[Freedombox-discuss] Friendica Red
On 19.09.2012 04:38, Russell Edwards wrote:
> You keep the logs of what happens on /your/ site. But every time you
> comment in a context hosted on another node (wall-to-wall, community,
> "private" messages etc.), you must consider, where will this be
Obviously, I can control what happens on my own server but I have no
control over what other people do with theirs. That's always going to
be potentially an issue with any system, and the only solution is to
choose your friends carefully, and remove any who seem to have been
inactive or who have moved their accounts.
> We can't necessarily trust personal
> home-hosted nodes, either, but at least they a) generally have
> legal privacy protection and b) individually represent low-value
> targets for snooping.
I don't know about the Facebook connector, since I don't use it myself,
but the main point is that use of home servers spoils the dragnet
surveillance business model by rendering it uneconomical. An adversary
intent on the bulk collection of dossiers/timelines for commercial
and/or political gain would have to compromise each box separately,
whereas with a centralized Facebook-like system it's just a matter of
someone at the company running an SQL query.
> But as long as you are communicating with others who are on a handful
> of centralised servers along with hoards of others (high value target
> with no privacy protection), then that's not true. And unless public
> servers are banned or designed out of the system (for example by
> incorporating the server within the client - p2p) their usage and
> concentration will surely only expand if/when Friendica's mainstream
> take-up expands. There is virtually nothing stopping it becoming
> another Facebook.
Friendica in its current form is unlikely to become another Facebook in
terms of centralization. It was written for federation, and I don't
think it scales very well. Red perhaps might be though.
> Users didn't jump on a 100% centralised commercial
> service because they had no alternative. They did it because it was
> convenient and easy and everyone else was on it. There is no reason
> why they wouldn't do the same thing with public Friendica servers,
> because the payoff for /not/ doing this is insufficient: even if you
> avoid public server for your own wall, owing to the fact that other
> people are using them, your privacy is still compromised. So why
> bother? (Or, for that matter, why even bother switching from Facebook
> to Friendica?) It's a tragedy of the commons scenario caused by
> design and policy.
This is fairly easily resolved. Under Admin/Site (only available to
the node administrator) enter some allowed friend domains if you want to
restrict friends to a whitelist of known nodes, check "block public" to
ensure that public posts are only viewable if users are logged in, check
"private posts by default" and "only allow Friendica contacts".