Solid is an inherently bad idea. It undermines its own data sovereignty goals by encouraging a design where you grant access to your data to outside servers instead of requiring your data be processed on trustworthy servers. The only reason it would make sense compared to self-hosting or decentralized hosting of applications, is if you are primarily concerned with allowing proprietary apps to do things to your data without your ability to inspect or monitor them.
Just because a guy comes up with a good thing once doesn't mean his next thing needs to be covered ad nauseum on his personal brand name alone.
I don't see how anything you said makes it a bad idea. I'm not deeply familiar with how Solid works, but if the goal is to put users in control of their own data, this is worth pursuing. Self-hosting is only accessible to technical users, and decentralized web apps are an improvement over the status quo, but in practice users can still choose to give up their rights to a 3rd party.
What TBL is trying to do is commendable, and it's something that should've been built into the web from the beginning, so Solid feels like him trying to correct his past mistakes. Though I'm afraid that it might be too late to do course correction on the modern ad-powered web behemoth, and that a web reboot would be necessary for this to gain any traction at all.
> Just because a guy comes up with a good thing once doesn't mean his next thing needs to be covered ad nauseum on his personal brand name alone.
Ad nauseum? The coverage of this is severely limited, and even the technical discussion around it, as you can see on this forum.
Yes, this probably shouldn't ride on his brand name alone, but maybe it's worth listening to the father of the web when he says that his invention has gone astray.
I don' t know. It's not my thing, in that it doesn't really address the privacy problems that I have online, but I could see it being useful for others.
I don't think your reasoning about this—especially the following part—is especially sound:
> The only reason it would make sense compared to self-hosting or decentralized hosting of applications, is if you are primarily concerned with allowing proprietary apps to do things to your data without your ability to inspect or monitor them.
(One word comes to mind: wat.)
I disagree with your conclusion ("Solid is an inherently bad idea"). Solid—in the abstract, at least—is an example of a great idea, but terrible execution—and the company (Inrupt) has not been a good steward for the project.
In the Solid webiverse we could all self host tools that work across any range of sites. Anything anyone wanted to share with us? We could use whatever tools we want and do trust to use that data. We could use tools we trust to surf all the web, in the Solid world.
And given that we could self host these tools on static websites - since they dont rely on the host to hold data - we could all fork whatever tools we want into our own github pages accounts just fine.
I can not think of a more ideal & perfect outcome. Nothing you said in any way seems to hold any muster to this theory. Will it happen like this? Probably not; only if greatness takes root & spreads. But you seem hung up on assuming the world will absolutely remain as shitty as it is now. And you seem to be using that as your ammo to dismiss/ignore/put down. You are hard hard shorting this idea, and to me, that unwillingness to accept possibility, that rejecting based off of only what you are familiar with: that is a big bad.
(There's also an even wider range of cross-site systems that use the many trust barrier/sandbox options we have to allow us to weave webs between points of presence, in a trustable fashion. The fediverse has just some early crude steps at this, and it doesn't yet use any filetype handling nor protocol registration capabilities; the door is open.)
@ocdtrekkie: I'm rate limited again & cant reply but I don't see a single clash you've made with what I've just said. You've ignored every thesis every word I made & just doubled down on being wrong in exactly the same way. Please show the clash clearly. I've discussed at length how it allows tools to be happened in trusted places, to easily run yourself if nothing else, to statically host. There's even Web specs being proposed for isolated apps, which prevent a tool from dialing home anywhere. https://github.com/WICG/isolated-web-apps/blob/main/README.m... It's sad to see such wrong incorrect & negative persistent disbelief & pettiness used to shade such possibility. It's unclear what possibility you allude to as you crap all over other ideas. What poisonous sad disbelief.
There are simply an army of far better solutions out there. Solid depends on a poor model, but receives the most attention because the leader of it is famous.
The problem is that if these tools are hosted by someone else, you cannot verify they do not also have your data. Once you grant them access to it, they can copy it, sell it and send it elsewhere, etc. Since, yes, we have decades of experience that companies do evil things with your data, we can easily recognize sharing your data with hosted applications is a recipe for abuse.
Meanwhile, there is almost no downside to requiring apps be runnable on a service/storage provider you trust. If I trust my storage provider, I can trust apps won't be permitted to do bad things on my platform. Whether that's a self-hosted service or a trustworthy SaaS, you are far better off demanding apps be put in containers you can host where you want rather than opening up your data to various destinations.
> The problem is that if these tools are hosted by someone else, you cannot verify they do not also have your data. Once you grant them access to it, they can copy it, sell it and send it elsewhere, etc.
If you enter a building where there are both knives and people present, then you also cannot prove that they won't stab you—in the matter of what can be done, a stabbing is one possible outcome.
Leaving that aside, you don't have to buy into the Solid project's marketing stories about mediated access to your data in order to find the idea to be compelling on other merits. The remoteStorage project has a few things in common with Solid, but they don't lean as hard on the types of stories that generally make their way into marketing/reportage on Solid. At the end of the day, an alternative to the current status quo, where you would have unfettered access to your own data instead of having to ask permission for a copy, would be a good outcome. Solid (and remoteStorage) are sufficient, and that alone makes them worthwhile to consider.
I'm personally fond of Sandstorm (which I contribute to), but any number of Docker-based self-hosting platforms either available to run yourself or sold as a SaaS (Cloudron, Umbrel, Tipi, a half dozen others in development, etc.) solve the problems that Solid solves, "owning your data", without the huge downside that Solid creates, "giving your data to outside servers willy-nilly".
The thing is Berners-Lee is a web standards guy, so he wants to solve the problem with a web standard. But a web standard is not necessarily the right solution here. And I think it's unfortunate some tens of millions of dollars of funding have gone to a solution that doesn't really solve the problem.
Just because a guy comes up with a good thing once doesn't mean his next thing needs to be covered ad nauseum on his personal brand name alone.