question that lets people access content. A simple question like "What is the name of the family dog?" or "What is grandpa's nickname?", something like that. Not industrial strength security, but enough to keep it sorta private and out of search.
The nifty part is that with wordpress and Jetpack, people can sign up for posts by email, so every time you post, your friends/family can get an email with the updates. No need to even visit the blog. Perfect for grandma.
Yeah, it would be nice to have some other options besides full-on user accounts. One approach could be to have an expiring token where the post can be shared and accessed for a certain number of days before the token/URL is invalid.
This is a problem. I initially couldn't get my wife's Grandmother to see the site because sending her a password was too complicated. I have since implemented magic links for login. When you create an account for someone you can share a magic link with them or an email/password combination.
Interesting idea, maybe combine it with some fingerprinting? I.e. the first access on the link binds some attributes, and if they change the link expires. Chances are people who need these links are only using one device.
You could set up a magic link that would ask your grandma for her middle name, and all she'd have to type in is Ethel. Then if she forwards the magic link, it wouldn't work for them unless they know her middle name. So like a personalized password with no username. Less secure than username/password but no big deal if it's for a small number of people.
Yeah it's a problem they don't need to have. A few oathy entrances would help. "Login with Google" "Login with facebook" "Login with outlook", etc. If the user's added foo@gmail.com, it's fair to let foo@ to log in with the same identifier.
Cheapest FIDO2 capable USB keys seem to be around 9$. At that point you could theoretically give our family and close friends a physical key to the service for easy authentication.
Some could even reuse the key for other services, assuming they realize that they need a spare for backup.
I had that exact idea last week - answer a question that shows you know me and you are not a bot and then you can access my blog and posted photos, but the surveillance machine can’t.
Sounds good - and looks interesting.
I have two wishes/requests for my use:
- Clear size limits for photo/audio/video content in your hosted solution. And clarify if/how they are backed up. Do I need an additional backup, or can Haven be my backup?
- Different visitor groups. I basically have some videos I only want certain visitors to see. A handful of levels would be fine, I don't need fine-grained control over everything. Maybe this is already possible?
Right now I don't have any size enforcement included in the hosted solution. And individually uploaded object can be up to 25mb (IIRC). If users start blowing out the S3 usage, then I might have to revisit this.
The hosted solution (and the self-hosted on AWS which uses the same deployment methods) automatically backup every night by dropping a database dump on S3. There's some manual work required to restore from the backup but I haven't had any issues with it so far. All the images live on S3 which I'm treating as durable. If you self-host on a Raspberry Pi then you're on your own for doing backups.
I've thought about the different groups feature. I haven't decided if it's one I want to implement. It might be the top of the slippery slope of adding too many features.
I've been thinking about licensing, but haven't settled on a license yet. I might use AGPL, but I want to consult with someone with legal background before making that decision.
I've actually got a Jekyll + Github Pages[0] setup that I've managed to password-protect pretty effectively[1].
Essentially I took my wife's wordpress content, ported it to markdown, and slapped ALL the content inside a directory named used the password hash. So you basically have to know the password to get to the right directory. Is it perfectly secure? I don't know. Does it discourage creeps from looking at pictures of my kids? Yep.
...slapped ALL the content inside a directory named used the password hash. So you basically have to know the password to get to the right directory.
You could attack the site by cracking the password to get the hash, or you could work out a way to make the web server list all the available directories instead. Historically that has always been a very common way to attack servers. You've changed the thing that's protecting the website from password hash to a web server config. It only takes a simple mistake on the part of Github to enable directory listings and everyone will have access.
FWIW I trust that Github won't do that and I think you'll be fine, but as a method of securing something on the web using an obscure directory name is a terrible idea.
Well, for one, "cracking the password" in this case would take an attacker much longer than just going to find some other family's blog to creep on. And there is no entry point for a directory listing (default page is being taken by the password prompt, no other directories are present), but if, for example, GitHub accidentally made my private repository into a public one, it's just a matter of changing a directory name to reset the password.
The content being protected here isn't nuclear launch codes, it's just family pictures/journals--so we don't need rock-solid (and annoying to set up/maintain) security, but just a deterrent much the deadbolt on our house's front door.
One could--but that would be a lot more difficult to work with (if one ever wanted to, e.g., write a new post it becomes out of reach for my wife who isn't a programmer)
All of your content will be publicly accessible in an automated way that requires no understanding of your site if github turns on PROPFIND and there are dozens of reasons (many good) why they would.
If you actually care about the content on that site staying secret you should delete that repo and find a different way to share it.
All the contents of my house are publicly accessible to anyone who wants to break a window--this data is less important than any of that stuff, I just didn't want it sitting out on the curb, so to speak.
Edit: I hadn't thought about WEBDAV being an entry point, though--thanks for pointing that out.
Automated crawling is way different than physically breaking and entering. One is a (legal!) routine process executed by robots and one is a serious crime that requires will, forethought, and physical presence.
Automated crawlers were not the threat I was trying to guard against--it's more the 40 year old creep looking for pictures of kids on people's blogs and being bold enough to leave disgusting comments that I wanted to get away from--problem solved.
236 comments
[ 2.6 ms ] story [ 260 ms ] threadI’m the author, Haven has been my side project for a little while. The core idea is that we should be able to make it easy for anyone to host their own private webpage as an alternative to centralized social media.
A lot of the decentralized community seems to have chosen federated models as the solution to “self-hosting is hard”. I’m trying something different. With core web technologies as the foundation, my mom or my wife’s grandmother can visit my site with any web browser and I’m still able to exclude the rest of the world. For technical people, self-hosting is made easy with a one-line AWS deployment script, and an install script for the Raspberry Pi Zero W. I’d like less-technical people to be able to use this too so I’m exploring providing paid hosting as a service.
I think of Haven as a Facebook-alternative, but probably not a Twitter alternative. I see Facebook as selling itself more as “stay in touch with your friends and family” where Twitter is more about “see what interesting people are saying”. The latter has discovery as a core component. With Haven everything is private so discovery wouldn’t make any sense.
There’s nothing new here in terms of technology--server-side rendered web pages using Ruby on Rails, no javascript frameworks, RSS using HTTP basic auth. But also no analytics libraries or ad-tracking. Pages are lightweight and load really fast. I’ve even provided a limited ability to add custom CSS so you can really make your page your own.
I would love any feedback you want to share. Both from a technical or installation side, feedback on the public webpage, as well as thoughts on communities that might be interested to learn about Haven.
Thank you!
- It should be able to easily upload photos and videos from my phone
- everything is link-private, not on Google.
- it has to be very easy for the least tech savvy to view photos/videos. Needs to work on many devices, even old browsers on older PCs out there. Possibly even to the point of printing and mailing people the images.
- photos/videos need to be long-lived, I want to view these 30 years from now
- space for kids to post messages to their family. Family can respond easily
- I own everything and grant no rights to a giant mega Corp
- it should be possible to notify family members via email when new content is posted.
I don’t have all those, but these are my ideal.
b. i think every browser is worth it, and some of these classics are very nice.
c. it,s not very limiting because html and js allow for progressive enhancement.
i started out wanting to just be accessible. then i saw a cool exhibit at mfa with beige boxes, win95, netscape 3, and older web creations.
i realized it wouldn,t be that hard, i wanted to support nn3 for classic retro reasons.
then i realized that with a few tweaks, i can cover the whole range.
i really want to be able to say, yes, it will work with your device.
i have older ipads i can still use for writing now.
> For these reasons we're offing to host a Haven for you
> Haven is about sharing privately with friends and family. There is no option to make your blog public to the world.
I realise you're doing this primarily for people to share personal content, but there's plenty of people out there that want to share personal thoughts to a large part of the world but just don't want to get censored by FB and your solution could work well for them.
It's probably worth asking OP what their position on censorship is before suggesting this. It's shocking to me, but many in the tech community are very pro censorship (though they will call it "moderation" since it's not happening to them).
Also if a customer of OP's got big enough and was controversial enough, AWS could threaten their account if they don't terminate that user's pages. So even if OP is a free speech absolutist, it still may not be a solution to the problem of big tech censorship.
Short of that though -- if a private company like Facebook or Twitter declines to host your content, that is entirely their right. It's not a public utility.
Free speech means you can say whatever you like. It doesn't mean you have a right to a platform and an audience.
And host it where exactly?
And so my question.
If I were to explore public posting on Haven, then censorship/moderation becomes an issue. Public posting is outside of the focus I want to have and this would just make it more complicated for Haven so I'm not planning to explore anything that lets you "grow your audience"--I'm focusing on private sharing with your existing community.
Have you considered a blog, or even a newsletter?
This is the same issue as group messaging in most instant message type systems (including SMS/MMS). It's forcing a full connection between all participants, when really we may only want a fan-out structure.
I haven't used it much (not as many people on it in my social circles) but WhatsApp's broadcast lists are like G+ circles in this regard.
Who can see this:
Why over-complicate it?You setup your circles for various topics.
Neat idea. Complete failure.
I’ve set up social interactions for major companies. Basically any restriction on who can see what will kill the feature.
I think that's likely true for social media apps where the product is "free" in that users are the product and advertisers are the customers that fund it. In that business model, your number one goal is to maximize eyeballs.
But Haven doesn't have that business model at all, so it's not clear to me that a way to control who sees what posts would harm success.
By analogy, farmers want to grow as many plants per acre as they possibly can to maximize revenue. The idea of potting their plants individually makes no sense. But if I just want a plant on my windowsill and don't want dirt everywhere, a pot is what I want.
Any talk of tech people and farmers seems to always change to pot.
That seriously pissed me off.
https://www.michigancapitolconfidential.com/doxxing-that-cau...
Probably the big risk for this thing is that nobody wants to keep track of separate websites for dozens of individuals, most of whom only post something they can see once a week at most. You need to aggregate all of those updates from dozens of people you know into a single website and build a feed, then you have something that probably always has something the user might find interesting, and all in one place, so they'll actually check it regularly.
Instead, have a system where you can categorize your posts and other people can explicitly opt-in or opt-out to following particular categories.
That way, you can do a series of detailed posts on Orson Welles (say) for interested parties without worrying about whether you’ll bore or scare off the rest of your friends.
I met him through church and at work. Maybe we have some other mutual interests.
How do I know Joe?
Coincidentally also through church and work, but we're both programmers (Jack is an engineer with different technical interests), we play soccer together, we enjoy seeing movies in the theater, and we participate in team trivia at restaurants and bars together.
By tagging people (or placing them into circles in the G+ sense), I can select which group to communicate something to based on selecting a tag or set of tags. "Hey soccer peeps, I'm going to take my ball and some cones down to the field at Central Elementary this Saturday if you want to come out and practice with me." directed @soccer_peeps.
Maybe throw a few groups together that aren't fully overlapping in general: @soccer_peeps @trivia_teamsters "Party at my place this Saturday, here's a link to RSVP and sign up to bring something."
I'm not forced to put everyone into a distinct category or circle, but can use loose taggings effectively.
Separate icons on ones launcher go a long way toward maintaining intent.
Option 1 is for content that won't offend anyone or tarnish the author's reputation. The audience can include all contacts including coworkers, family, etc. and the author will often use their real name. Example: Facebook.
Option 2 is for risqué content. It could cause issues with employment and other real-life relations. The audience must be carefully controlled, or if not, a pseudonym (that only a carefully controlled audience, if anyone at all, can map to a real name) must be used. Example: Reddit; private group chats.
This seems to cover most scenarios without the overhead/stress of trying to shoehorn all of these boundaries in a single platform/app.
Option 3 is for very personal stuff that you don't want to make public. Many of us put photos of our small children in this category. On a more depressing note, this could also include things like grief that a small group experiences over serious illness or death in the family. Not everything non-public is necessarily risque.
(FWIW I'm working on something in this space. Hoping to have something to share within another month or two...)
You could use some combination of the two sets of controls to provide pretty granular privacy control over all sorts of things.
Have a designer give the site a distinctive visual identity, including a logo. Once it's ready, expand that visual identity into the Haven application itself.
At the moment, the site feels a bit generic. That's not meant as a slight; just an observation.
Also the author checked in a credentials and a master key to github
Rails uses the "master key" to let you check in encrypted database credentials. I don't use that but Rails still requires a key for deployment--so I just checked in a key. Rails is really designed for a codebase that matches to a single deployment so this is a bit of a workaround.
[1] https://github.com/heartcombo/devise
It's safe to bet that someone will deploy this and use that master key instead of generating their own.
[1] https://news.ycombinator.com/item?id=8863
"If running it yourself is too daunting, we can host it for you on your own dedicated virtual server for as little as $5 per month."
On a related note, We need something like bit torrent for video. Where the chunks would come approximately in order and watchers effectively host a copy for the entire time they are watching. So we can all self host arbitrary length videos to all our friends on that same Rpi.
I understand the Wordpress pain. My solution was to pay Wordpress.com $35/year to give me a hosted Wordpress instance. There is just one switch you need to flip to make the whole thing private. Family members have access through their own usernames.
I used Oauth for signup, which made it easy to share links to galleries via e.g. Facebook and then click through using Facebook login. I also went for a more open model where anyone could log in but I could block people later on if I didn’t want to share. Depending on how sensitive a particular piece of content is, both models would probably better. It seems important to minimise friction as much as possible or people just move on. Come back later when I’ve approved you is not a good model, I found people simply lost interest.
> Twitter is more about “see what interesting people are saying”.
Which, to me, sounds pretty great! But at the same time, MySpace lost
It's possible MySpace lost to Facebook in a very different landscape than we have today, as far as people's perception of privacy, and curated feeds, and politics, etc. So maybe your project won't share its fate. Though it might be worth studying its success and failure anyway
Anyway: good luck! I think you've got a clear vision and I'd love to see it succeed
Edit: One question, does a user need a separate account for every site they subscribe to? If so that could be pretty inconvenient. If my family wanted to use this in place of Facebook to stay in touch, that's N^2 user accounts. Not sure what the solution would be (an optional, centralized server purely for authentication and permissions?)
The US is now feeling the effects of having single websites with millions of pages. It was a stupid idea and is damaging to society. Super high scalability should only be for government websites and the like.
Haven is about sharing privately with friends and family. There is no option to make your blog public to the world. You get to create an account for anyone you want to have access. When they connect to your site, they use https encryption between their web browser and your server. That means nobody can intercept and read your posts. Since you create accounts for people, there is no place for spammers or internet bots try creating accounts.
If you want a public blog to build a base of followers, or promote a product, or try to profit from your blog—this isn't the right service for you. I suggest you use Wordpress instead.
> Private. Select this option to make your site private. If you want specific people to be able to view it (and add comments, if you’ve enabled them), you’ll need to invite them to be a viewer.
> I tried using WordPress but it took too many custom plugins and configurations and I still got bombarded by spam signup requests.
One could reduce that amount of spam signup requests that one gets by simplying adding a captca such as recaptcha[0] or hcaptcha[1]
[0]: https://www.google.com/recaptcha
[1]: https://www.hcaptcha.com
Dropbox is "just" a private s3 bucket with s3cmd on a cronjob -- or a million other technical solutions -- but they're a successful business because they nailed the user experience for average joes.
The point of OP's product is that you don't have to cobble together a bunch of hacks to replicate the desired user experience, it's supported out of the box.
For public signups it is a perfectly valid solution to use captcha!
The downside is that everything's ephemeral. I've long thought there was room for a private network where you can pub/sub to people you care about. Sort of a simple and private Livejournal / Blogger.
FWIW I think the self-hosting bit isn't where the opportunity is. It's in hosted private sharing. One thing I'd do is create landing pages for people who want to share privately and have $$. Parents are the first group that comes to mind.
I wish you success - the world needs what you're doing!
> Haven is about sharing privately with friends and family. There is no option to make your blog public to the world. You get to create an account for anyone you want to have access.
Is more compelling than one where grandparents have to register, find my blog, I have to approve them, and for every post I have to set permissions levels.
We use Tinybeans for this
You're still giving photos to someone else with a pinky swear they won't do share them further.
Google doesn't give you a pinky-swear that they won't do anything further with the images.
If their service's privacy policy isn't materially different, then I wouldn't trust it. If their service's privacy policy materially restricts how they can use the data in ways that Google's would otherwise allow, then I would put more trust in it.
I think my biggest fear is that that this idea takes off, but some competitor makes a free offering by selling data and including ad targeting and most users don't know the difference.
Plus the market is enormous. Probably room for a handful of good sized competitors.
Google gives you a lot of things for "free". I trust someone who I pay $9/mo to if they promise to not share my photos. If they share my photos, they'll stop getting my $9/mo.
Legally, the host can include protections for your data including not reselling or sharing your data even in cases of acquisition. If it's in the contract with the host, it's binding both ways.
Third, by allowing audits. There's a cost here and auditors are still human, but they provide outside assurance - especially when their findings are published independently.
[1] https://www.theverge.com/2020/11/11/21559930/google-train-ai...
MyFamily.com was essentially this in the pre Facebook era. IIRC there was a modest annual fee for a private site/feed that let you share posts, photos, and recipes with family members.
As much as I've loved working on Scuttlebutt, I can't recommend using it for this use-case.
It's pricy at $40 per year, but seems to hit all the marks.
What's different about what you envision then that?
It's also federated, so people not using your instance can still interact from where they are
Seems like perl is not having a good day there.
Download, run, configure something and use it.
If it supported ActivityPub and perhaps WebMention, this would be possible, and across any social network.
Many people (myself included) don't _want_ the newer marketplace / open community aspects of Facebook to be mixed into a platform where they share personal updates. If that means I have to give up 100 likes and comments on every baby/puppy picture I post, that seems like an acceptable trade-off to me. If folks want to comment on any of my updates, they can communicate with me in other channels (e-mail, text, real-life). Not for everyone, but it's definitely a market niche that's under-served right now.
A bike is a perfectly valid replacement for a car for the set of people who only drive a couple of miles to commute to work. It's obviously not a replacement for all users, but that doesn't undermine the valid claim that it is for some.
- Ubuntu server with NodeJS / Ngninx installed
- 1 GB RAM minimum required
- MySQL running somewhere
The PaaS "Everything just works" offering is probably more attractive to the "facebook, but private" market, but for $36 / month I don't get any guaranteed SLA[1] which is worrying.
[0] https://ghost.org/docs/install/ubuntu/ [1] https://ghost.org/pricing/
> There is no option to make your blog public to the world. You get to create an account for anyone you want to have access
...
> If you want a public blog to build a base of followers, or promote a product, or try to profit from your blog—this isn't the right service for you. I suggest you use Wordpress instead.
You could have the greatest software in the world and it would not be able to replicate fb's markets and groups functionality. Craigslist is the only one that comes close for replicating fb marketplace.
If you want a small private blog, just host a single user mastodon or pleroma instance. That way you're part of the fediverse but maintain control of your own personal instance.
Facebook itself probably doesn't believe this.
My point here is that you cannot solve a human and social problem from a technical standpoint. It doesn't matter how good your product is if no one uses it. Mastodon will never be a facebook replacement, etc.
* Aside from marketplace and local buy/sell groups.
FB marketplace is an incredibly weak attempt to replicate craigslist and its only advantage is that FB polices its userbase so you are a bit more likely to know who you are dealing with. Nextdoor polices the userbase more.
I find the biggest advantage is the network effect. In my experience I have found a lot of things through marketplace and fb groups, in addition to craiglist.
Needs of most family are pretty basic. and not this complicated.
My wife is using it for a group she was running on facebook and loves it.
As for Haven: the more the merrier. Nice work building something!
How is that possible? Sorry I'm just suspicious of anything that smells like a social network and there's no cost.
[Edit] I just went to the Apple App store page and there's a cost for a variety of features.
A very elegant solution.
https://jstrieb.github.io/link-lock/
(Disclaimer: I made Link Lock)
Share the code, offer hosted solution for a reasonable price.
The only thing I can't remember seing covered is data export.
I might very well sign up tonight to test it out a bit to put the money where my mouth is (I have been a long time paying customer/supporter of a couple of other projects with kind of similar business models but it might be time to change now soon.)
Data export is important, and it doesn't exist yet. Exporting the users table and the text content of posts/comments will be straightforward, but extracting all the images is going to take a little bit more work.
I made a little hack for wordpress that lets you run a wordpress blog and have a shared security question that lets people access content. A simple question like "What is the name of the family dog?" or "What is grandpa's nickname?", something like that. Not industrial strength security, but enough to keep it sorta private and out of search.
The nifty part is that with wordpress and Jetpack, people can sign up for posts by email, so every time you post, your friends/family can get an email with the updates. No need to even visit the blog. Perfect for grandma.
Here's the two files that make it work, in case anyone is interested: https://gist.github.com/justinph/f0fb937d1ee418a45bfb85e91e4...
Some could even reuse the key for other services, assuming they realize that they need a spare for backup.
- Clear size limits for photo/audio/video content in your hosted solution. And clarify if/how they are backed up. Do I need an additional backup, or can Haven be my backup?
- Different visitor groups. I basically have some videos I only want certain visitors to see. A handful of levels would be fine, I don't need fine-grained control over everything. Maybe this is already possible?
The hosted solution (and the self-hosted on AWS which uses the same deployment methods) automatically backup every night by dropping a database dump on S3. There's some manual work required to restore from the backup but I haven't had any issues with it so far. All the images live on S3 which I'm treating as durable. If you self-host on a Raspberry Pi then you're on your own for doing backups.
I've thought about the different groups feature. I haven't decided if it's one I want to implement. It might be the top of the slippery slope of adding too many features.
Where you thinking of sharing your code under an MIT license similar to Rails or something else?
I looked for a LICENSE file, but didn't find one: https://docs.github.com/en/github/building-a-strong-communit...
Essentially I took my wife's wordpress content, ported it to markdown, and slapped ALL the content inside a directory named used the password hash. So you basically have to know the password to get to the right directory. Is it perfectly secure? I don't know. Does it discourage creeps from looking at pictures of my kids? Yep.
[0]: https://dsheldon.com/technology/github%20pages/jekyll/2019/0...
[1]: https://faithfullyinfertile.com/
You could attack the site by cracking the password to get the hash, or you could work out a way to make the web server list all the available directories instead. Historically that has always been a very common way to attack servers. You've changed the thing that's protecting the website from password hash to a web server config. It only takes a simple mistake on the part of Github to enable directory listings and everyone will have access.
FWIW I trust that Github won't do that and I think you'll be fine, but as a method of securing something on the web using an obscure directory name is a terrible idea.
The content being protected here isn't nuclear launch codes, it's just family pictures/journals--so we don't need rock-solid (and annoying to set up/maintain) security, but just a deterrent much the deadbolt on our house's front door.
If you actually care about the content on that site staying secret you should delete that repo and find a different way to share it.
Edit: I hadn't thought about WEBDAV being an entry point, though--thanks for pointing that out.
https://www.remarkbox.com/remarkbox-is-now-pay-what-you-can....
It's a hosted comment system which works anywhere HTML is supported.