
Hubzilla: Build a community of connected websites - buovjaga
http://hubzilla.org/
======
pjc50
Somehow this reminds me of the "webring" era of the internet, before search
engines and social networking the best way to find more websites was to start
from one you knew and look at the "ring" it belonged to.

~~~
Schiphol
The "community of websites" idea is perhaps misleading that way. Websites in
this context are, pretty much, analogous to your Twitter or Facebook page.

------
jeena
I had a quick look but can't see what Hubzilla does different from Tent and
Diaspora who also shipped their own open source software/protocol which was
not compatible with anything else out there. I'd like to believe otherwise but
for now it seems to me like just another bulet point on
[http://indiewebcamp.com/monoculture](http://indiewebcamp.com/monoculture)

~~~
detaro
Problem of course is that _everything_ is kind of a mono culture at first.
Tent.io at least had multiple projects working on implementations, but never
seemed extremely active to me.

EDIT: that said, thank you for the indiewebcamp link, there are some very
interesting things and ideas there! You might want to submit that to HN if it
hasn't seen a big discussion already.

~~~
pmlnr
It was posted 3 and then 1 year(s) ago; no discussion so far.

------
hmans
Spending two years with IndieWeb convinced me that people generally are not
interested in sustainable solutions as long as centralized services make it
more convenient to post cat pictures. (Also see: Slack vs. IRC)

~~~
EGreg
IndieWeb seems to still be active. Is it just a community of people making
communities? Or what?

Anyway, the big fatal flaw in all this is that the technology isn't the only
thing. You need adoption. You need a social network with at least a million
people on it already. Then you can deploy it to various networks as open
source.

You need something for social the way Wordpress is for blogs. Not totally peer
to peer distributed. But something that an organization installs locally.

Hubzilla says all the right stuff but how many users do they have?

We have 300,000 at the moment.
[http://platform.qbix.com](http://platform.qbix.com)

~~~
jeena
Just FYI,there are plugins for your wordpress installation to connect to the
rest of the social indieweb community
[https://wordpress.org/plugins/indieweb/](https://wordpress.org/plugins/indieweb/)

------
buovjaga
Formerly known as RedMatrix.

The lead developer is the creator of Friendica, which is still kicking:
[http://friendica.com/](http://friendica.com/)

[https://en.wikipedia.org/wiki/Friendica](https://en.wikipedia.org/wiki/Friendica)

~~~
Animats
"Friendica is what Diaspora should have been."

Federated social networks are technically interesting, but somebody has to
figure out some way to get a user base. It's encouraging to see that Frendica
has a few more sites than it did six months ago.[1] But 28 sites isn't many.
Especially since many of them seem to be down.

I registered for Friendica.eu, which appears to be one of the larger servers.
There are a total of 80 people and groups. Response time for any request is
5-10 seconds. (Behind the scenes, it's PHP.) There's an IRC server, but nobody
is on the #friendica channel. Overall, it feels like using a BBS system from
the 1980s.

There's already spam. "Natrol Fat Intercept Tablets, Green Coffee Bean with
Raspberry Ketones…" "Galaxy Phone..."

I'd like to see someone replace Facebook with a federated system, but it
doesn't look like Friendica can do it.

[1] [http://dir.friendica.com/siteinfo](http://dir.friendica.com/siteinfo)

~~~
eterm
I think you've hit the nail on the head with the spam comment.

In a federated system, it is up to everyone to protect themselves against
spam.

We put up with it for email, because in the most part it pre-dated other
solutions. I don't think people will put up with it for social networking.

~~~
icebraining
Closed social networks have plenty of spam. I'd say the main difference is
that on email, you get messages from everyone, whereas in most social
networks, you need to voluntarily subscribe to someone's feed to get their
messages; that alone massively cuts down on the efficiency of spam.

~~~
pjc50
All social networks need an "introduction" system of some sort so people can
find you, and some of those introductions will be spam. For example, on
twitter there are fake accounts that will follow you in the hope of getting
you to look at their spam profile.

------
diggan
Hm, this kind of things always seems to tackle the problem in the wrong way.
Instead of aiming for decentralized, why is no one building a completely
distributed solution instead?

The only work being done I can think of, that is still active is IPFS today,
that at least is trying to build a distributed technology, that services like
this could be build on top of.

~~~
pmlnr
Indieweb does, see
[http://indiewebcamp.com/webmention](http://indiewebcamp.com/webmention)

------
tachion
Damn that name! Now I have to rename my software for automatically translating
GitHub pull requests into Bugzilla bugs ;)

------
nbadg
As a disclaimer, I'm working on a competing(ish) protocol called Muse.[1]

Unfortunately the documentation for the federated social projects I'm aware of
is always severely lacking (believe me, my own included). It makes some key
points very difficult to understand. With that caveat aside, this is what I
_think_ I understand about the general system architecture of Diaspora,
Hubzilla, and Tent:

* Everyone runs their own server. Data on the server is plaintext at rest, but encrypted in transit.

* The protocol (only text-based?) governs communications between servers. It describes the kind of things you would expect social websites to need to do: make comments, have profiles, etc. Examples of protocol outputs: Tent[2], Hubzilla[3], Diaspora[4]

* Internally, the servers deal with privacy, sharing, etc. Your personal server and their code together determine what data is acquired, stored, shared, etc.

If this mischaracterizes any of the above protocols, I would be really
grateful for corrections. It's to everyone's benefit to understand the high-
level technical details of these projects. However, the system architecture
described above is not, in my mind, a tenable approach to distributable social
applications. Simply put, this kind of "private server as my digital avatar"
\+ "protocol so avatars can talk" paradigm completely misses the appropriate
choice of abstractions and division of concerns for social applications.

First and foremost, this is still yet another example of "privacy by promise".
It just so happens that the promise is given to you by the servers of whomever
you're sharing with. But then, as data is decrypted at rest, you must also
trust their coding ability, their deployment ability, their... this gets very
messy, very quickly. The security footprint for implementing these protocols
is immense.

Secondly, this approach focuses on one specific use case: websites. The vast
majority of publicly-networked applications will, at some point, have a need
to perform identity, sharing, or content management. However, they may not
necessarily have anything to do with text: for example, a distributed sensor
network might communicate only using binary messages, but that doesn't make it
any less social. Since bytes are the more basic unit, any general-purpose
social protocol should therefore support them natively.

A much more robust approach is to address the "social protocol" at a much
lower level: to provide only the bare minimum that any social application will
need, giving transport-layer bytestreams cryptographically-enforced privacy
with many-to-many capability. Only then can you escape requiring everyone to
operate their own web service, which is, I firmly believe, an unrealistic
goal.

[1] [https://github.com/Muterra/doc-muse](https://github.com/Muterra/doc-muse)

[2]
[https://raw.githubusercontent.com/tent/tent.io/master/source...](https://raw.githubusercontent.com/tent/tent.io/master/source/docs/api_examples.json)

[3]
[https://github.com/bartekrutkowski/hubzilla/blob/master/exam...](https://github.com/bartekrutkowski/hubzilla/blob/master/examples/request_dump_example.json)

[4]
[https://wiki.diasporafoundation.org/Federation_protocol_over...](https://wiki.diasporafoundation.org/Federation_protocol_overview)

------
me_bx
Author(s) would really gain some credibility by adding information about their
identity inside the hubzilla website.

I first wondered whether this was a mozilla project, then looked for a name,
thing is visible. Why should I trust them then...

