
Friendica – A Decentralized Social Network - awiesenhofer
https://friendi.ca/
======
pmlnr
This is yet another platform solution. The problem with platform solutions is
that they still present one and only one choice of software.

Decentralized systems can only take off if they are built around standardized
protocols - this is why email works. The choice of smtp servers to run, email
clients to choose from, that's what's making it resilient.

Ideas like ActivityPub, webmentions, microsub, micropub, while not strictly
protocols - all on top of HTTP - could allow us to build real
decentralisation, with the weapon of choice on platform, language, client -
this is what's truly needed.

Most of the platforms like Diaspora, Friendica, Mastodon, can, could, or
already have adopted some of these, thus making a good step towards true
federation, when anything can talk to anything.

EDIT ... but the emphasis right now should be on the glue, the protocols
connecting them, not just only the software implementing it.

~~~
amelius
Emphasis should be on the requirements.

What do we want the system to do?

And how can we control our privacy?

Let's answer these questions first.

~~~
pmlnr
Fair and important questions. The closest immediate answer I have is
[https://indieweb.org/SWAT0](https://indieweb.org/SWAT0) but the page is quite
dense with indieweb terms.

EDIT:
[https://www.w3.org/2005/Incubator/federatedsocialweb/wiki/SW...](https://www.w3.org/2005/Incubator/federatedsocialweb/wiki/SWAT0)
might be a better source.

Defining a minimum set of features for what a social network (media? web?
system?) is is certainly a required step, and any suggestions are welcome.

~~~
amelius
That's a start, but I suspect we're better off thinking about all possible
features, because this allows us to define a protocol that generalizes better.

In your example, users can be tagged in a photo. That's nice. But let's say
that in the future we want to share who's attending what events. Perhaps we
can use the same kind of constructs in the protocol for both uses.

Of course, an implementation does not need to support all features from the
start.

~~~
pmlnr
There's a list of features documented for :

[https://indieweb.org/Facebook#Features](https://indieweb.org/Facebook#Features)

[https://indieweb.org/Twitter#Features](https://indieweb.org/Twitter#Features)

However, I don't think there's any kind of standard-ish list for what's a
minimum feature set for a social network. Please feel free to add one to the
indieweb wiki, as any help is welcome.

------
grinsekatze
I think many people that are moving away from Facebook move away from social
networks in general. Personally, I am not interested at all in a Facebook
replacement. I gave a couple a try, but quickly realized that spending time on
these social networks is even more boring than Facebook, especially if none of
your friends are on there.. and therefor a total waste of my time. If I need
to communicate with friends I do this “directly” via WhatsApp or email.

~~~
kodablah
> I think many people that are moving away from Facebook move away from social
> networks in general [...] If I need to communicate with friends I do this
> "directly" via WhatsApp or email.

I'd like to see the line disappear and I'd like to see WhatsApp or email be
considered social networking. I think a well built app can have both of those
features in addition to the feed+post+comment style of Facebook. From the user
perspective, what are all these communication mediums but just "place"
configuration?

Edit: here're some early scratch grpc services I have been toying with to
abstract different communication forms:
[https://github.com/cretz/yukup/tree/6793fb2b281e4ea7cda1fe5b...](https://github.com/cretz/yukup/tree/6793fb2b281e4ea7cda1fe5b9f4a10c487e99712/yukup/service/pb)

~~~
freehunter
Seriously, if Snapchat is considered a social network,
IRC/email/WhatsApp/iMessage/Hangouts/SMS is a social network too.

------
kodablah
> Friendica runs on PHP with MySQL as a database. If you can run WordPress,
> you can run Friendica.

Not the biggest fan of the stack, but no problem. These networks are getting
closer. Now create a desktop installer that: has its own web server + php +
mysql pieces embedded and execute on their own ports on startup. (I say I
don't like the stack because I'd prefer something that can all be statically
compiled). Make sure the desktop can easily setup/change/admin this self host
and can guide or automatically dyndns and NAT bust. Or if you want to do it
right, embed tor, and create a hidden service for me (an ephemeral v3 one
would be nice, maybe from a deterministically derived key from a few factors,
I'll figure out how to give the unwieldy name to my friends).

We have to make self hosting as easy as running mspaint if we're going to
tackle this problem right.

~~~
pmlnr
You're more or less describing
[https://github.com/ssbc/patchwork](https://github.com/ssbc/patchwork)

~~~
kodablah
Sure. If I were to give feedback, I'd say it needs a better landing and a user
guide for the app (as opposed to the protocol inundated with dev jargon). Not
really gonna send my mother a GitHub releases page; she needs to be the
intended audience. I guess I could send her [http://dinosaur.is/patchwork-
downloader/](http://dinosaur.is/patchwork-downloader/) and ask her to read
[https://www.scuttlebutt.nz/getting-
started.html](https://www.scuttlebutt.nz/getting-started.html) and/or
[https://www.scuttlebutt.nz/#quick-start](https://www.scuttlebutt.nz/#quick-
start) but even that has friction. Also, I'd like to see it shipped with Tor
and just hit a checkbox (at runtime not install time) for anonymity instead of
having to manage my own daemon.

But this is very close, yes.

~~~
mercer
Agreed. I'll add that my main issue with Patchwork is that from what I can
tell it's pretty much impossible to develop for it without using Node.js. I
_really_ think that for this to take off, it needs to focus on 'developer
happiness' right now. There's a solid client, a relatively vibrant and
activist community, but too little in the way of (relatively) inexperienced
devs like myself to build apps on top of.

this is especially problematic because the Patchwork client, while impressive,
is not something I enjoy using. I'm just _itching_ to build my own alternative
clients, as well as apps that run on the SSB protocol, but I can't unless I
force myself to get back into the Node ecosystem.

Another crucial issue, I find, is the inability to have multiple devices
linked (by whatever means) to the same user. The impression I get is that the
community is split on either fixing that, or adding more tools to deal with
community management. I find that worrying because I've had multiple
experiences with communities where ~50% was overly focused on 'preserving what
is', and none of those experiences ended up in any kind of success.

For the time being I'm still excited about Patchwork, and looking for ways to
positively contribute (contrary to this post), but I get too much of a
'sixties imploding commune' vibe to feel comfortable wasting my energy, for
now.

EDIT: all this sounds somewhat negative, and my apologies for that. But I got
and am really excited about the core proposition of the whole thing and just
worry a lot about its viability. I'd really love to hear where I'm wrong, or
how I could contribute without having to deal with the community kerfuffles
that I am not too interested in. It's like CouchSurfing in reverse.

~~~
space_fountain
What language would you feel more comfortable contributing in? For good or bad
Node seems quite popular especially with newer programmers so I can at least
somewhat understand the decision.

~~~
mercer
I'd say an implementation in all popular languages would be important. I hear
decent work has been done with Rust, and I'd love to see something for Elixir.
But as I understand it part of the problem is lack of spec/documentation. If
we had that, perhaps it'd be easier for a variety of implementations? php,
ruby, python, etc.

------
common_
All communities have leaders, whales, whatever you want to call them. Even
Bitcoin is now controlled by a small group of mostly Chinese people.
Decentralization does nothing other than put control in the hands of an
unpredictable and potentially unaccountable group of people, whereas
centralized systems have people you can point to and hold accountable (or so
we hope). There is a reason it's never worked throughout history, and why
decentralized systems always collapse into a more efficient centralized form.

~~~
zoul
Like e-mail or the web, perhaps?

~~~
tadzik_
Exactly like email or the web. Certain services (shame on you, booking.com)
now consider it a potential bug if you email doesn't end in gmail.com (they do
their "did you mean: tadzik_@gmail.com?" when I enter the proper one, with my
own domain). The web itself also tends to gravitate towards either "cloud"
providers or at least stuff like cloudfare for ddos protection. Yes, it is
still decentralized, but people keep choosing the centralized subsets of it
for convenience.

~~~
ColinWright
> _" did you mean: tadzik_@gmail.com?"_

This is incredibly annoying, I agree, but having run a service for which
people type their email addresses, and having seen just how many people can't
actually type their own email address properly (currently running at about 5%)
I'm not surprised that a service aimed at non-technical people puts in
attempted safeguards like this.

And my service is for _technical_ people - I can't imagine what it's like for
genuinely open services.

~~~
mercer
could you give some examples of the types of mistakes they make?

~~~
ColinWright
Omitting letters in their username, getting the domain wrong by omitting or
mutating letters, commas instead of periods, spaces, and more. Some, such as
commas and spaces are easy to catch, but mutations in the username are pretty
much impossible to catch.

Without digging through my records I can't be more specific, but in general I
was horrified at how many can't actually spell their own names correctly.
Seriously, one person typed jojn.dpe instead of john.doe (name deliberately
changed to protect the user). Sometimes it's possible to guess the correct
username/domain, but sometimes it simply isn't.

------
d3ckard
I don't know about others, but I don't care if my social media platform is
centralized or not. I use FB mainly as news feed(I don't even get that many
friends' posts), but I can easily migrate that. What I need is nothing more
that somehow fancy address book. FB gives me a way to contact people I don't
keep strong relationships with, it lets me organize an event with those people
relatively pain-free and it allows me to keep at least a bit in touch. That's
all. Give me just those basic features, pour some serious privacy management
over that and I will be happy to lead the way switching.

I don't care about fancy tech in this case.

~~~
Double_a_92
> I use FB mainly as news feed

How did you manage to do that?

My feed it full of crap like: Silly memes in local languages, Weird shared
videos of something cute or funny, Ads, Game invites, Photos from people I
don't really know...

I basically only have facebook to kinda keep the contact data of old school
friends. I don't even talk to them.

(And for dating. Contacting people unsolicitedly but still in a friendly and
respectful way works much better than going on online dating sites...)

~~~
equalunique
If you join FB groups related to things that you care about, then there is a
good chance you will see more news related to the things you care about too.

------
amelius
They promise privacy, but in a decentralized system, do I have to trust every
node admin?

~~~
tscs37
You have to trust your node admin and the admin of any node you talk to (ie
your friend's node)

~~~
amelius
Obviously, I have no control over what nodes my friends are using.

Can I whitelist/blacklist nodes?

And how is the situation we're arriving at better than having a single party,
in this case Facebook, who is to blame when things go sour?

~~~
Joeboy
From a personal privacy point of view it seems significantly worse to me, but
I guess the positive spin would be that there isn't a single party that can
simultaneously blackmail / breach the privacy of a billion people. Although my
counter spin would be that in the event of one of these decentralized things
going mainstream, a large player would end up being what gmail is for email.

------
tw1010
Man, people are working hard on this idea still. I like the persistence, but
something tells me the ambition aught to in most cases be directed towards
something less of a winner-take-all hollywood style success market, and more
towards something better placed on the effort-to-returns spectrum.

------
zeveb
Sounds interesting, but I don't think PHP & MySQL are a good stack. While it's
possible to write secure software in PHP (I'd probably trust the Paragon IE)
guys to do it), it's not very likely. As for MySQL — as far as I'm concerned
there is essentially no reason to choose it over PostgreSQL, and a project
which does so is thus instantly suspect. If they've made an error that grave,
what _other_ errors have they made?

It'd be like someone choosing Windows as a server OS: there's a small chance
it was a good decision, and a far, far greater probability that it was the
result of a toxic engineering & management culture.

~~~
seanf
Why do you consider choosing MySQL over Postgres a grave error? There are some
cool features in Postgres. I am going to learn more about partial indexes,
that looks useful! But there is plenty of precedent for large, successful
MySQL projects. Uber, for example, switched from PostgreSQL to MySQL in 2016.
[https://eng.uber.com/mysql-migration/](https://eng.uber.com/mysql-migration/)

~~~
zeveb
> Why do you consider choosing MySQL over Postgres a grave error?

Because PostgreSQL focuses on correctness & MySQL focuses on performance &
ease of use. With a database, I want correctness first, and performance & ease
of use second.

Many projects chose MySQL because it was easy to use & somewhat faster, and
they didn't realise how broken it was initially. I am sure that many projects
_failed_ due to MySQL, and are now lost to history. Choosing MySQL over
PostgreSQL betokened the kind of culture which chooses convenience over
correctness, which is not the kind of culture I wish to associate myself with.

Over time, MySQL added more & more correctness, and PostgreSQL got faster &
faster. As it turned out, PostgreSQL with the right performance flags is
faster than MySQL with the right correctness flags.

In the specific case of Uber, it sounds like they're essentially using MySQL
as the underlying storage mechanism for a key-value store, and are able to
build the mechanisms they need atop it. Also, PostgreSQL less efficient _for
their usage patterns_ than MySQL. That makes sense, and seems like a sensible
engineering decision. 'Essentially no reason to choose [MySQL] over
PostgreSQL' doesn't mean _no_ reason at all.

It's kinda like how sometimes it makes sense to write an inner loop in
assembly, but it extraordinarily rarely makes sense to write a word processor
in assembly in 2018.

------
okket
Is this thing really decentralised (as in e.g. IPFS) or just federated (like
Mail/SMTP)? The website does not offer many details.

~~~
tscs37
Federation is a form of decentralization.

What you're looking for is federated vs peer-to-peer decentralization.

Friendi.ca is federated and decentralized.

------
niahmiah
There will be no company to be outraged at, when all of your data is
siphoned... progress!

~~~
daniel_iversen
Yes there's a treasure trove just waiting to be mined and abused
unfortunately.

------
mcs_
Is the "Rebuild from scratch the same thing but using another paradigm" a good
option to improve social?

I don't have any Facebook accounts but after 15 years programming stuff, I
don't see the copy/paste as a powerful solution.

Also, distribution is not really the problem here. From architecture point of
view Facebook is distributed.

The problem is the need of store huge amount of data in the cloud and
pretending that to be free.

------
Taek
Is there a whitepaper? Difficult to analyze the system and decide whether it's
going to do a good job, be safe against adversaries and manipulation, etc.
without seeing some sort of high level description of how it works. Knowing it
uses php and mysql doesn't tell me anything about the actual application.

------
prophesi
These decentralized social networks could benefit from that statically-linked
web app post [0]. Sure, it's pretty simply to get a LAMP stack up and running
to host a Friendica node. But a simple executable would lower the barrier even
further!

I think ease-of-use/access, along with a well thought out federation protocol,
will be critical for these networks to replace Facebook/Twitter/etc. As it is
now, I can only get my techie friends to try these out.

[0]
[https://news.ycombinator.com/item?id=16765020](https://news.ycombinator.com/item?id=16765020)

------
mtgx
Tresorit also announced an end-to-end encrypted social network where the
company can't see the users' content. I think that's probably the angle
privacy-focused Facebook alternatives will need to take. Unfortunately, they
chose a strange-looking Hungarian name for it, so probably nobody will ever
pay attention to it because of that:

[https://www.indiegogo.com/projects/prevaat-the-privacy-
focus...](https://www.indiegogo.com/projects/prevaat-the-privacy-focused-
social-network)

------
LinkToTheAss
After multiple facebook breaks (and now im off for more than a year) I must
say, that I dont see any usage for social media platforms anymore, that work
like facebook or google plus. All this egocentric stuff is based on instagram
and user created news is based on reddit or twitter. Communication is based on
telegram, signal etc.

So what the hell do I need FB for? I dont need it and i dont see a reason to
switch to an other social media platform like friendica or diaspora anymore.
But maybe im just getting old :D

------
daniel_iversen
Not sure what decentralised means. Do the different hosted versions
communicate together and sync users and data across each other? (like the
blockchain etc. Because that would be fairly important).. Also a real sneaky
pro move would be initially to allow people to "sign up" via Facebook :) -
once they're registered and the network has their email address then Facebook
can become useless, just lowers the barrier to entry and its ironic that
Facebook can be used to replace itself.

~~~
Gaelan
Looks like Friendica (along with most of these other "decentralized social
media" things) is federated, not distributed in the way that Bitcoin is. They
work kind of like email: each person picks one service to use, but users can
follow each other across services.

------
beders
Another site that is doing their marketing all wrong.

My Dad couldn't give a rat's ass if the network was 'Decentralized' or that
'Relationships can be made across any compatible system'

All he wants is see pictures of his grand daughters and post funny gifs to his
friends.

With a signup that is so simple even my err Dad could do it!

With a process to move away from Facebook to the new platform (and keep all
his stuff) that is so simple my Dad could do it.

------
icc97
I did try to mention this before, with creating a Slack clone [0]. PHP and
MySQL which is what this is written in are not very sexy but they're perfect
for when you want the entire world to be able to use it.

There's reasons why PHP has been so successful with WordPress and Facebook.

[0]:
[https://news.ycombinator.com/item?id=16567271](https://news.ycombinator.com/item?id=16567271)

~~~
bpicolo
> for when you want the entire world to be able to use it

True in 2004, today options are plentiful.

~~~
mgkimsal
And in 2004, people said the same thing.

Perl, Python, JSP, ASP, CF - people argued for and used all of those on major
projects in 2004.

------
jiri
Just thinking, who should provide this decentralized service for common users?
Someone who already provide them email? Their internet providers? Family?

------
einsty
Seems that the bright minds here behind friendica could be helpful in the MIT
Solid project being run by Tim Berners Lee. And/or they could be a SOLID app
themselves:

------
Xeoncross
Thank you Friendica team! We need more work in this space!

> Friendica runs on PHP with MySQL as a database. If you can run WordPress,
> you can run Friendica.

This is a problem. I picture the future decentralized systems being a self-
contained system that runs on your device (desktop or mobile) as _well as
servers for more technical people_.

To this end the only scripting language that can pull this off is Javascript.
Ruby and PHP are not needed or useful in this space.

To anyone that reads this, please take a couple weeks to learn Node (+electron
or react-native), Go, or (hardest) Rust.

~~~
parvenu74
This makes me think of Docker containers but for desktop rather than server
use. Let the language/stack be Elixir/Phoenix if that's what the devs want to
use; as long as I can pull down an app container that runs on my machine then
the need to rely on a least-common-denominator language goes away and we're
all better off.

~~~
Xeoncross
Do you really think regular people are going to run docker containers?

My point is that decentralized networks need to be easy to run by normal
people. Go, Rust, Java, C, Swift, etc.. can all be compiled into an app and
handed off to a user to run.

------
zzzeek
No "servers" to download and host. We have a "server" already it's called
email.

------
codyswann
Sometimes we get so wrapped up in our own bullshit that we fail to realize
that the average Facebook user has no idea what "decentralized" means; nor
cares that their personal data is being sold.

This is another example of faux outrage that will pass with the next news
cycle.

~~~
bausshf
Another thing is that this will only appeal to people who are generally tech-
minded and not the average joe who uses social media.

Most people who uses social media etc. doesn't want to download a lot of
things, access should be fairly easy and painless without some sort of
"guide", which is what I can see as the downfall for this "social network"

~~~
chrstphrknwtn
It's more to do with convenience. It was more convenient (and cheaper) to just
get Napster / Limewire / Soul Seek / other p2p sharing app and download music
than buy it online. In the beginning it was a _tech-minded_ group, but the
software got better and easier... and the communities grew.

In short order it was not only _tech-minded_ people who did this en-masse. If
a platform is convenient for people to do X, it has a good change of also
being popular.

------
eatinggrin
PHP and MySQL...

~~~
darkstar999
...successfully runs a vast majority of web services on the internet.

------
dasanman
I can not see me using this ever

