I wonder how could any Facebook replacement (or Facebook itself) allow somebody to support some group while not telling anyone. Of course it's possible, donate some money, do some job for them, but… on Facebook or something like Facebook? How?
Facebook itself used to have this level of privacy protection. You could join a group and post on the wall and in the forums for that group privately. If your privacy settings were to disallow non-friends from seeing your profile, then it would just show your first name and a generic placeholder as your photo. Your name would be unclickable and therefore untraceable to you unless you had a unique first name.
Ironically, right before the big push to erode users' privacy, it seemed that they might have taken it a step further and replaced your name with "facebook user", removing even your first name (I was never sure if this was intentional or a bug, but in any case it didn't last long as the big privacy changes came soon after).
The thing is, this doesn't even make sense for FB to do. I've removed my interests and activities from my profile. Before the ads I got shown were basically relevant - they were mainly for products and services connected to those sports I listed, for example. Now the ads I get shown are fairly random. So Facebook have reduced my value to them as a set of eyeballs to show ads to. How can anyone at FB have thought this was a good idea?
I've done the same thing as you and noticed the same effect on the ads shown to me, but when I mentioned my privacy concerns to some friends the other night, most just said "so what, I don't have much of value on Facebook anyway". I think the mass of people (even intelligent people) don't have the same privacy concerns as a lot of the "tech informed" crowd does.
We know how valuable the data is and what can be done with it, that makes us much more sensitive to giving it up.
Facebook is also a way for groups to communicate with their supporters, plan private events, and let members locate each other. It would be useful for many groups to do that without broadcasting group membership.
A. Facebook has made it clear during the big "everyone" push that hiding your friends on your profile page is not the same thing as hiding it from public access; it is still considered public information by Facebook and can be accessed as such.
B. Much of your personal data is still publicly available through Facebook Graph, regardless of how much you try to lock down your profile. It's only a matter of time before people start scraping this information and publishing it in a way that it's clearly accessible from Google, and Facebook won't be able to do anything about it.
In the past I've had to go through all of the privacy settings painstakingly to make sure nothing is public, but I don't see how it can be said that you can't hide what you want from the public / graph API.
1) The graph also shares your picture (800679/picture?type=large), likes (800679/likes) and your timezone as well. I consider this "much of your personal data."
2) Before the Graph, it was possible to hide all of this information completely if you used the strictest privacy settings. You could completely hide the fact that you had a facebook account; even the things you published on public FB pages would just show your first name and a placeholder photo.
3) Before the Graph, it wasn't possible to systematically scrape the info of all Facebook users sequentially. The fact that this is now possible will make it easy to collate the data and publish information about you that you haven't personally shared. Most users' photo albums are set to "everyone" (by accident, of course), but previously they were pretty much undiscoverable even if they were public. I'm pretty certain that this is going to be exploted by sploggers and others, just like every other large publicly accessible source of data.
How is your friend list still public information, if you set it to private? You are suggesting that the privacy settings don't actually do anything, which is inaccurate.
For example, if your friend list privacy is set to "Everyone", accessing your facebook page while logged out will show a random sample of your friends. Switch the privacy setting to "only friends" or something restrictive, return to the profile page in a logged out state, and note that your friends no longer are displayed.
The friends list is still available to third parties through the data API's. How long until a third party provides that data as a product? Actually, Facebook itself is already offering that data to employers, IIRC.
EDIT: To clarify, I'm not talking about the publicly exposed "graph". I'm talking about what they've long provided to their third party affiliates, e.g. all the approved Facebook "application" developers/hosts.
P.S. Notice the nice information asymmetry involved in this, as well. You, as a private individual, have no access to this. But designated (and / as in paying) parties do, at the sole selection (I think I'll avoid use of the word "discretion") of Facebook.
It is always technically 'possible,' to figure out how to make Facebook's privacy settings match yours, the fact that there are forum posts and blog posts like yours show that Facebook on some level is doing it wrong with privacy. Granted Facebook is a huge network, but if they are going to succeed, they need to match privacy with as much intuitiveness and perfectness as Google manages search results.
Not to defend Facebook per se, but "managing privacy intuitively" is hell of a user interaction problem. I don't know any design that could encompass all the complexity of human social interaction and privacy issues related to it intuitively.
Something that contributes considerably to mitigation of the problem is to make changes "opt in". Users not opting in continue to get the old model. If you just can't support the old model any more, the default is removal of presentation and/or removal of the information involved.
A few people who can't be bothered to back up their own work and data, nor to respond to announcements of upcoming changes, may be pissed when items are "lost". But no one's privacy is compromised. Further, if you provide clear means of such a back up and/or instructions and advisement to maintain private copies, you can help lessen this second problem.
That's something to Google's credit, that they've officially supported and developed means for users to retrieve their data locally into documented, usable formats.
It is in fact very hard to find these bugs. Most of the time when a person sees something about you, that person has no idea if that's in line with your preferences, so can't even know if Facebook is working as it's supposed to.
I think (hope) that Twitter has found (and realizes that it has found) a niche for itself in the 'what is happening now' part of the web. If they can focus on this, they might have a shot at becoming successfu.
I think the main difference between Twitter and Facebook is that the former is very clear at all times that all your data is public (by default), while the later is moving from a private to public data, in a not so clear way. But being more focused, Twitter does have an edge: it does not try to contain all data about your life, therefore, even if it sells your data, it doesn't really matter, as it was public already (buyers could just as easily use the API) and you don't have a lot of info about you anyway (unless you choose to do so).
Summing it up: would we even be having this conversation if Facebook, from day 1, started with defaulting all data as public, being clear about it, and making data securing hard to accomplish?
What I'd like is distributed p2p linking. No personal data on a server that isn't yours. Any of your data hosted on a third party site if you choose so, is encrypted to within an inch of its life: they can't do ANYTHING with it except forward it to whoever you designate.
Venn diagrams for your social graph. Or trees. Preferably both. If Yelp/Microsoft/whoever wants my data, they become a member of my social graph, not some all-seeing entity that hovers above me recording every comment I make. Data that goes to them is encrypted as well of course.
Make it distributed, because no company hosting user data will be able to resist the temptation to use it to make money. Or build it on top of Dropbox, and have Dropbox serve as the backup for your online social life, encrypted, of course. 2GB will eventually fill up, and hopefully people will be happy to pay for extra storage, especially if you make it easy.
There was a post on here a few days ago about just such a distributed system. Diaspora, and it's under development by some current college students looking for crowdsourced funding: http://news.ycombinator.com/item?id=1321651
I have a comment further down mentioning the horrendous mess that a P2P architecture would present.
It would work for techies like us, but it wouldn't work for the segment that is making Facebook so transcendently popular. MySpace was a "teen" thing, others before it, too, but Facebook is mainstream; my grandma has a profile, my parents have profiles, and such is true of many.
Also mainstream is turning off your computer when you're not using it. Almost every non-techie I know is really interested in having their computer turned off. They don't really care about waiting for it to come back up. Telling them that their profile is only accessible while their computer is on is an instant killer. And what if their internet goes out? They're down for that time too. For people with spotty or wireless connections, saying "your profile will only work when your connection works, like 30% of the time", is not going to be too encouraging.
What if a user's hard drive dies? Do you really expect people like my 86-year-old grandmother to make backups of her social network profile frequently enough for it to be meaningful? Or what if a user just gets a new computer? Are they going to understand how to transfer the profile?
Making users download and run a P2P server 24/7 slows down the computer, increases personal connection bandwidth usage commensurate with one's popularity, and creates a big opening for scammers.
I know Facebook would be much less enjoyable if I had to sit around and wait for the dial-up AOL connections of the old people I know to upload their photos. Or even home broadband connections; in the US, those are usually capped at 60-70kbps upload, which is pretty slow.
How easy would it be to create a page that looks like your network's page and say "We've updated our client! This is a special update that we can't auto-update for these smart-sounding technical reasons, so please download and install it." People would do this immediately because social networks are a major part of their web usage; for some, the only reason they use computer. And your network would be poisoned and the users' profile disabled just that easily.
I just don't see how a P2P social network would gain mainstream appeal. What are your solutions to these problems?
I don't think anyone is suggesting self hosting of profiles, just to go from one provider to many providers. That would involve interoperability. The advantages of this are many, no service could just query one host and get all profiles that cross their path. A user would explicitly give pandora or Microsoft access to their profile by providing something like their email or some similar identifying string that could be tied back to the host of the profile.
Right, but then you still have all of your data off somewhere in someone else's control. It'd possibly even be worse than Facebook, because an open "provider" that doesn't do anything except host data for Facebook & co. wouldn't be bringing any revenue, and thus would be tempted just to sell all the data you upload.
The point shouldn't be to cut out Facebook, it should be to keep the user in complete control of their data. You can transfer control to an arbitrary entity but what are they going to do to make money, and are they going to become corrupt or not? And if you asked yourself the same thing about Zuckerberg the day after Thefacebook went online, what would your answer be?
And how many are going to pay for server space when you say "this is like Facebook, but more secure", and how many are just going to stick with Facebook?
"What I'd like is distributed p2p linking. No personal data on a server that isn't yours." - This is exactly right. do, Currently my personal photos,emails etc. all run from a server hosted in my closet and when i need to share stuff i send a link by email. A distributed p2p linking will make things so much more easier.
Yea let's get an open alternative, a few years of coding, a few years of Facebook screwing up, a massive hatefest, and it will have 30% penetration in 2018. By then there will be new technologies that will make the issue irrelevant.
Same as Linux and Firefox. By the time the community effort got it together, most of the effort was obsolete. Google's Chrome OS throws much of linux away. NativeClient sandboxing turns browsers and plugins into frameworks of choice, like jQuery.
Interesting that you claim the efforts that have gone into developing Linux are now obsolete yet Chrome OS (which your offer will transcend "obsolete" Linux development) still depends on Linux as does a huge portion of the web.
Human progress is largely evolutionary and incremental. We stand on all that came before us. Facebook brought a new concept of interaction that has a downside many people are against. They address this by creating an alternative, and so goes history.
FWIW, I have written a facebook clone in Common Lisp and took me 2 months. It has profile pages, a platform for 3rd party apps, elaborate RBAC-based security, and a rudimentary service API.
If anybody wants to take this in some direction, I am more than happy to come aboard.
Does it allow the export of the data out ? Any service implemented with the intent "to be good", needs a built-in parachute for the users to use when it "becomes evil".
I think he meant "most of the effort that went into a good userland GUI experience, from FreeDesktop et al" is wasted when your display is 100% filled by an HTML frame, ala ChromeOS. The Linux kernel is certainly not a waste.
It's a bit facile to compare something that works and has a few flaws, but is used by a great deal of people, with something that still isn't out of beta and isn't really used by anyone.
Yes Ubuntu isn't going anywhere. App developers want one and only one OS and Ubuntu doesn't make life easier by being free.
As far as new technologies, I imagine internet protocols and bandwidth in 2018 will make it possible to share massive databases of information. New parallel chips will enable anyone to analyze massive databases of information, a whole economy of data sharing could emerge. New possibilities in online education, government, healthcare will all depend on the availability of currently private data.
By 2030 we will be living in "The Matrix" where AIs will learn from us by monitoring every single thought we have.
It's an important perspective. Facebook is just a tiny step, just like Windows was. They don't need to be perfect. Most importantly they should not be imitated or duplicated with a "free and uber-private" label. They need to be rethought with the long term perspective in mind.
What's the point of privacy? Do people care about distant data miners going through their lives or do they just want to avoid being fired or ridiculed by those close to them? And if some data miners gain magic knowledge on how to manipulate the masses, don't get paranoid. It's likely government will be redesigned around the new technology by then.
"It’s time the rest of the web ecosystem recognizes this and works to replace it with something open and distributed."
Before Facebook there was FOAF, which was exactly the same except for that it was open and distributed... And nobody used it. Being closed is the only thing that makes Facebook good.
I agree, but the point of being closed was the privacy. I have always believed that the secret to Facebook's success was the privacy. You were among your friends. Yeah, it wasn't private in the secure sense -- it wasn't secure enough to stop a determined stalker, let alone the FBI -- but it provided a social space that was different from just spewing stuff all over the open web.
Now that they appear to have given up that angle and replaced it with an unpredictable tangle of spurious logic that, yes, spews stuff haphazardly all over the open web, why not just publish your updates in the open?
What needs to happen now is that someone needs to go into Facebook's old business, the one they have apparently abandoned. Where is the closed service that makes a best-effort attempt to provide an invite-only social space for myself and my friends?
Presenting itself initially as Harvard's yearbook is what made it good, as it kickstarted its network effects (everyone feels sort of obligated to be "in the yearbook," because they want to imagine they will be reminisced about.) I've seen FOAF profiles, but I've never seen a FOAF network.
FOAF is not a fair comparison. It meets only the "open and distributed" criterion. A Facebook replacement would, like the Wave protocol, allow users to chose a service as their delegate, and would not just be a way for nerds to mark up their meatspace and online-only friends.
A guy I know has been working on something of the sort for awhile. I'm sure he'd appreciate some thoughtful input from enlightened beings such as yourselves. =^)
What facebook is for anyways? Why should anyone care? I find it becoming more and more boring, useless - and, from my experience, people tend to go there less and less.
- Photos here and there
- Random links/videos scooped around the net
- Rants/statuses nobody cares about
- Passive activism where people "join a group"/like something and do nothing about it
- Farmville
It is boring, really. I found twitter, recently, of immense use in two fields. First, around the industry bunch of professionals connected themselves even without knowing each other beforehand and openly discussing stuff and sharing ideas. (notably game dev). Also, have you seen stocktwits? If they can find a system to filter out the noise... excellent! I have an idea though, if they could somehow pool calls from regular users and "analysts" and compare them to a weighted random generator and post stats next to each user that would be great.
facebook is now opt-out whereas it used to be opt-in. give me something like that with early 2006 facebook simplicity and id try it. ironically, ive always wanted a higher res community for the people here on HN. this might be the perfect seeding grounds for something to happen (early adopter, good sense of community, far reach,etc.)
I'm curious as to why lifestreaming never caught on: why entrust all your data to a single service (Facebook) when you can entrust specific data to specific services (photos to flickr, status to twitter, bookmarks to delicious, etc). This fragmentation produces specific competition for hosting particular data (this is already the case: Flickr, Smugmug, Picasa etc) which should keep hosts fresh and honest as they don't want to lose users.
All lifestreaming did was aggregate all of this into a discoverable point with privacy controls.
"Now, say you you write a public update, saying, “My boss had a crazy great idea for a new product!” Now, you might not know it, but there is a Facebook page for “My Crazy Boss” and because your post had all the right words, your post now shows up on that page. Include the words “FBI” or “CIA,” and you show up on the FBI or CIA page."
Facebook has had stream search for public status messages since July of 2009. Stream search is privacy-neutral; it only lets you see posts you were already allowed to see.
If you don't want your status messages to be visible to everyone, set your privacy settings accordingly. Account -> Privacy Settings -> Personal Information and Posts and adjust the "Posts by Me" setting to whatever you like.
Yeah this happens now, pages get a list of relevant status updates down the bottom, sometimes not so relevant. Almost seems like this should be restricted to people who like the page to keep it relevant. Also I wonder if there going to do anything about page fragmentation, they create a page for the exact way you typed something in, even though there is a more relevant page with different word formatting.
I am going to work on a new implementation of a facebook style website. Built on these core values:
1) User privacy
2) Data transferability
3) Open source software
4) Open API (for only that data that users allow, of course.)
I plan to do it in a Python web framework, most likely Django.
I know people have been discussing a distributed social network, but I don't see a market for that among the non-techies of the world. Just like they see XMPP as gMail chat (most of them), open standards mean nothing. Just look at openID, it simply can't gain much traction -- unless a flag carrier picks it up. Distributed social networking will simply splinter the arena till it's impossible for them to know "which one?"
For a new social network, the users want:
1) Simplicity.
2) Privacy.
3) Interaction.
4) Rich but intuitive interfaces.
I am making a call for any interested devs, shoot me an email. lukeseelenbinder <at> the only webmail provider to use. :)
(If I should post this as a new post. Let me know. I'm a little new to HN)
I've been thinking about doing some kind of distributed/open social network thing what with all the Facebook scandals cropping up, but it's pretty hard to do.
The fact is for something like Facebook to function smoothly, it has to be centralized. There has to be a server somewhere out there that can be queried reliably for this data and that's the bottom line, even if you have something API-based like OpenSocial. It's just a matter of who you're going to trust with that data -- and as we see over and over again, money and power clouds judgment; a good candidate to control this network when it's starting out may not hold up so well under the barrages of billions in revenue and investors down the neck.
The only way for users to have real control over their data is to build some P2P/self-hosting architecture, and for reasons all HN readers understand, this would be a huge, huge mess.
The fact is for something like Facebook to function smoothly, it has to be centralized.
I hate to do this to you, but [citation needed].
for reasons all HN readers understand, [P2P] would be a huge, huge mess.
Count me as one HN reader who does not understand that. (But then, it's hard to get someone to understand something if his ideology depends on not understanding it...)
At first glance it seems nontrivial. As with most problems like this that can be decomposed into algorithms and datastructures, technology provides a solution. OpenID, OAuth, and Open Social were all developed to solve similar problems.
My guess is that there will be half a dozen competing protocols within a year.
Right, and how successful are those protocols you've named? They all have relatively limited deployment and usage even though they've been around for years. OpenID is a nice idea but people don't want to remember a URL and a username and a password. People don't want to remember a "master URL" to give to each new social app they sign up for -- they want what Facebook gives; just sign up with a traditional username and password and start finding your friends immediately.
And, again, even then, if we follow the OpenID model of external providers, it's all about trusting that external provider with your data. There's still a central point with your data on it. There has to be. Unless the user is self-hosting this data, there is always a reliance on external entities. And how long could an external provider survive merely as a host for applications like Facebook, while not pulling in any revenue from Facebook's revenue channels like ads or Credits?
Might be a fun project to implement the XMPP Microblogging XEP (http://xmpp.org/extensions/xep-0277.html) as a start. XMPP seems to have a lot of the basic features for a distributed social network (buddy list, pubsub, established protocol, etc...)
"... It’s time for the best of the tech community to find a way to let people control what and how they’d like to share. Facebook’s basic functions can be turned into protocols, and a whole set of interoperating software and services can flourish ..."
Is there some sort of metric out there that quantifies the number or percentage of people that care enough about privacy to drop out of Facebook in disgust? What if FB is right and most people don't care about comprehensive privacy features? It may simply be enough for FB to keep random stalkers and identity thieves away. It's easy to imagine that the Ebay effect will stick to FB and it'll be the only heavyweight social network site around for some time.
"Now, say you you write a public update, saying, “My boss had a crazy great idea for a new product!” Now, you might not know it, but there is a Facebook page for “My Crazy Boss” and because your post had all the right words, your post now shows up on that page. Include the words “FBI” or “CIA,” and you show up on the FBI or CIA page."
Is this really true, or is the author conflating updates with the newly-normalized interests fields?
Listened to a talk given by one of the Firefox guys a while back and in their vision social networking would be aggregated into the browser. Seems like a good start for this open alternative.
I've noticed a trend recently whereby social networking sites on the internet are becoming integrated into desktop applications, panel applets, and now you suggest integrating it into my browser?
Personally, I like keeping my online social identity sandboxed away in my browser, in a tab. If it's integrated into my browser's code, then it's harder to understand how my privacy works.
In the current situation, I just have to clear my cookies to ensure my privacy is secure.
I'm _not_ enthusiastic about a future where my browser has the functionality of specific web services built into it.
My take: ignore the hype, watch people freak out and run around, and if it turns out it is a truly bad apple, pull out when I know for sure.
Not because I have a vested interest in them, but I don't have any info I need to keep private (I make sure of this) and I am not one to buy into hype and running around with your hands in the air.
Go ahead, downvote me for not being a Facebook alarmist. I do apologize though if I put it too curtly.
Don't get the fuss ... live by this rule -- DON"T PUT SENSITIVE INFO ON THE INTERNET. Simple. Be smart. Know what it is and isn't. Even if FBook had more enforced rules, then hackers would be the issue. As for FBook using the info you give it ... well, that's just good business.
No way. You cannot attract so many people worldwide when the trend is already mature. The same with other mass hysterias like WoW, now the iPad, etc.
The Tipping Point is a good book to learn why not. In-browser social networks is a not a cool thing anymore. It is just some feature of the net.
What is really interesting - is an emerging market of the Android-powered devices. The hardware is powerful and cheap enough, and the platform is open and simple (unlike the Nokia's crap).
The next generation of the social communications should be something like "texting 2.0" - texting with easy integration of a rich content from phone's camera on the fly. Just because teens loves texting, taking photos and their mobile phones.
A thousand times yes. I just made the same comment not 2 days ago on reddit. The next social networks are an extension of our mobile network which already exist. My only concern is that I don't trust carriers any more than facebook. And I don't want to pay per message. So an open system is paramount ... And doing it before a Closed business gains the most marketshare in that space.
On what legal basis? It's just a website that you can use if you like. I think Facebook is actually very useful because they are so openly nasty, disrespectful and deceptive. Their users are, on average, so incredibly negligent and clueless that the whole thing will blow up in society's face eventually, and then much better sites (maybe even a reformed Facebook) will emerge.
Indeed; I don't see their having done anything that rises to the level where an execution by the government is warranted. If they get slapped around some more by the FTC that will become even less likely.
One good thing that might come out of this is some "rules of the road" on changing ToS when they also change the social contract under which people entered their personal data.
It doesn't matter what's right or wrong, or what we want! 5% of users know or care about privacy. And social networking services are all about the network effect. So, good luck competing. Facebook won.
Facebook is for cheap-ass squares. They will get the biggest bang for the non-existent buck with FB.
It is only the deviant evil bastards such as myself who steer clear of the site: the atheist in a sea of believers, the swinger in an ocean of conventional marrieds, the Libertarian government critic in a swirl of FBI and CIA FB meddling, the gay-rights supporter in a community of homophobes... Damn, and this is just the beginning.
Free isn't necessarily freedom which is why I tend to be doubly-cautious around it.
> I’d like to have my profile visible only to my friends, not my boss. Cannot.
> I’d like to support an anti-abortion group without my mother or the world knowing. Cannot.
Great examples of what Facebook cannot do, and what the Facebook replacement must do.