(Noisebridge on do-ocracy)
Harm minimising on corporate social networks not getting the monkey off your back? Indeed! I am part of various communities that claim to want to leave the surveillance factory for somewhere else. Here are some notes I am writing for these communities on alternative options.
Financing and governing your DIY social network
I don’t have much to say here, but I’m interested in knowing more.
Financing and paying costs
The first example I ran into of doing this right is. Social.coop, an Oregon-based social network. They document their toolset for barnraising a local, accountable community network. Their actual site runs on the federated mastodon system. Open collective gives them transparent community organising for the governance and expenses. They use loomio for decision making. I don’t know how they keep these systems all in sync.
Mastodon itself uses a patreon.
Keywords: do-ocracy Group membership norms.
🚧 rant here about how no one but Facebook facilitates IRL gigs, events and meet-ups and since that is all I personally care about I won’t actually use any of these options until I (or more realistically, someone else) can fix this problem.
Using turnkey infrastructure
If you just want something more efficient for your purposes but don’t care about the NSA reading it (realistically, my priority) there are turnkey technical solutions designed to do this for various use cases.
- discourse is an open-source community chat platform which you can install on your own server. It seems to be the dominant force in community-run servers at the moment. Do not be confused by the similarity of name to the commercial
- keybase teams are a reputedly end-to-end encrypted chats run by a fancy hipster dotcom.
- Zulip is an open source slack-alike with first-class mathematics support.
- Rocket.chat is another team comms system, like slack.
- Riot is the flagship semi-secure chat system for Matrix. Looks a little like Slack.
- Gitter is a hosted and open-source system. (gitter source) in principle you can run yourself if you have a trusted macOS server lying about. It‘s sort of like its more famous cousin Slack, apparently? Now you are responsible for your own security. Is that better?
- Slack is a communication platform somewhat more oriented towards workplace organising than other chat programs. Can be forced to support mathematics. Its UX is unsatisfactory for ad hoc groups (signing on is hard, and it requires people to learn how to turn on notifications, and you end up with a million Slack channels of low activity) and it is hosted by a third party with dubiously competent enforcement of their jurisdiction’s wacky geopolitical tantrums.
- discord is like a “fun” themed Slack, (i.e. chat thing hosted on a 3rd party server) which means a slightly lower barrier to entry but less professional cred. It is still presumably prone to unaccountable American politics tantrums.
- groups is a freemium mail group services with, for each group, “a calendar, chat, polls, a database section, a photos section, a files section, and a wiki.” Also integrates “Feeds, Facebook Pages, Slack, Google Drive, Github, Trello, Email.” NB Facebook pages need to be public to integrate.
Or, dunno if it really fits here, but look at this attempt to provide the some of the features of the social network in terms of telling you not to forget birthdays, Monica the open-source personal CRM.
Host your own social network
Run your own social system! On (possibly) your computer or (probably) someone else’s cloud!
Various of the turnkey options above also allow you to self-host, plus there are extra ones.
- Riot (🚧 check this is self-hostable.)
- Gitter (although it has onerous dependencies and it not very plausible to run)
- rocket chat is an open-source, optionally-self-hosted team chat server. A quick perusal seems to indicate it is attempting to be the good bits of Slack.
Of the above ones, only Riot is AFAICT host-proof encrypted.
Plus also the following that AFAIK don’t have their own turnkey hosted options.
- Federated social media projects like Mastodon and Peertube, are an interesting half-way point between central systems and fully distributed systems. You and a community barnraise a server together for your local social network, and it talks to other servers for you to create a global mesh of local social networks.
- mattermost. 🚧
- Wolkenkit boards is a collaborative note taker.
These fun DIY systems are good simple starting points. They are presumably sharing less information with the Facebook marketing and profiling machine. They may not satisfy the truly paranoid. For AFAIK all of these options, apart from possibly Riot, the servers can still be subpoenaed and spied upon and presumably blocked by malevolent state interests; that is, they are not host proof. Or to put it another way, in every chat there is one machine that is definitely suspect in addition to all the partiicpants - the server, which is probably being spied upon somewhere. To reduce that risk you could one-up everyone and use decentralised encrypted networks which try to eliminate the server (i.e. so that if your security is busted, at least it is your own fault.)
Fediverse: Twitter run by volunteers.
This is kinda fun, but not something I’m passionate about as it’s still fragile, unencrypted and thus subject to censorship and surveillance etc. But also it’s cute and friendly and evokes early-internet nostalgia, which is sweet.
A.k.a. cozy twitter. This is what I thought social media would be like in the 90s, for better and for worse. 🚧
PeerTube is a federated video sharing system, with a structure much like Mastodon and using the same federation protocols. Written in Typescript, if you are curious.
Idk. Diaspora, I guess.
Solid is not so much a cypherpunk infrastructure as a set of standard for how to provide decentralised social data streams to a hypothetical decentralised social internet. Backed by WWW figurehead Tim Berners-Lee. It still uses the normal internet but it decentralises … identity?
Fully decentralised social networks
Long story short, there are no servers because everything is run on the computers of the network participants. Here are some social media examples.
The theory of decentralised is discussed elsewhere. NB a decentralised system is not necessarily also an encrypted one, but in practice there don’t seem to be people who are only interested in decentralised networks and not cryptographic guarantees, and there are certain problems that cryptography certainly helps with in a decentralised setting.
André Staltz explains a social media alternative, called scuttlebutt (which, to be precise, is shorthand for a complex ecology of pieces making up the “scuttleverse”, most of which, as consumers, we can ignore.) The flagship application here seems to be Manyverse.
This started as the übergeek social network for survivalists. Run it from your bugout yacht after a climate apocalypse, while malevolent totalitarian states try to censor your messages and steal your stockpiled tinned food!
Scuttlebutt is decentralized in a similar way that Bitcoin or BitTorrent are. Unlike centralized systems like PayPal or Dropbox, there is no single website or server to connect when using decentralized services. Which in turn means there is no single company with control over the network.
However, Scuttlebutt differs from Bitcoin and BitTorrent because there are no “singleton components” in the network. When accessing the BitTorrent network, for instance, you need to connect to a Distributed Hash Table [for which] you need to connect to a bootstrapping server [and] still depend on the existence of ISPs and the internet backbone. …
Secure Scuttlebutt is also different to federated social networks like Mastodon, Diaspora, GNU social, OStatus. Those technologies are not peer-to-peer, because each component is either a server or a client, but not both. Federated social networks are slightly better than centralized services like Facebook because they provide some degree of choice where your data should be hosted. However, there is still trust and dependency on third-party servers and ISPs, which makes it possible for administrators of those to abuse their power, through content policies, privacy violations or censorship.
In Scuttlebutt, the “mesh” suffices. With simply two computers, a local router, and electricity, you can exchange messages between the computers with minimal effort and no technical skills. Each account in Scuttlebutt is a diary (or “log”) of what a person has publicly and digitally said. As those people move around between different WiFi / LAN networks, their log gets copy-pasted to different computers, and so digital information spreads.
What word of mouth is for humans, Scuttlebutt is for social news feeds. It is unstoppable and spreads fast.
In practical terms, the main backend bit, which users can probably ignore, is the distributed data store scuttlebot. On top of that you run user-facing apps like patchwork, which is a user forum thing, or Manyverse, which looks like a nice network but actually only runs on Android phones.
Docker image/sanity check/tutorial.
So far it’s not real, but socialx claims to be a blockchain-ish social network with integrated payments for popular content. Closed source AFAICT. Had an ICO already.