An interesting thing about Diaspora, is that despite their popularity and funding, they have been extremely vague. They have very little documentation, hardly any specs, their roadmap is... succinct, to put it nicely.
Often times this summer, I've wanted to write an article comparing and contrasting Appleseed and Diaspora's goals, implementation, approaches, etc, and even with the source code out, and having read over it, there wouldn't be enough information on their end to fill more than a couple paragraphs.
I'd definitely be interested to see how they plan on approaching a lot of the design and architecture issues Appleseed has had to content with, along with their approach to UI, and how third party developers will be able to extend and interact with their servers.
They seem to be giving a lot of talks, although I haven't gotten much more information out of the ones that have been streamed.
It just doesn't seem that playing things close to your chest is a great strategy when it comes to building open source software. It might be good for a startup, maybe that's where they're headed? If so, I'm interested to find out what their business plan would be.
You guys should make them a proposal - scrap all the Diaspora code, replace it with Appleseed code, then rebrand it Diaspora. Best of both worlds - the more mature Appleseed codebase, and the fame of Diaspora (get it quick before it's squandered).
You could even continue calling the codebase 'Appleseed', while the public brand/trademark/implementation would be Diaspora.
Just as with any field, I think competition in the distributed social networking space will only be beneficial in the long run. Why should Diaspora adopt Appleseed if they want to tackle the problem space in their own way, with their own ideas? More importantly, why should Diaspora hijack the work of Appleseed, simply because they're a more popular brand?
I agree that it would be much quicker to start the movement away from Facebook if Diaspora leveraged other people's experience, but I'd be remiss to dictate how they should run their startup simply because they became popular so fast and I want to use them as a flagship for distributed social networking. This movement will eventually succeed on its own merits, whether or not Diaspora succeeds itself. In the meantime, let two teams with great potential (Appleseed and Diaspora) continue to develop their ideas about how they'd accomplish it.
Patrick, I'd be interesting in hearing what you mean by "php soup." I've developed what I consider (having over a decade of software development experience) to be a very capable MVC framework. Are you speaking to your particular feelings on PHP itself, or do you have specific criticisms of the codebase?
Haven't we already put an end to this "PHP is crap" line of thinking? Every language has its good and bad. Any dev worth his salt should be able to understand it, rather than attaching blind faith and getting tied to one specific language or technology.
They basically plan to implement the ostatus protocols (google them)
Ah yes, I was at the Federated Social Web Summit in July, hosted by StatusNet (met the Diaspora team there, briefly), so yes, I'm aware of the OStatus protocols. I've been following the Github since September, and I've read the specifications that have been put forward, and most of it is more theory than documentation, although that can be forgiven so early on. I still feel, however, that the specs they do have are quite vague, especially in terms of the issues of privacy, access management, security, etc, which is Diaspora's raison d'être.
I guess I assumed that they would have had a lot of that stuff worked out before they had even started coding, or asking for money for that matter.
I could talk more about it, but I'd prefer not to spend much time explaining why there isn't enough information, I'd prefer to have information which I can compare and contrast. It may be that Diaspora and Appleseed are simply at different points in development, so I may just have to be patient and see where they end up.
My tinfoil-hat theory: Diaspora is an inevitable failure deliberately planted and promoted behind the scenes by Facebook, as part of a strategy to discourage would-be social networking startups.
While I don't believe in that, I do think it's odd that Kickstarter accepted their proposal despite being very clear that they don't accept startups and they are catered towards the creative arts.
My tinfoil hat theory:
The passion of a vocal minority is not a reflection of the hacker collective, but rather the reflection of an impressively-run facebook-sponsored astroturfing campaign.
Comments like
"I have lost my faith in the Diaspora core team";
"so still useless";
"still think the diaspora-design is an non-starter";
"Isn't this project pretty much dead already"
and many, many more like them...
These type of comments just seem off in some kind of way; like they are trying too hard to push something; like I'm watching a news headline attempting to create a scare where there is none.
I read such comments and think "Meh, the internet was born unsecured yet I do sensitive transactions now." <sarcasm on> Thanks to all the astroturf, I couldn't dig through the noise to find similar reactions expressed in earlier HN posts.<sarcasm off> Maybe Diaspora needs it's own Rally to Restore Sanity to counter the March to Keep Fear Alive.
Message to Diaspora:
Whether you incited a genuine vocal minority or are getting astroturfed, don't be fooled. Most are rooting for you so... keep coding. I'll call bs (http://en.wikipedia.org/wiki/bs_game) for you.
Absolutely impossible. I met them before they had their hit kickstarter project, and they were just really enthusiastic about building a real alternative to the social networks, and were spurred on after seeing Eben Moglen's 'Freedom Box' talk.
I usually don't like it when people say "trust me", but I'm going to just this once: Trust me, security in a distributed social networking app is most definitely not a straight forward technical problem.
Most of the security problems that have been criticized in the articles have straightforward solutions.
That said, you're right that there are a host of security problems that people will find out about once everybody starts using it in a distributed fashion. These are the ones I'm really interested in, too.
I'll up it one further and repeat what I said in the previous diaspora thread: Their architecture has bigger problems than mere security holes.
The idea of basing a distributed social network (solely) on "fat hyper-peers" is flawed.
Apart from the countless organizational issues there is simply no way to establish trust (in the cryptographic sense) in such a design. End-to-end trust can only be created when the users run their own nodes that hold their own private keys. And no, these nodes don't have to be always-online for such a system to work.
All I can see in the diaspora architecture is a strong case of "When all you have is a hammer then everything starts to look like a thumb".
If you want to see a more realistic approach then look at FreeNet. They have pretty much everything in place that would be needed for a distributed social network, but they burdened themselves with the requirement of anonymity.
Rip that part out of their codebase and there you have the first (and fundamental) half of your distributed facebook.
