
Tent v0.1 - sgwil
http://tent.io/blog/tent-v01
======
whalesalad
Decentralizing things like this is never _ever_ going to work. In terms of
running it... my mom/sister/dad/cousin are not going to host this themselves.
They might depend on me to do it, but even I'm not going to run a
decentralized social network myself. There's too much liability involved. Not
to mention, it's a pain in the ass.

I want to hack and work on my own ideas. That's why I trust my mail hosting to
Google. Sure, they read all my emails and analyze me for marketing. That's a
small price to pay though. I get a rad web client, Apple Mail + iPhone
support, and never need to worry about my email server. Anyone remember
qmailrocks.org? I used to sit for hours messing with and playing with qMail
back in the day. I've done it. I've hosteed mail servers for friends and
family. What a pain in the fucking ass!

Same for hosting. I _love_ configuring infrastructure. I taught myself
HAProxy, load balancing, nginx, and clustering years ago when people were
still using mod_python. I built a FreeBSD box for fun with old parts an an old
SSD the other weekend. I have quite a few linodes running right now. But it's
also a pain in the ass. Because of that, I also enjoy pushing my personal site
to Heroku and not worrying about it ever again. git push, boom done.

A lot of people take things like Facebook for granted. We all bitch and moan
about all kinds of issues it has or features it lacks, but it's a gargantuous
network that virtually everyone that I know or care to talk to is on it. My
family and friends back home in LA where I grew up, my new friends in Sweden
that I met while abroad recently. It's got a handy mobile app (that was
luckily redeveloped recently) and best of all it's 100% free.

This decentralized stuff is nonsense. There's too many layers of crap. Even if
there was a one-click-deploy social network for people where all they needed
to do was rent a server somewhere... someone is still running that server and
you need to worry about them snooping your data or whatever else the
neckbeards are worried about.

Remember Diaspora? Hah.

~~~
mej10
You say decentralized services never work, and then give an example of the
most successful one: email.

I don't know why you are assuming that everyone will have to run their own.

Also, it seems very cynical/naive to think that just because such systems
aren't currently working/won't currently work with given social structures,
that this will always be the case. Do you disagree?

~~~
wdewind
Email essentially IS centralized at DNS. Any decentralized social network has
to solve the lookup problem: how do I find people. None really do this in a
way that's going to make it fundamentally different than what we have now.

I can't help feeling that the natural outcome of decentralized social
networking is that people eventually start hosting them for mom and dad, then
a few friends, then start companies, then we are back to facebook. Someone,
somewhere is going to have to have a database of names mapped to servers.

Centralization is, in an abstract way, present in so many of our social
structures, that yes, I disagree that within a capitalist economic structure
(one which is optimized for sharing of services rather than individualism, ie:
non-technical users simply wont do this unless the work is done for them, like
facebook did) it would be next to impossible for something like this to work.

People quite simply don't want to deal with this shit, and centralization
brings efficiency and management amongst many other things.

~~~
jackalope
Email is a decentralized service and the task of discovery is solved with DNS.
If you have an address, jackalope@example.com, you can find out where to send
the message if it is explicitly set (MX record) or not (A record). I don't see
why you can't do the same with a decentralized social network.

~~~
wdewind
And who runs the DNS servers?

~~~
marshray
The most popular ones are run by IANA, ICANN, and Verisign.

But nothing stops most of us in the free world from choosing an alternative
root system. Other than the support cost of a minor config change in our OS or
application software.

------
joshaidan
Tentd seems to be based on Ruby and Rack. Since it's based on Rack, I'm
assuming then that it operates over HTTP. Which leads me to my current
frustration...

Why does everything have to be built on top of HTTP? Sure, I know you're going
to say, because it works, and works well that's why.

But think about it. The reason why we have all these centralized services in
large part is because of HTTP. HTTP has made it really easy for someone to
build a centralized service, or application, like Facebook or Twitter. Before
the days of HTTP, if I wanted to build a service, I probably would invent a
protocol like Telnet, Gopher, SMTP, IRC etc., which is often naturally
decentralized, instead of programming a web application.

Perhaps if we want more decentralized services, we should focus on frameworks
that make it easier to construct TCP/UDP based protocols.

Just a thought.

~~~
tptacek
Very few people will be able to use non-HTTP protocols from their company
networks. A significant number of home users behind NAT won't be able to use
them without configuration steps that normal users simply won't make.

To that add the fact that there's actually minimal benefit for most protocols
to using something other than HTTP. Obviously there are protocols that are
much better run over something other than HTTP, but most protocols, probably
including Tent, aren't like that.

<http://cr.yp.to/sarcasm/modest-proposal.txt>

~~~
guelo
Corporate networks are followers when it comes to social software. If a
protocol becomes very popular among users eventually corporations will give in
and make it available. Companies used to block HTTP also.

~~~
tptacek
That has absolutely not been my experience in the last 8-9 years of doing
onsite engagements for corporations. You can usually count on HTTPS getting
through unmolested. Usually.

~~~
guelo
I meant back in the 90s. I worked at a couple of companies that saw no reason
to give their users access to the internet which was seen as a time waster. I
haven't come across that attitude in a very long time, even though there's
probably more time wasted now than ever.

~~~
tptacek
Sorry, message board fail. I was saying that you're lucky if you can get web
traffic through corporate firewalls unmolested. You can only rarely get
anything else out, and virtually never get anything _in_.

------
ghayes
I find the copy on the website to be rather vague or off-topic.

From the homepage:

    
    
      Tent is open, decentralized, and built for the future. Tent changes everything.
    
      Tent allows every user to run their own server, but like email and the web, most
      users will use a hosting service to handle it.
    

and the blog:

    
    
      The documentation for Tent version 0.1 is now available along with a reference
      server, tentd.
    

From halfway down the homepage:

    
    
      What is Tent?
      Tent is a protocol for open, decentralized social networking.
    

I understand that the creators are busy building the product, but some
marketing can really help create an excited community.

Is this project like Diaspora? How is this different from the competition. I'm
excited to hear how this is unique and to see where the project goes.

~~~
streptomycin
The "Lifecycle of a post" section on the homepage is a pretty straightforward
description of how it works. But I would also be interested in comparisons not
only to Diaspora, but also to Statusnet.

~~~
jeremyjh
There is little to compare. Tent is a protocol. Applications need to be built
to use it. Diaspora is an application with an unspecced, intertwined
federation protocol.

~~~
streptomycin
And Statusnet? And other distributed federated social networking protocols?

~~~
riffic
statusnet is software, not a protocol. the protocol is ostatus.

------
driverdan
How do we handle errors?

(I posted this as a reply to someone else but it deserves its own comment.)

The docs don't include any specs for handling push errors. If I push a new
status and one of my followers' servers is down what do I do? Do I retry
later? Do I continue to try pushing future updates? At what point do I stop
trying to send updates to their missing/broken server?

If my server goes down how do I handle missed updates? Do I need to query
everyone I follow? Can I fetch statues since the last one I received like
Twitter? The docs say "There are a number of parameters available to limit the
scope of the request" for GET /posts but don't specify what the parameters
are.

Error handing is crucial for a decentralized network like this, especially one
that pushes to other servers. Without a method for handling servers that go
down and other errors it will absolutely not work.

~~~
siculars
These guys might just want to wrap something like pubsubhubbub[0]. take a look
at superfeedr[1].

[0] [http://pubsubhubbub.googlecode.com/svn/trunk/pubsubhubbub-
co...](http://pubsubhubbub.googlecode.com/svn/trunk/pubsubhubbub-
core-0.3.html)

[1]<http://superfeedr.com/documentation>

------
modarts
"Developers: It's time to start writing apps for Tent and adding Tent support
to existing projects based on the current specification. "

It's time for you to show me why I should invest my time in writing apps for
your platform/protocol.

------
michaelmior
I found it interesting that this announcement said nothing about what Tent
actually is. Without reading other pages on the site, all I could tell was
that Tent involves "protocol, apps, and servers" in some way.

~~~
zobzu
Yeah id have linked tent.io as well. clicked there and it's explained after a
few buzzwords.

------
danielweber
If you hit the #1 spot on HN, you are going to get a bunch of traffic from
people you never got traffic from before.

I recommend putting a link to the tent.io homepage that says "new to Tent?
Click here!"

------
calvin
What problem is this solving? I know users of social media who are unhappy
with what they're using. But I've never heard my mom or any other Facebook
user for that matter say: "You know what I want? A decentralized social
network where I can own my content!"

For this to get traction, it'll need at least one server with a strong user
base.

~~~
modarts
"For this to get traction, it'll need at least one server with a strong user
base."

Sooooo...Facebook basically.

~~~
jeremyjh
Not if you can leave and keep your network of friends.

~~~
calvin
If 99% of your friends keep their data in Facebook, you're still dependent on
Facebook.

------
EvanAnderson
I don't see how the tent protocol has any hope of scaling to large numbers of
users / servers. The notification traffic for anyone with a significant number
of "followers" is going to be significant. I think the view that the tent spec
authors are taking is a bit too simplistic if this protocol is intended to be
Twitter or Facebook-scale.

~~~
wmf
Computers and the Internet are pretty fast now. I suspect the real difference
will not be performance but cost: if you have a million followers you will
have to bear the cost of sending out the notifications (as it should be IMO).

------
sedachv
IMO the Tent design is going to become obsolete with the arrival of WebRTC.
With WebRTC, there is not going to be any reason to have servers running, as
long as some of your friends are online. You can do everything by using public
key cryptography and store-and-forward. You can authenticate with SRP/zero-
knowledge password proofs. You don't need to have your private key with you,
you can recover it from a quorum of your friends. Combine this with a public
status/"who's online" server - could be any XMPP/web gateway for example - for
bootstrapping the initial connection, and you can log in from any
library/internet cafe computer. You can use broadcast encryption to address
the privacy concerns of store-and-forward designs.

I wrote a series of blog posts about how such a system would work:
<http://carcaddar.blogspot.ca/search/label/ClearSky>

~~~
icandoitbetter
Why would you try to implement this with WebRTC? WebRTC is for real time
communication. It's in the name. Social networks don't have to be real time.
How would you do persistence in a WebRTC-run social network? E.g. how can I
visit your profile when you're offline?

~~~
sedachv
WebRTC is about direct peer-to-peer connections between web browsers. The
real-time stuff refers to the video/audio codecs that come as part of the
spec.

Persistence is handled by storing-and-forwarding your profile information to
your friends. Privacy is ensured by broadcast encryption. If you want people
unconnected to your network to find you, you could publish public profile
information on a directory server (this could also be the status server that's
needed for bootstrapping a connection if you're logging in from a public
computer at the library or wherever).

------
bratsche
If they have any use for a command-line utility to manage the server, it
should be named 'pitch'.

~~~
forgotusername
Or, you know, 'tent'.

------
JoachimSchipper
From the docs: "Tent is a protocol for decentralized social networking." I'm
not sure why this is interesting? It's neither the first nor the last such
protocol, can someone enlighten me?

~~~
MatthewPhillips
I'm not aware of any other such protocols, can you name a few?

~~~
Zash
OStatus, used by StatusNet, the software behind identi.ca. It even has Twitter
compatible API, so why Twitter devs aren't flocking to it is a mystery.

There are also a few projects using XMPP, like BuddyCloud, Jappix, Movim,
OneSocialWeb etc.

~~~
MatthewPhillips
Because it's not a protocol, it's just a spec. If you want to develop
developer interest, give them something to work on. The web was so successful
because it provided developers with very specific things that they could work
on. Browsers focused on HTML, web servers focused on HTTP.

I find that all of the open social initiatives are either too broad or too
specific. OStatus is entirely too broad, from their FAQ:

> First, rather than being a stand-alone spec it builds upon several existing
> (and evolving) open web standards including: PubSubHubbub, Webfinger,
> ActivityStreams and Salmon.

So if I'm a developer I can't just learn OStatus, I have to learn 4 other
specs as well. Diaspora has the opposite problem, it's too specific. Their
recommendation for contributions is to fork their rails app. Developers don't
want to fork working apps and fix bugs; they want to write their own from
scratch.

~~~
MMN-o
OStatus is just about as short as it can be on its own. "The 4 other specs"
_together_ aren't much longer than what is necessary _anyway_ for implementing
the necessary aspects of a federated social network.

And as all of the protocols necessary already exist and are quite well-
established, there are already parsing tools available for anyone to use
freely. So development is really easy to get into when it comes to OStatus.

Using something that already exists is in this case much better than
reinventing the wheel and rediscovering all implementation issues that have
already been taken care of with protocols like XMPP or OStatus.

------
siculars
I hope these guys are able to get some traction. Distributed social networks
that can replace twitter and facebook are the only way forward.

~~~
mibbitier
I'm not so sure they are the way forward. They're clearly the way forward if
you dislike being "locked-in". But is being locked-in always a bad thing?
Nope.

We could easily have a distributed web search engine to replace google. It
could run on everyones machine, and it'd be awesome. But what would be the
advantage?

Also before twitter/facebook, we had email - a distributed social network. How
is the "new" distributed social network going to be better than email?

~~~
streptomycin
Search engines and social networks are very different things. Build a better
Google, and people will gradually switch. That's how Google got started. Build
a better Facebook, and nobody cares because their friends aren't signed up.

~~~
xxbondsxx
Doesn't the same thing apply to Facebook when it started? Myspace, Friendster,
and all other competitors had a ton more users and strong network effects back
in 2004. Facebook offered a better experience though, and so users were
willing to switch despite network effects (and even maintain multiple accounts
for a period of time)

~~~
streptomycin
Not even remotely comparable. The vast majority of current Facebook users had
no social networking accounts before they signed up for Facebook. Now,
Facebook is entrenched.

That's not to say it was easy to make Facebook succeed, or that it would be
impossible to make a service outcompete Facebook now. But it was certainly far
easier to unseat the king back then than it is now.

------
SEJeff
Sounds like someone is trying to reinvent the unhosted[1] protocols. Unhosted
is used in relatively popular apps like owncloud[2].

[1] <http://www.unhosted.org> [2] <http://www.owncloud.org>

~~~
driverdan
Tent is nothing like unhosted. Unhosted is about running apps entirely in your
browser.

------
haroldp
"Protocol" "Reference Implementation" "API"

These are the highly encouraging words I keep seeing from Tent that I never
saw from Diaspora.

------
mhartl
I suggest that, whenever you make a post like this, you indicate WTF the
software does, like this:

 _We're pleased to announce version 0.1 of Tent, <insert description of WTF
Tent is>._

The description should preferably indicate not just what it does at a low
level, but why you'd want to use it. In this context, the description on the
documentation page, "Tent is a social layer over HTTP using JSON.", doesn't
motivate Tent's existence particularly well. Something like this would be more
instructive:

 _Tent <why Tent exists> by adding a social layer to HTTP._

------
jasongullickson
You lost me at "changes everything".

------
akavel
Are there any protections against spam? (unsolicited notifications)

Are there any authorization & authentication measures? (so you know a
notification is really from whom it claims to be)

I see mention of HMAC in the overview, (how) does it solve those problems? I
know basics of TLS, RSA - how is it related? I'd be grateful for hints. Also,
I remember some alternative mentioned in old threads about Diaspora, which was
reportedly devised by some security guys (?) and tried to have good security
model - do you know the name of this project? Some GNU one?

------
ljd
Decentralizing would be an easier sell on a mass scale as a hardware solution.
I can't imagine asking my parents to implement open source routing software
but they bought a wireless router on their own.

Maybe Tent should think about a strategic partnership with a raspberry pi or
another one of the many great cheap computing solution available today.

Write some basic stuff into it, and sell the device as a plug into your router
and go social network device.

~~~
wmf
That's the FreedomBox or Tonido.

I think a $100/year cloud server is likely to be faster, more reliable, and
easier to set up than a home server.

~~~
ljd
I agree, it would probably be easier to pay for a service if people really
wanted it.

------
a235
This protocol seems to miss a secure routing of messages inside of its
network, insead offering point-to-point interaction. However, this will be
required in order to build indeed a decentralised social network. Something
that was developed in Tonika project:
<http://pdos.csail.mit.edu/~petar/5ttt.org/>

------
ericmoritz
Tent should take a page from Jabber and create gateways which will post for
you on other social networks much like Jabber had for non-Jabber IM services.

That way you could have a backup of all your social data, stored on your
server if you wanted but broadcasted to the other servers.

------
bionsuba
That website needs a major redesign. I can tell you that most people spend
three seconds on a web page before they decide to move on or not, and there is
no way a generic bootstrap website is going to grab anyone's attention in that
three seconds.

------
zapt02
This sounds a lot lie XMPP; Why not just extend that instead?

~~~
nsm
buddycloud is the one sane federated social network that is piggybacking on a
protocol that has proven itself for over a decade. And I'm really expecting
things from them now that they got incubator funding through Mozilla WebFWD.

I think the fundamental reason HN/Proggit and co. reject XMPP is because it's
XML. Which is a ridiculous reason. Real-time streams over encrypted TCP seems
to be the right way to go over forcing a protocol not meant for constant
communication (HTTP) to do so.

------
eavc
This seems like a pretty clear example of HN comments being full of flat
criticism and naysaying with very little in the way of helpful feedback.

------
kveykva
Saw the link header bit and was instantly reminded of Riak - is that what the
servers are running? Makes sense I suppose..

------
haukur
Is their documentation page made with Sphinx? If so, does anybody know that
theme? It looks really nice.

~~~
darkhorn
It is <http://twitter.github.com/bootstrap/>

You can see it in source code.

------
guelo
Has anyone put up a public server yet?

------
x0ff
you should check out <http://secushare.org/>

------
antonpug
This has the potential to replace Facebook. And it might do just that with a
couple of endorsements.

~~~
Jonovono
I don't know how you got that Tent is a competitor for Facebook. Tent goal is
to be used by Facebook, Twitter, or any other social site so that they
basically have an API to access the users data, so the users can have full
control and ownership of the data.

~~~
antonpug
Facebook will NEVER use Tent, you have got to be kidding...

~~~
Jonovono
? I didn't say it WILL be. It's goal is to be used BY social networks.. not
replace them. Maybe FB won't use Tent, but perhaps whatever comes next will.

