Re: [Social-discuss] PHP-Based GNU Social structure

[Carlo von Loesch]

László Török typeth:
| *Efficiency concerns*

It's like with HTTP or SSL or regular expressions or DNSSEC. You add
a library written in C to your language engine or application framework
and you're ready to go. In this case you would link libsocial and have
the ability to transmit and receive efficient packets. If you prefer
to have a sociald running in the background, your application can
control it via a local socket. With HTTP you are simply using a
different and less suited thing in the background.

| *Beating Facebook*
| I've heard voices anxious to "beat" Fb. However, I personally don't think
| that we can gain competitive advantage over Fb, merely by making things
| faster. It just has to be fast enough to be enjoyable for the end user. I am
| also quite skeptical about the idea that we can gain much traction solely by
| the promise of making it free and solve privacy concerns of current social
| sites. The ordinary John Doe (that is, the majority of people) doesn't seem
| to care about these things. The key thing is it has to be something that the
| USER _likes_. It has to offer things Facebook/Orkut/etc. can't / won't.
| Look at the success story of Ubuntu. I think that can be our compass when
| thinking about higher level strategy.

That's what I mean by "beat" Facebook. If you're doing yet another
web-based thing it will be yet another web-based thing. If instead it
helps you do things you never thought of before, like attaching a real
mp3 to a conversation thread - not upload it to some file server, we'd
be doing something beyond just commented status updates.

Also there are some things companies cannot do: There is no business
model for creating a free software that gives people the ultimate P2P
social tool with complete privacy in every thing you do (the way I have
been describing). So if free software folks aren't doing this, nobody
ever will.

Just today I bumped into a use case for such a social tool. You may
have heard that the web's certification system lies on the floor
bleeding since you can buy yourself an intermediate certification
authority and fake any certificate you need faked. How can you ensure
a certificate presented to you is the same for everybody else?
A centralized solution exists which will confirm the correctness of
a certificate, but if you use it you are sending your browsing habits
to it, and you trust it to tell you the truth. Another solution uses
TOR to obtain the certificate from other people's computers.
Unfortunately some tor exit nodes try to MITM you, so you don't get
the correct certificate from them and you can't tell which certificate
is the correct one. So what is the use case? Well if GNU Social was
a generic social networking framework it would allow my web browser
to "ask" my friends if a certain certificate is correct (what I mean
by this is to implement a "social TOR" on top of gnu social). Yes, I
would expose what I am currently looking at, but that's why they are
my friends. And thanks to strong cryptography nobody else would know
but them.

-- 
___ psyc://psyced.org/~lynX ___ irc://psyced.org/welcome ___
___ xmpp:address@hidden ____ https://psyced.org/PSYC/ _____