Work in progress: Cavern, a decentralized social media protocol

December 26th, 2018

If you follow my blog or have spent more than 5 minutes around me in the past 6 months, you know that I've been spending a lot of time thinking about social media software. Some of that thinking has been crystallizing into a prototype with the working name "cavern". In brief, I'm hoping to create an application and protocol that supports social journaling—like a blog, but with optional privacy filters; think Livejournal or Dreamwidth. Here are some of the properties I want the finished product to include:

  • Give people control over their own writing and media: Everything is created locally, and published out to friends and other contacts. Server disappears? No problem, you still have all your stuff.
  • Decentralized or distributed: Spread the software out over everyone's computers, so there's no central authority to interfere in people's digital lives. People can make their own decisions about nudity, political expression, and appropriate conduct in general.
  • Allow custom privacy levels: World-public, socially-local (n-degrees of separation), access list only, and custom access lists (Google Plus's circles, or Dreamwidth's custom filters).
  • Make use of social accountability: Encourage posting at a socially-local privacy level (not world-public) so that any adverse behavior occurs within a social context, where people already have tools for handling conflict. Bonus: Not publishing (mostly) to the entire world means a lower risk of surveillance and targeted disinformation campaigns.
  • Everyone takes on moderation duty within their own journal, rather than being subjected to the impersonal and overburdened moderation system of a central authority (e.g. Tumblr, Facebook, or Twitter.)
  • Trust-less hosting: To the extent that the system relies on servers not under the user's control, the system must not trust these servers not to censor or spy on their posts. (Cryptography is employed to this end.)

If you're interested in this vision, or even in just these general topics, I encourage you to come participate in the new Social Media Design community I'm organizing on Dreamwidth.

We need GDPR in the US before Facebook dies

December 20th, 2018

Facebook is in hot water these days, as their lies unravel. Maybe—hopefully—this leads to their shutdown, and even to new privacy laws in the US like the EU's GDPR. But one problem occurs to me: We need a GDPR equivalent before Facebook dies.

Picture the alternative. Facebook is hemorrhaging users (to where, I don't know) because people have finally gotten fed up enough to explore the alternatives that have existed all along. Maybe some of the alternatives are even more ethical than Facebook. So far, so good. Facebook stock crashes, advertisers put their money elsewhere. Facebook's investors start knocking at the door: Where's their money?

There are few ways a dying Facebook could pay back their investors, and none of them are good. Outright selling the user data (rather than giving it away for favors, as we now know they have done.) And regardless of how poorly Facebook treats its users, I'm not willing to bet that Facebook is the worst possible holder of such detailed and sensitive user information.

I think the best scenario we can hope for is that GDPR gets adopted by the US with minimal changes, turning the screws on Facebook until it becomes valueless and the user data becomes toxic in the eyes of possible buyers. The investors lose their money, as well they should.

One can hope.

Microscope party

September 19th, 2018

Today I held a microscope party, with luck the first of many. It was simply this: My wife and I happen to have several microscopes, most people don't, and microscopes are fun. I invited over a bunch of people and gave suggestions on objects to bring. It was a blast, and if you or a friend happen to be equipped to do so, I can heartily recommend holding such a party yourself.

Read full entry »

How can a privacy-positive social media site gain meaningful adoption?

August 18th, 2018

There is a fundamental tension when designing social media software with a focus on privacy: The more posts are set to friends-only access, the harder a time the network will have in gaining adoption.

Since social media to a large extent lives and dies by network effects, some combination of these are necessary to grow the network beyond a critical threshold and keep it lively. It must also stay reasonably competitive with other social media systems in attracting users. There are many reasons a person might choose to 1) create an account and 2) "friend" other users rather than sticking with what they already have:

  • Being encouraged to by their existing friends
  • To see what all the fuss is about (if it's in the news)
  • By seeing interesting posts by people they may or may not know

Privacy-positive social media software is by default at a disadvantage in the last category. How can it be made competitive with the likes of Twitter and Facebook without compromising on values? In this post, I consider the notion of "socially local privacy" as a partial solution to the discovery problem.

Read full entry »

Don’t use Marcaria as a domain registrar

August 8th, 2018

(I don't usually take to my blog when I feel wronged by a company, but after all it is the traditional recourse when appeals to customer service fail. Feel free to skip this post if you aren't domain shopping.)

I registered a domain with Marcaria last year because they were one of the few options for .ps domains. (Normally I would have gone with Gandi or NameCheap.) They were offering, and are still offering, $49 as an "annual price" for .ps domains. That's their wording. You can see it on their live site as of this moment, although of course they may change it after publication.

And then yesterday I went to renew.

Read full entry »