Some time around September of 2011, a friend mentioned that he was interested in DIASPORA* as a more secure, more free alternative to Facebook. I had been aware of the project for sometime, but hadn’t really kept tabs on it. When I looked into it in September, I quickly realized that the project had progressed quite a bit from my initial impression many months earlier. I decided to jump in head-first by building my own DIASPORA* server and inviting other folks to join me.
In the months since, the DIASPORA* community has witnessed rapid growth and fought off accusations of mismanagement, controversy and scandal. What follows are my thoughts, as of this point in time, with regard to the DIASPORA* technology and community.
Getting Started: Building the Platform
I’m comfortable with deploying Ruby on Rails applications and didn’t have much trouble getting the DIASPORA* code base up and running. I did make a few decisions that made my life a little more difficult than necessary initially. By default, DIASPORA* is configured to use the Thin application server on MySQL.
Most folks who run the server in that way seem to prefer nginx for the front end. I gave Thin a try, but I could never seem to get it running properly as a daemon and I really hated the clunky way that I had to reverse proxy from port 443 on the web server to port 3000+ (for multiple instances) on Thin. I’m more familiar with Passenger on Apache (which uses abstract UNIX sockets instead of TCP sockets) and decided to just stick with that. Although it seems to be a rare decision in DIASPORA* circles (and as a result there aren’t many folks to offer advice), I have been happy with that decision. Since there is a compatible Passenger module available, I may move to nginx at some point, but haven’t seen the need to yet.
/var/www$ RAILS_ENV=production rails console Rack::SSL is enabled Loading production environment (Rails 3.0.11) 1.9.2p290 :001 > User.all.length => 1710 1.9.2p290 :002 > Person.all.length => 22413 1.9.2p290 :003 > Post.all.length => 63219
I also chose to use PostgreSQL instead of MySQL. There are plenty of folks who have made this same decision, so that wasn’t too much of a stretch.
For hosting, I chose to use Rackspace Cloud. I tend to like the scaling functionality of Amazon AWS better, but Rackspace is more economical. When I’ve needed it, I’ve been able to provision larger systems relatively quickly to adjust to demand and to scale back again as I was able.
Where security is concerned, I should have a big, red disclaimer. Although I’m reasonably comfortable using DIASPORA* for sharing casual information, it is alpha software. There are many, known challenges with the software that are actively being worked on. And I am certain there are many more such issues that are unknown.
The DIASPORA* developers have made a lot of smart choices, like enforcing SSL communication between pods, implementing the solution in a standard, multi-tiered fashion and making extensive use of existing code (i.e., not reinventing the wheel). Still, much depends on the capabilities of the implementer and how the software is deployed. Even the most reliable and secure software can be deployed in a way that leaves your data exposed. Caveat emptor.
Misunderstanding Breeds Contempt
The social characteristics of the typical DIASPORA* user have made for some lively entertainment. People who join the network today are early adopters largely looking to escape the draconian and invasive policies of services like Facebook and Google+.
Unfortunately, many Diasporans don’t seem to grasp the nature of the freedom that DIASPORA* affords them. Instead of taking ownership of their information, they tend to all pile on to the largest pods, joindiaspora.com and diasp.org. (EDIT: I have seen recent indications that folks are recognizing that that is a poor choice.) Once there, they begin to realize that their data is in the hands of an unknown entity without any tangible acccountability to the users. They then revolt with claims of conspiracies, mismanagement and coverups. I’ve seen it happen over and over just in the few months that I’ve been observing, and it has been one of the more frustrating aspects of the experience for me.
For those who are unfamiliar with the technology: DIASPORA* is exactly like a mail server, from a privacy perspective. You can choose to entrust your data to someone who manages your mail server for you or you can choose to host the mail server yourself. In either case, you may have full access to the desired ecosystem. With DIASPORA*, you can host your own server and join in the conversation immediately with no approval or bootstrapping necessary. You just load up your server and begin participating. That is how you maintain control over your data.
With regard to that last point, here are a few thoughts that you should consider before signing up on a DIASPORA* pod:
- If you choose to use a server run by someone else, you must understand that that entity has full access to all of your information. No communications in DIASPORA* are currently encrypted in storage (for confidentiality, that is; there is some asymmetric cryptography used for message signing). The ONLY way to have control over your data is for you to do it yourself (and even then, when you share with other folks, you lose that control, but that’s another matter). From my observations, people seem to get very bitter about this fact. They want to just sign in to a service that’s run, maintained and funded by someone else and feel safe. Here’s the deal folks, it doesn’t work that way. If you want control over your data, be prepared to do some work and/or contribute in some tangible way. There is no hidden agenda and DIASPORA* is not a shell for some megacorporation with nefarious intentions towards your data.
- There is some advertising verbiage from secondary sources (i.e., not the Diaspora Foundation) that is less than honest. For example: no one can claim that DIASPORA* will never have advertising; that decision is completely up to the server owners. But on the whole, what you see is what you get.
- Don’t complain about privacy policies and try to force people to do what you want (especially if you are not actually contributing in any way). If you don’t like the policies (or the lack thereof) of a given server, then just leave. You always have the option to do it yourself (and that is a massive differentator from Facebook and Google+).
Conclusion
This post has grown a bit longer than I originally intended, so let me just wrap it up with this thought: I am very grateful to the core development team of DIASPORA*. They have done a great job of building a decentralized social networking framework that I’m certain will be improved upon for years to come. If you are interested in seeing what DIASPORA* is all about, feel free to join my pod, Serendipitous. Or, head over to diasp.org or joindiaspora.com. Or better yet, set up your own pod using the Diaspora Install FAQ.
Wherever you join, follow me at “justin@ser.endipito.us” and I’ll be happy to discuss this revolution in social networking with you further!