
Help fund an open source Facebook alternative: Appleseed - michaelchisari
http://indiegogo.com/Open-Source-Social-Networking
======
mdasen
I have to ask since your site says it
(<http://opensource.appleseedproject.org/>): how is the software maintaining
the privacy and security of my data?

The reason I ask is that I don't see how that's possible. Here's an example.
Let's say that I'm on MySeed and you're on Applebook. We friend each other
and, lovely, now my posts get aggregated to your feed and your posts get
aggregated to my feed. Life is good. Then Applebook turns evil and decides
that it's going to make all posts open (they have the source code and the
data). Well, now I no longer have privacy. Heck, let's say I post something
and it gets aggregated to your feed. Then I delete it. Does Applebook then
delete it? There's no real way to force a deletion. And I realize that anyone
who saw it could have just done a copy/paste and saved the post, but it's
different when it's happening automatically.

The only way I could see this working is through public key encryption. When
we friend each other, I get your public key and you get mine. You can then
make your postings available encrypted with my public key and when I get them
I can decrypt them with my private key. BUT I must not store my private key
with MySeed since then MySeed could decrypt your posts and you no longer have
privacy. Right now, browsers don't have support for encryption like this where
part of a web page will be encrypted not by the server, but in the data
storage.

But even that has problems. It means that if you're friends with 500 people,
500 copies of any status message you post have to be encrypted and stored
separately for each of those 500 people. Considering the scaling issues that
Facebook has to contend with, I think adding a step where everything people
post gets encrypted and stored N times (N being the number of friends you
have) would be troublesome.

Heck, what about pictures? It's one thing to encrypt and store a short 140byte
status 500 times. It's another to do that for an 80k photo.

tl;dr: If we're friends and you're on another service, what stops your service
from aggregating my postings and then making them public to the world against
my wishes?

~~~
michaelchisari
First off, your feed won't provide a full copy of your data, just a summary
and a link. Other protocols may not work that way, though, but that's how
Appleseed's protocol works. If access is rescinded, that user loses access to
view that data. If I post a journal update or a photo, and it shows up in your
feed, and then I restrict access to it, if your feed doesn't properly delete
the entry, then you can still see the summary or the thumbnail, but clicking
on it results in an access denied error.

Well, let's focus on your premise: This is all based on a node turning evil.
That's a very big problem, and one not easily solved.

There is a basic issue here, in that users, when they trust other users, they
also, on some level, trust the that user's community (node). I'm open to
suggestions on how to mitigate that.

With social networking, there is always a level of trust that has to be human-
based, not tech-based. But tools can be used to help humans determine trust.

Appleseed has node control, which means that administrators can "block" whole
nodes if they're behaving badly. This usually means spam, but it can also mean
if a node is acting in bad faith (ie, it's revealed that AppleBook is selling
non-local user data), or if they're abusing the protocol. That can act as a
certain type of social "shunning" on a node-to-node basis.

Admins can also "trust" nodes, which means you inherit their block list. This
means, theoretically, if a node goes bad, and some nodes realize this, it'll
propagate through the Appleseed network until that node is isolated.

I think there are other approaches, and some we haven't thought up yet, but
one thing I'm most interested in is social pressure, and how it can easily be
applied to bad nodes.

I think encryption is interesting, but I think we'll actually have to move
into the browser space in order to have a reasonable UX.

~~~
mdasen
Wonderful. The Diaspora group had been promising end-to-end encryption without
seeming to know the problem.

The remaining question I have is: while the feed provides a link/summary,
what's preventing a node from following that link and then caching/storing
that data?

You've come up with a nice way of propagating block lists and kudos for
addressing the problem. However, with Facebook, I only have to worry about
Facebook behaving badly. I don't have to worry about multiple companies and
different bad behavior.

Plus, sometimes bad behavior can become public much later. Let's say that I
operate Applebook. I'm running a nice Appleseed server that has some users. I
decide to start storing the data from other nodes. Maybe I'm even doing it for
practical reasons like performance or as a service to my users. Then 5 years
down the line, my fortunes take a turn for the worse. I decide to go evil!
Sure, maybe the second I turn evil it gets propagated out fast and I can't get
access to any future data. However, I still have all that past data!

And this is a concern with Facebook as well. They could turn evil some day and
betray us all. However, it's one company to worry about rather than dozens or
more.

\--

Also, as an aside, sometimes the summaries might contain the information
people want deleted. If you have a 140 character status update Twitter-style,
there isn't much of a summary to be made.

Right now, we're used to being allowed to remove things from social networks.
Unlike email, it's communication that we can take back. Wall posts, status
updates, photos, etc. can be deleted. If I email you a photo, it's always
there for you. In some ways, a distributed social network is more like email.
Once you've sent it out to your friends, it can't really be taken back. That's
very different from Facebook. With Facebook, users expect to be able to remove
content at any time and it's inaccessible to other users (unless they decided
to copy/paste or save it in another way).

The question is: how many people would prefer this more email-like system? The
advantage is that one wouldn't be beholden to a central service like Facebook
or Twitter. Users have been skittish about privacy anytime Facebook changes
something. How much of that is posturing and how much of it is users who would
discontinue using it if they thought they couldn't remove things from the view
of others?

~~~
michaelchisari
_They could turn evil some day and betray us all._

If an Appleseed node turns evil, they'll probably take the data of, maybe,
100,000 or a million users with them. When Facebook turns evil (some would say
saying "when" isn't necessary), 500 million people's data goes down.

One of the things that's kept Facebook free of social pressure in terms of
acting evil, is that the walled garden approach means that people can't leave
without losing their social network. Appleseed (and distributed social
networking) at least provides a certain competition, because if a node acts
up, users can leave that node, go to another node, and reconnect with their
friends. It won't be totally painless (at first anyways), but that's pressure
that Facebook simply does not feel at this point, and that has a very negative
effect on it's behavior.

 _The question is: how many people would prefer this more email-like system?_

I'll be the first to admit that a centralized system holds advantages over a
decentralized one (and vice versa). A lot of these issues, we may not even
know the full extent of until we see heavy use. This is pretty new territory,
and I'm open to any suggestions.

It's the big reason why I rewrote Appleseed to be extremely flexible, to use
pervasive hooks and an MVC model, and to be protocol agnostic. Also, why
Appleseed has one-click server upgrades and other ease-of-administration
features.

There's some really solid work being done on protocol development, but I think
we all need to be honest that the first steps out of the gate are gonna be
rocky. Hopefully Appleseed can adapt quickly enough until distributed social
networking matures.

------
wccrawford
"Install your Appleseed node ($1,000 minimum) Free installation of Appleseed
on your servers for any Appleseed node with less than 1,000 users."

Is it FOSS or not? It sure doesn't sound like it is.

"We've already accomplished much of what we set out to do"

Then why are you asking for $10k?

There's a lot of text on that page that directly contradicts other text on the
page.

~~~
michaelchisari
To address the money issue further, the $1,000 minimum donation means the
donor receives consulting services setting up and administering a node. Anyone
with experience with LAMP is able to set up their own node without paying a
dime.

And as for funding, I've been working on Appleseed almost full time for quite
a while now (started in 2004). I've been working a full time job as well most
of the time I've been doing this, so at some point, I'd like to be able to
focus on this exclusively, and funding can help make that happen, which means
the software will improve faster as a result.

~~~
roel_v
Maybe off topic but I LOL at doublespeak like "$1,000 minimum donation", and
the cognitive dissonance that lies at its foundation. I can just see the whole
story behind it: the idealists who preach the 'software should be FREE!'
mantra, the myopic hatred against software companies who (gasp) _charge money_
for their software, the realization (after trying to make worth while software
themselves) that it actually costs money to, you know, live and pay expenses,
and the grasping for straws that is "let's call it a 'minimum donation, then
we're not actually charging for it".

Not to pick on these guys, I don't know them and for all I know they're the
outlier, it's just such a cliche that it's becoming an indicator of a team
that has much to learn about how the software business works.

~~~
michaelchisari
That's a donation, not a fee, and this isn't a business model, it's a perk for
making a donation. If you look at similar projects on sites like Indiegogo and
Kickstarter, that's how crowd-sourced funding works, with perks provided to
people who donate (like t-shirts and servers for the Diaspora funders).

As for "software should be free", the idealists have been qualifying that with
"Free as in Speech, Not as in Beer" for as long as I can remember, so we're
all fully aware of the material concerns required.

~~~
roel_v
Seriously, come on. A rose is a rose is a rose.

"minimum donation" = fee

"perk for making a donation" = services bought

"crowd-sourced funding" = a bunch of customers pay for products or services.

I mean I'm not being negative here or criticizing you, but let's call things
like they are. Why make up fluffy feel-good terms for things for which we
already have perfectly viable words?

Referencing the Diaspora guys basically reinforces my point re: the
inexperienced team - a bunch of kids straight out of college why manage to
hype together 200k and then turn out a complete disaster after a couple of
months does not a trustworthy example make.

------
heresy
Why don't you join forces with Diaspora?

Or, why would someone decide to donate to you over Diaspora?

~~~
michaelchisari
To answer your first question, I did email them back in May offering help but
never received a response. I had a chance to catch up with them at the
Federated Social Web Conference, and spoke with a lot of similar projects and
we're all interested in a common protocol, so in that sense, we're all "joined
forces." However, since their project is Ruby on Rails + MongoDB, and
Appleseed is LAMP, beyond the protocol, there's not much collaboration on
codebases that can happen.

As for why to donate to Appleseed over Diaspora:

1\. Appleseed is a much more mature codebase. We've been in development for a
while now, and already have around 80 nodes in the wild.

2\. Appleseed has a much more experienced developer at the helm. I've been
programming web apps professionally since 1997.

3\. We have a much clearer roadmap and protocol specification compared to
Diaspora, which has yet to hammer out most any specifics in that arena.

4\. Appleseed is much easier to install (about 5 min for anyone who's
installed LAMP software before).

5\. Appleseed is more ambitious. Diaspora aims to be a social networking app,
but Appleseed is a social framework, with an extensible MVC model, meant for
building new social components.

6\. Diaspora already has $200k. :)

~~~
nlco
is there any work on a common protocol yet? (mostly looking for a link)

~~~
michaelchisari
That's a good question, without a simple answer, but here goes:

Right now, we're using something I call QuickSocial:

<http://opensource.appleseedproject.org/quicksocial/>

This protocol is very much in flux, and being modified regularly. And it may
not be the protocol that Appleseed ends up with.

Appleseed is a very flexible system, all the protocol work has been abstracted
out into framework "hooks" (plugins), and you can easily replace one set of
protocol hooks with another, or even have multiple protocol hooks operating
concurrently.

So at some point, there will be support for OAuth, OStatus, Webfinger, etc.
And if a unified protocol emerges as a standard, Appleseed will be updated
with a new set of protocol hooks to support it.

The advantage of using a homegrown protocol like QuickSocial is that we can
focus on userflow and end features without having to cater to another protocol
specification, which is fine since we're at such an early point with
distributed social networking protocols anyways.

------
petervandijck
Is there a site somewhere about this project (not just github)? Screenshots?
Features? Information? Can't seem to find a link anywhere?

Edit: here we go: <http://opensource.appleseedproject.org/>

~~~
michaelchisari
Here's all the resources associated with Appleseed. They're on the indiegogo
page, but they're a little hard to find.

\- _General Links_

Main: <http://opensource.appleseedproject.org/>

Fundraising: <http://www.indiegogo.com/Open-Source-Social-Networking>

Drumbeat: <http://www.drumbeat.org/project/appleseed-social-networking>

Beta Test: <http://appleseedproject.org>

Facebook: <http://www.facebook.com/group.php?gid=366560616455>

Twitter: <http://twitter.com/appleseedproj>

Identi.ca: <http://identi.ca/appleseedproj>

Youtube: <http://www.youtube.com/user/appleseedproj>

\- _Development Links_

Source Code: <http://github.com/appleseedproj/appleseed>

Packages: <http://opensource.appleseedproject.org/download/>

Bug Tracking: <http://appleseedproj.lighthouseapp.com>

Discussion Mailing List: <http://groups.google.com/group/open-social-
networking>

------
joe_the_user
Just for kicks,

Let me ask _how_ a project like this could provide possibly any more privacy
than a situation of a group of people who each having a mailing list with
which they email messages to their friends?

Seriously.

Maybe I'm not thinking clearly tonight but I can't see any plausible way to
provide "more security" than the security of deciding what message to send to
what friend. Am I missing something.

\-- I mean, you just aren't going to keep your friends from forwarding your
messages. They'll video-type to screen if they need to. You might decide not
to forward them more messages but that's different.

~~~
michaelchisari
_I mean, you just aren't going to keep your friends from forwarding your
messages._

There's a difference between privacy and trust. Software can't predict when
your best friend is going to turn against you for emotional or social reasons.

If you share something with ten friends, and one of them betrays your trust,
technology can't predict or prevent that.

However, if you share something with ten friends, and they all act properly
and trustworthy, you have a reasonable expectation that your data won't be
available to anybody but those ten friends.

~~~
joe_the_user
Agree with this but it doesn't answer my original question.

 _Why bother with encryption when each person having an email list would work
as well as anything for distributing information?_ Why? It's like UPS buying
armored cars to deliver your packages with but still plunking the package down
outside your house when you're not home.

I have a reasonable expectation of privacy sending email through a webmail
account. If I was sending the corporate crown-jewels or something, I'd encrypt
my message but email these days is _appropriately secure_.

I'm asking these questions with the best intentions too. I like the idea of a
Facebook alternative - I'm working on my project along those lines in fact.
The thing is that to offer an alternative, you've got to be clear what
services Facebook offers and how one could offer them better. It seems like a
lot of upset over Facebook confuses Facebook's abuse of user data with the
inherent insecurity that comes from sharing information with any group of
people. We'll have to educate ourselves and our users about the difference if
we want to have this Facebook alternative thing get off the ground.

As far as I can tell, almost everything Facebook provides is something you can
do with the "regular web". Facebook simply puts everything in a nice package
(and that nice package matters a lot as we've seen). If you had a script which
aggregated your friend's blogs, tweets and emails, you would have something
like Facebook. The only _service_ that would be required is friend-discovery
and perhaps a "like" messaging system. The rest could just involve
wrapping/packaging existing stuff.

The thing about Facebook and walled-gardens in general is that they really
entice people who otherwise wouldn't participate in "cyber life" to come onto
the web. But Facebook users hopefully will also be learning that their walled-
garden doesn't offer the protection it claims and hopefully they'll realize
that nothing can simultaneously offer free-sharing and perfect privacy in the
modern era - your friends' friends just aren't necessarily going to be your
friends etc.

So we "Facebook alternativists" have to offer something that gives the good
stuff that a social network can realistically provide for people who are over
the illusion that they can live in a one-identity, total-trust world.

------
ashitvora
Do we really need one more Social Network?

~~~
michaelchisari
Yes, because a distributed protocol means that it will effectively be the last
social network.

~~~
metamemetics
that's pretty delusional. Users don't care about protocols, they care about
interface usability. And the ONLY thing that makes a social network valuable
is its users. There will always be more room for more niche social networks
with well defined UX constraints if developers continue the facebook trend of
bloat sites with ambiguous constraints.

~~~
michaelchisari
It's really quite simple. Once an open protocol is established and
popularized, then social networks are just software that connect into the
distributed network.

Think of it in terms of SMTP and e-mail. Mail providers come and go, but
nobody has to move email providers because all their friends changed emails.

~~~
metamemetics
> _Once an open protocol is established and popularized_

"popularized" is the most important and hardest part, you can't risk using it
in an assumption. The problem domain you are working in is the exemplar of the
chicken-and-egg user growth difficulties.

Also if it really was just a protocol: the only thing being developed would be
QuickSocial, it would not be called a _social_ network because a protocol is
not the place creating the social experience, it would be marketed to
developers and bloggers as an improved and easy to add replacement for OpenID,
50% of the work would be on rigorously defining QuickSocial specification, the
other 50% on developing plugins for all platforms and languages.

~~~
michaelchisari
_it would be marketed to developers and bloggers as an improved and easy to
add replacement for OpenID, 50% of the work would be on rigorously defining
QuickSocial specification, the other 50% on developing plugins for all
platforms and languages._

That's part of the plan. QuickSocial is being developed as an abstracted PHP
class library that's quite easy to implement.

~~~
joe_the_user
Maybe I'm being patronize and you know all this all but I'll just note that a
protocol is about one level of abstraction above a class library.

I'm biased because I'm working with c++ but I'd suggest the protocol be
developed like most protocols - in a language neutral fashion. This involves
writing it in a fashion akin to an abstract language. Normally, such a
protocol spec simply say what byte means what and where each byte goes. Then
the protocol can be implemented in any language.

For example: <http://en.wikipedia.org/wiki/Http>

Also, I'd suggest only creating a new protocol for things that really can't be
done existing protocols (such as Internet mail). You always layer your
application on top of an existing protocol if it serves your purposes.

~~~
michaelchisari
Nothing about the protocol is PHP-specific, but the initial implementation is
written in PHP.

------
brinchj
Perhaps my PHP-design skills are outdated, but is it normal to have a 1500
line index.php containing a mixture of configuation code, PHP functions and
HTML?

Also, don't you use any template system?

... I cloned the github project, only to find myself confused :)

~~~
michaelchisari
The index.php file is the install file.

The actual system is re-routed using mod_rewrite. After installation, it never
uses index.php again.

 _Also, don't you use any template system?_

No, actually, I use a different approach. Using simple_html_dom, I target the
dom within the controller. The views are layout skeletons that are then
populated with data. Check out the example component's comments for more info.

------
allantyoung
Don't "they" know that the Appleseed family is very litigious?

~~~
michaelchisari
I was going to rename it to Bananaseed, but I think someone with that name
killed a bunch of nurses in Portland. /30rock

------
johnny22
it's just too bad you never got back to me last year mike (via red emmas) :(
not sure how else to contact you. I'll delete this post later

~~~
michaelchisari
Not sure who this is, but my email is michael.chisari@gmail.com if you need to
get in touch.

~~~
johnny22
cool thanks. and now i realize it's too late to delete. Sorry folks :(

