[Freedombox-discuss] Friendica Red
On 2012-09-19 08:25, Bob Mottram wrote:
> I've been running Friendica on a plug server now
> for two years with very few issues - even on the cutting edge
> repository version rather than the stable versions. It does the job,
> and I keep the logs.
You keep the logs of what happens on /your/ site. But every time you
comment in a context hosted on another node (wall-to-wall, community,
"private" messages etc.), you must consider, where will this be stored?
On someone's shared hosting account where the hosting provider is
required by law to keep all logs and hand them over to government upon
demand? On a node that is making commercial use of your data? Both?
(Red's solution to the latter is to make the user the customer, but
surely that doesn't stop the commercial host from making the user the
product at the same time.) We can't necessarily trust personal
home-hosted nodes, either, but at least they a) generally have greater
legal privacy protection and b) individually represent low-value targets
> IMHO the most practical approach is going to be the fully
> decentralized/federated personal home server scenario. I'm an
> existence proof that it can work, and that you can run your own
> network system for extended periods of time and keep the logs
But as long as you are communicating with others who are on a handful
of centralised servers along with hoards of others (high value target
with no privacy protection), then that's not true. And unless public
servers are banned or designed out of the system (for example by
incorporating the server within the client - p2p) their usage and
concentration will surely only expand if/when Friendica's mainstream
take-up expands. There is virtually nothing stopping it becoming another
Facebook. Users didn't jump on a 100% centralised commercial service
because they had no alternative. They did it because it was convenient
and easy and everyone else was on it. There is no reason why they
wouldn't do the same thing with public Friendica servers, because the
payoff for /not/ doing this is insufficient: even if you avoid public
server for your own wall, owing to the fact that other people are using
them, your privacy is still compromised. So why bother? (Or, for that
matter, why even bother switching from Facebook to Friendica?) It's a
tragedy of the commons scenario caused by faulty design and policy.
(I would also like to know how one user's use of Facebook connectors
affects the privacy of other users - similar considerations might apply
> The barrier to entry with regard to setting up a
> server is still too high. It's still not completely plug and play,
> though hopefully Freedombox will fix that.
Yes it will - so there is no need for adopting a compromised system.
Once it's compromised with public nodes, no amount of wishful thinking
will make them go away, for the reasons outlined above. Better to start
with an uncompromising system from the outset. Yes there is a bigger
hurdle for users, perhaps even when they are on a FreedomBox, but there
is also the incentive of an immediate payoff with real privacy that
Friendica cannot offer.
> On 18.09.2012 22:48, Russell Edwards wrote:
>> I would rather see FreedomBox come out with no social networking
>> an imperfect solution.
> I think that's not a very pragmatic approach to technology. If you
> wait for a system to be perfect before using it then you will be
> waiting indefinitely. Systems don't improve by magic. They need
> users, user feedback and bug reports.
For software that just needs bugfixing, fine. But what's needed here is
a fundamental shift in policy and/or design. Ban public nodes or design
a system that doesn't use them. The former is not within the influence
of the FreedomBox project. The latter means adopting or creating
something other than Friendica.