Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
The Internet Technology

Tim Berners-Lee Announces Solid, an Open Source Project Which Would Aim To Decentralize the Web (fastcompany.com) 227

Tim Berners-Lee, the founder of the World Wide Web, thinks it's broken and he has a plan to fix it. The British computer scientist has announced a new project that he hopes will radically change his creation by giving people full control over their data. Tim Berners-Lee: This is why I have, over recent years, been working with a few people at MIT and elsewhere to develop Solid, an open-source project to restore the power and agency of individuals on the web. Solid changes the current model where users have to hand over personal data to digital giants in exchange for perceived value. As we've all discovered, this hasn't been in our best interests. Solid is how we evolve the web in order to restore balance -- by giving every one of us complete control over data, personal or not, in a revolutionary way. Solid is a platform, built using the existing web. It gives every user a choice about where data is stored, which specific people and groups can access select elements, and which apps you use. It allows you, your family and colleagues, to link and share data with anyone. It allows people to look at the same data with different apps at the same time. Solid unleashes incredible opportunities for creativity, problem-solving and commerce. It will empower individuals, developers and businesses with entirely new ways to conceive, build and find innovative, trusted and beneficial applications and services. I see multiple market possibilities, including Solid apps and Solid data storage.

Solid is guided by the principle of "personal empowerment through data" which we believe is fundamental to the success of the next era of the web. We believe data should empower each of us. Imagine if all your current apps talked to each other, collaborating and conceiving ways to enrich and streamline your personal life and business objectives? That's the kind of innovation, intelligence and creativity Solid apps will generate. With Solid, you will have far more personal agency over data -- you decide which apps can access it.
In an interview with Fast Company, he shared more on Solid and its creation: "I have been imagining this for a very long time," says Berners-Lee. He opens up his laptop and starts tapping at his keyboard. Watching the inventor of the web work at his computer feels like what it might have been like to watch Beethoven compose a symphony: It's riveting but hard to fully grasp. "We are in the Solid world now," he says, his eyes lit up with excitement. He pushes the laptop toward me so I too can see. On his screen, there is a simple-looking web page with tabs across the top: Tim's to-do list, his calendar, chats, address book. He built this app -- one of the first on Solid -- for his personal use. It is simple, spare. In fact, it's so plain that, at first glance, it's hard to see its significance. But to Berners-Lee, this is where the revolution begins. The app, using Solid's decentralized technology, allows Berners-Lee to access all of his data seamlessly -- his calendar, his music library, videos, chat, research. It's like a mashup of Google Drive, Microsoft Outlook, Slack, Spotify, and WhatsApp. The difference here is that, on Solid, all the information is under his control. Every bit of data he creates or adds on Solid exists within a Solid pod -- which is an acronym for personal online data store. These pods are what give Solid users control over their applications and information on the web. Anyone using the platform will get a Solid identity and Solid pod. This is how people, Berners-Lee says, will take back the power of the web from corporations.

Starting this week, developers around the world will be able to start building their own decentralized apps with tools through the Inrupt site. Berners-Lee will spend this fall crisscrossing the globe, giving tutorials and presentations to developers about Solid and Inrupt. "What's great about having a startup versus a research group is things get done," he says. These days, instead of heading into his lab at MIT, Berners-Lee comes to the Inrupt offices, which are currently based out of Janeiro Digital, a company he has contracted to help work on Inrupt. For now, the company consists of Berners-Lee; his partner John Bruce, who built Resilient, a security platform bought by IBM; a handful of on-staff developers contracted to work on the project; and a community of volunteer coders. Later this fall, Berners-Lee plans to start looking for more venture funding and grow his team. The aim, for now, is not to make billions of dollars. The man who gave the web away for free has never been motivated by money. Still, his plans could impact billion-dollar business models that profit off of control over data. It's not likely that the big powers of the web will give up control without a fight.

This discussion has been archived. No new comments can be posted.

Tim Berners-Lee Announces Solid, an Open Source Project Which Would Aim To Decentralize the Web

Comments Filter:
  • Enough with all the utopian bullshit and just make it work better!

    How about being able to actually get GB speed from the GB connection Iâ(TM)m paying for? Start there.

    How about not being stuck waiting on a connection to some third part domain that Iâ(TM)ve never even heard of, so that the site Iâ(TM)m ACTUALLY VISITING will load and make itself available to me?

    How about a goddamned single sign on mechanism of any kind so that I donâ(TM)t have 1000 different passwords for websites?

    How ab

    • by registrations_suck ( 1075251 ) on Sunday September 30, 2018 @06:43AM (#57398700)

      Howâ(TM)s out slashdot appropriately processing âoeâ quotes?

      • by PopeRatzo ( 965947 ) on Sunday September 30, 2018 @11:07AM (#57399412) Journal

        Howâ(TM)s out slashdot appropriately processing âoeâ quotes?

        I'm starting to like it this way. It lets us identify the Apple users and ignore them accordingly.

        • Thanks, I got my Internet Laff(tm) for the day!

          Actually, my 2nd. XKCD made my day with a Stanislav Petrov panel.

        • It is not an Apple problem. Android tablets, specifically mine, do have the same "problem" (Using a Chrome browser there)

          • It is not an Apple problem. Android tablets, specifically mine, do have the same "problem" (Using a Chrome browser there)

            I'm using an Android device right now. A tablet, in fact. And chrome. And my 'quotes' and "quotes" don't look like my cat walking over an international keyboard.

            • But mine do. Lenovo Yoga Book .
              So? What is your point?

              • But mine do. Lenovo Yoga Book .
                So? What is your point?

                If I were you, I'd try calling the Slashdot Help Line. One of our Customer Experience Concierges will be happy to assist you.

      • I think the character processing is all done in regular expressions, and there is no one left working at Slashdot who understands regular expressions. They should really just open source Slashcode and let people make improvements.
    • by Anonymous Coward
      There was a fella with the name of Tim Berners Lee who voted FOR the inclusion of DRM in HTML.

      I do not know if it is the same Tim Berners Lee, or not

      https://www.techdirt.com/artic... [techdirt.com]
    • Re:Enough already (Score:5, Informative)

      by Archtech ( 159117 ) on Sunday September 30, 2018 @06:57AM (#57398732)

      How about being able to actually get GB speed from the GB connection Iâ(TM)m paying for?

      That is not a WWW issue at all; it's not even an Internet issue. It's a commercial issue between you and your ISP.

      How about not being stuck waiting on a connection to some third part domain that Iâ(TM)ve never even heard of, so that the site Iâ(TM)m ACTUALLY VISITING will load and make itself available to me?

      Again, this is only marginally a WWW issue. You can make matters a lot better by not patronizing sites that pull in lots of other sites, often for money-making or advertising purposes.

      How about a goddamned single sign on mechanism of any kind so that I donâ(TM)t have 1000 different passwords for websites?

      Use a password manager such as Password Safe.

      How about a âoepay nowâ button that accesses the info I have already stored in my web browserâ(TM)s âoeID cardâ, so that I donâ(TM)t have to type it in all the time?

      If you think it worth the loss of security involved, you can already have your browser memorize most of that information.

    • by brunes69 ( 86786 )

      > "How about a goddamned single sign on mechanism of any kind so that I donÃ(TM)t have 1000 different passwords for websites?

      This already exists and is called OpenID Connect. It works quite well for the most part and is what makes all of the "Sign in with Google" and "Sign in with Facebook" (and used to also have Sign in with Yahoo) buttons work across the web.

      It has not taken off for a couple of reasons

      - Misunderstanding that by doing this you are giving Google/Facebook/Yahoo access to your data on

      • Re:Enough already (Score:5, Interesting)

        by shmlco ( 594907 ) on Sunday September 30, 2018 @09:56AM (#57399176) Homepage

        "Misunderstanding that by doing this you are giving Google/Facebook/Yahoo access to your data on that site (you aren't)"

        The flip side -- and the problem -- with this is that nine times out of ten the site in question wants access to your personal information as well as a complete list of your friends. Refuse, and the site won't grant access.

        So the site in question gets all of my Facebook/Google data, and Facebook/Google now know of your interests in X and (quite likely) can track you across that site using "like" button cookies.

        OpenID would be great if there was a way to have an account somewhere that was limited solely to identification and whose provider wasn't snarfing all of your personal data. And, not to mention, was a big enough player in the space that most web sites would actually implement it.

        So maybe Solid is, in fact, that solution.

      • This already exists and is called OpenID Connect.

        I've had problems with OpenID Connect in practice. Describing these problems first requires defining some terms associated with OpenID Connect and the OAuth 2 framework it's built on. In case someone's not familiar with these:

        Identity provider (IDP)
        Website where the user has an account, such as Google or Facebook
        Relying party (RP)
        Website that displays a "Sign in with..." button and receives information about a logged-in user from the IDP
        Client credentials
        A token that identifies the RP to the IDP, consisting
        • by KjetilK ( 186133 )
          WebID currently builds on OIDC (because we couldn't get browser makers support WebID-TLS, which is much simpler), but I think you'll find that it doesn't have the same problems: https://github.com/solid/webid... [github.com]
          • by tepples ( 727027 )

            In particular, the example workflow [github.com] implies that dyn-reg support is mandatory, at least for RPs. (I'm assuming for the moment that "must" means "MUST" in the RFC 2119 sense.)

            If this is the first time a Provider and a Relying Party are encountering each other, the RP must perform Dynamic Client Registration. Note: This is an operation that happens under the hood, and does not involve the user. All compliant OIDC clients have this functionality built in.

            But it doesn't technically make dyn-reg mandatory for pr

    • Enough with all the utopian bullshit and just make it work better!

      How about being able to actually get GB speed from the GB connection Iâ(TM)m paying for? Start there.

      How about not being stuck waiting on a connection to some third part domain that Iâ(TM)ve never even heard of, so that the site Iâ(TM)m ACTUALLY VISITING will load and make itself available to me?

      How about a goddamned single sign on mechanism of any kind so that I donâ(TM)t have 1000 different passwords for websites?

      How about a âoepay nowâ button that accesses the info I have already stored in my web browserâ(TM)s âoeID cardâ, so that I donâ(TM)t have to type it in all the time?

      Start with that. Let me know when you have it. Thanks.

      You aren't quite understanding, friend. All that you complain about is a direct result of what the web has become, not utopian bullshit.

      Do you want to know why data caps has been increasing? Why they advertise faux so called Unlimited data?

      All of the thigs you complain about cause it. The increase in data is just so you can be force-fed more ads, scripts, tracking, and attempts to get you to freely give away data that can be monetized or weaponized.

      If I tether a computer to my smartphone without an ad

      • The internet is badly broken.

        The internet is working perfectly. It was never intended as a virtual domain to allow primates to pick nits off each other digitally.

        • The internet is badly broken.

          The internet is working perfectly. It was never intended as a virtual domain to allow primates to pick nits off each other digitally.

          Yeah, it was always about an advertisement, tracking and data weapon service.

    • How about turning off "smart" quotes in your keyboard settings so your comments don't get mangled.

    • How about a goddamned single sign on mechanism of any kind so that I donÃ(TM)t have 1000 different passwords for websites?
      Why would any sane person want to do/have that?

  • by Entrope ( 68843 ) on Sunday September 30, 2018 @06:46AM (#57398706) Homepage

    These are very nice puff pieces claiming a lot of good intentions, but how does it work?

    I can already create a calendar app -- or download one -- and control all my information by running it on my own web server. That is more hassle than I want. How does this new thing let me trust my data to code written by other people, that I probably never see, running on servers I don't control? How will Berners-Lee's new company make enough money to pay employees and satisfy its venture-capital backers?

    • TBL's original vision for the WWW was exactly that everyone - organization or individual - would be able to read and write information. Presumably this new idea (drawing on nearly 30 years of experience) will suggest ways of making it far easier and more foolproof to run your won Web server - or do something similar that gives the desired benefits with much less hassle.

      • by Luthair ( 847766 )
        Who is going to the pay for the web server? The user? hahaha
        • Odds are it will follow the course of the original web. You may pay for the server from providers that honestly charge a fair price for it. Or you can host it with one of the alternatives that will host your data for free, in exchange for being granted access to crawl that data and serve you ads based on it., Next up websites will start requesting access to that data in exchange for access to free services. The reason this is doomed, is 70-90% of people will value the money in their wallet over privacy. an
        • by tepples ( 727027 )

          Users are already paying for web servers with their ad eyeballs.

          • Actually, we're all paying for it with actual real money. Advertising is paid for by companies, who make profits by selling us stuff. It's like a world-wide tax on everything. The world would be a better place if we could find a way of preventing that money from going through ad agencies, and instead just somehow funnel it directly into media organisations. This is, of course, impossible.
    • It's WebID. You have your profile on your own server, or on a WebID server, and it can be accessed via a Rest API.
    • by MrKaos ( 858439 ) on Sunday September 30, 2018 @08:59AM (#57399008) Journal

      These are very nice puff pieces claiming a lot of good intentions, but how does it work?

      I found some some documentation: The getting started [inrupt.com], Introduction to the specification [inrupt.com].

      There are some other things that look interesting Introduction to Linked Data [inrupt.com], Expressing ID [inrupt.com] and, Manipulating linked data [inrupt.com].

      It looks interesting enough to check out when I'm not so tired.

      • by Entrope ( 68843 )

        That documentation is almost useless for assessing the claims of personal control over one's data. Sure, if you post an image, you can put it in your "pod", and you can -- if you want -- manage access control rules to limit who can retrieve it from that pod. That doesn't limit further distribution of the data, and it requires absolute trust in the server hosting your pod (because the WebID authentication protocol puts the public key for your identity in that pod).

      • by thomst ( 1640045 )

        MrKaos noted:

        I found some some documentation: The getting started [inrupt.com], Introduction to the specification [inrupt.com].

        There are some other things that look interesting Introduction to Linked Data [inrupt.com], Expressing ID [inrupt.com] and, Manipulating linked data [inrupt.com].

        Someone who has points please mod parent +1 Informative.

        Yes, people could easily find these documents for themselves - but most of us are lazy, easily distracted, and focused on other things. Providing these links is a useful public service.

        Thank you, MrKaos ...

    • by elrous0 ( 869638 )

      These are very nice puff pieces claiming a lot of good intentions, but how does it work?

      Probably the same way Theranos' magic blood tests worked. It's powered by bullshit.

    • by KjetilK ( 186133 )

      These are very nice puff pieces claiming a lot of good intentions, but how does it work?

      I can already create a calendar app -- or download one -- and control all my information by running it on my own web server. That is more hassle than I want.

      Ah, but you are pinpointing it right there! It is more hassle than you want, why? If we could fix that problem, so that it wouldn't be more hassle to have it on your own webserver, then what would you do? And that's like iteration 1 of Solid, we're separating those apps from the data, so that you can have your data on your webserver, but you can use any calendar app you want. That way, companies will be competing to create the best apps, not to suck your data out of you. So, Solid is about making the infras

      • Ah, but you are pinpointing it right there! It is more hassle than you want, why? If we could fix that problem, so that it wouldn't be more hassle to have it on your own webserver, then what would you do? And that's like iteration 1 of Solid, we're separating those apps from the data, so that you can have your data on your webserver, but you can use any calendar app you want.

        Surely you jest. Anyone can do this today using iCalendar because the interfaces are standardized. Every calendaring system worth using today supports iCalendar URLs out of the box.

        The problem isn't web servers, where data is stored, level of centralization, authentication, authorization, access controls or any such thing. The problem is lack of interoperability due to failure to coordinate and agree on data formats and schemas. It's easy to create a system to scratch a particular itch. It's another ma

      • by Entrope ( 68843 )

        Ah, but you are pinpointing it right there! It is more hassle than you want, why?

        Because I don't want to have a computer at my house running all the time, and a colocated server for my personal data pretty much needs a lot of security monitoring and patching and configuration.

        If we could fix that problem, so that it wouldn't be more hassle to have it on your own webserver, then what would you do? And that's like iteration 1 of Solid, we're separating those apps from the data, so that you can have your data

  • by aglider ( 2435074 ) on Sunday September 30, 2018 @06:51AM (#57398712) Homepage

    Companies and governments will find ways to hinder his project or to screw it up.

    • by StikyPad ( 445176 ) on Sunday September 30, 2018 @08:14AM (#57398880) Homepage

      This. When the WWW was born, the only entrenched interests were networks like AOL and Compuserv, none of which had the political or economic clout to stifle competition. The web, at that point, was pretty useless anyway, and likely not viewed as competition, per se. These days, Facebook and Google are some of the largest companies in the world, and they exist precisely by monetizing the very user data that TBL proposes to lock down. So.. good luck?

      • by thomst ( 1640045 ) on Sunday September 30, 2018 @02:01PM (#57399892) Homepage

        StikyPad stated:

        When the WWW was born, the only entrenched interests were networks like AOL and Compuserv, none of which had the political or economic clout to stifle competition. The web, at that point, was pretty useless anyway, and likely not viewed as competition, per se.

        <lecturemode>

        Not true.

        TBL announced the WWW - and posted source code for it - in late 1989. It instantly took the high-energy particle physics research community by storm (because he worked for CERN, and developed the first iteration of HTML there). However, the only graphical browser in the world at that time was the one he built as a proof of concept - and it ran only on NeXT cubes. Everyone else had to settle for using Lynx, a character-mode browser.

        That was less of an impediment to its spread than you might think, both because NeXT machines were wildly popular among high-energy particle physicists (they were, after all, the most powerful personal computers available at the time), and because, outside of the academic/research particle physics and academic computer science communities, the dominant Internet access paradigm at the time was via dial-up, terminal emulation session, where user applications pretty much only ran on the ISP's host machines. Oh, and you had to buy (and your ISP had to support) a US Robotics proprietary-technology modem to get speeds above 9600 baud.

        But it is profoundly incorrect to claim that the Web was simply a curiosity at the time. Folks who had Internet accounts then (mine was via Netcom - one of the first commercial ISPs) were tremendously excited when the existence of this new technology exploded out of the HEPP academic hothouse (via Usenet, of course). And we weren't the only ones, either. Any number of tech companies built websites right away - and many of them were actually useful to us. In particular, since I was working as a freelance LAN administrator and networking consultant at the time, I regularly made use of both Novell's and Compaq's sites to download drivers, patches, and documentation - and was grateful as hell to be able to do so.

        That's because my colleagues and compeers who didn't have Internet accounts were forced to download those same resources via CompuServe's balky, and determinedly-user-unfriendly, forum portals. Meanwhile, I had gleefully uninstalled the CompuServe client from my own computers, and permanently kissed the monthly CompuServe tax goodbye.

        One of the things that made the Internet so attractive an alternative to CompuServe and the <shudder> odious techno-leech called AOL was that, in those days, it was still subject to the restrictions on commercial traffic imposed by the NSFnet's backbone content policies. (NSFnet was the default Internet backbone for the USA. As a project the sole funding source for which was the National Science Foundation, its use policies naturally prohibited commercial messages from traversing it, because federal agencies were, quite rightly, forbidden by law from endorsing any commercial product or service - and basically every packet sent over the 'net wound up traversing NSFnet, because it was the only backbone provider in the USA.) So, no advertising (outside of Usenet spammers) or pay-for-content services were permitted on the 'net.

        The first graphical browser for Windows users (which also swiftly was ported to the Mac and AmigaOS platforms) was cobbled together in early 1993 by two grad students working at the National Center for Supercomputing Applications (one of whom went on become a billionaire venture capitalist, while the other one didn't). They called it Mosaic, and man was it ever primitive - but it was free, and open-source (even though that was not yet a term of art), and by using a shim (the name of which escapes me at the moment), you could even get it to run on your dial-up, terminal-emulation-mode account. And, as lame as it was, it was the coolest thing in computing, and all the hax0r kids had to have it.

        Me includ

        • Before the WWW we already had similar systems, like Gopher and text based WAIS.
          The parent simply mixed up "consumer level internet access, based on WWW/HTTP" with "the internet".

          • by thomst ( 1640045 )

            angel'o'sphere observed:

            Before the WWW we already had similar systems, like Gopher and text based WAIS. The parent simply mixed up "consumer level internet access, based on WWW/HTTP" with "the internet".

            Yes we did.

            WAIS never really worked very well (because it came along about the same time that the web did, and the latter sucked all the oxygen out of the academic computing environment's interest in it), and Gopher always was a nightmare of non-functional links and endless waits for it to timeout when it hit one of them.

            And I believe I pretty definitively made your second point for you - with sufficient historical context included to establish exactly how far from the facts his asse

            • Well,
              I had no bad experience with Gopher as I was using it only on Macs inside of a campus with a quite fast internet connection to the USA, and one of the first fiber optic internet links in Europe connecting Karlsruhe, Strasbourg and two or three other "european" universities.

              With WAIS I never had any problems either ... but I did use it only for research purpose of a guy making his PhD ... so that was perhaps over a course of two years once or twice a month.

              But I have to admit, when HTTP/HTML came out, I

  • Broken by design? (Score:5, Interesting)

    by spinozaq ( 409589 ) on Sunday September 30, 2018 @07:02AM (#57398744)

    This design seems like DRM for personal data. Which is fine for things I would never share, like a TODO list. As soon as you wish to share information the receivers need a way to decrypt it. Just like DRM is broken by design, since the purchaser needs to actually play the song, so will this.

    I just donâ(TM)t think the protection of data Is the problem. Itâ(TM)s the motives of companies that provide ease of data creation, and consumption, that are the issue. For this to work, well funded, highly regulated non-profits would need to mange it, and create the interfaces. Maybe Iâ(TM)m an old cranky pessimist, but I donâ(TM)t see that happening.

    • by DogDude ( 805747 )
      There's something wrong with your keyboard.
    • by KjetilK ( 186133 )

      This design seems like DRM for personal data.

      Whoooah! No, it is not. DRM is fundamentally broken, so, that's not what we're aiming for. Indeed, if you trust your data with someone who is not worthy of your trust, then there is very little technology can do to fix that broken trust. Then, it becomes a really difficult social, psychological and legal problem, where technology can only play a very minor part.

      So, what we're doing here is to ensure that you can store stuff on a web server you control. Then, the intelligence sits on your client, so the

  • Barfable prose (Score:3, Interesting)

    by mveloso ( 325617 ) on Sunday September 30, 2018 @07:39AM (#57398808)

    "Watching the inventor of the web work at his computer feels like what it might have been like to watch Beethoven compose a symphony"

    Watching someone type is one of the most boring things imaginable, no matter who you are.

    • Watching someone type is one of the most boring things imaginable, no matter who you are.

      That really depends on who it is and what else they're doing as they type.

    • Watching someone type is one of the most boring things imaginable, no matter who you are.

      Unless you're the piece of paper he's using a quill to write on. Then I imagine it's much more exciting.

      OUCH! Oh no, he's going to scrape and poke me again! STOP it -- you can't erase that, I'm too thin there already. Don't crumple me up like my brothers over there!

  • Now add Reddcoin into the idea of sharing my data. Let me set the price on what I want to share and make the companies pay me to get it.

    This will give us control and destroy ads at the same time.

    • by KjetilK ( 186133 )
      We're not married to any particular coin, but we have people working on stuff like that. One project alumni is working on Filecoin, and we are talking a lot with the people of Safecoin. I'm pretty sure we can have stuff like in near future.
  • Just tried (Score:5, Informative)

    by GerryHattrick ( 1037764 ) on Sunday September 30, 2018 @08:53AM (#57398988)
    Wonderful, and needed. So as an oldie who html handcoded my co's original 'website' very many years ago, I want to try what's new. My personal website has lots of files and anchors, so looks good for conversion/insertion to a 'Pod'. What to do next? Follow the links and register with, er, real name, then get flipped to Github and have to... get registered again - in order to get what... a manual? Aw, come on. I may be misunderstanding this, but there has to be a better front end for those of us who aren't geeks
    • Re:Just tried (Score:5, Insightful)

      by SlaveToTheGrind ( 546262 ) on Sunday September 30, 2018 @10:08AM (#57399214)

      I may be misunderstanding this, but there has to be a better front end for those of us who aren't geeks

      I don't think you are. I tried it out sans TFM, on the theory that it's going to have to be pretty damn intuitive for much of the world to bother. Just creating a blank document in a private space (and then finding it again) required way too much trial and error (including manually typing in a URL at one point), and the privacy/sharing interface doesn't seem to allow for any customization of groups/roles much less an obvious way to actually assign users to them. It's a long way from showtime.

      • If this is like 1989 www in development maturity, we should start seeing stuff interesting to the common folk in about 5 years. But, I was enjoying the internet before 1989. This level of development brings back good memories.
    • then get flipped to Github and have to... get registered again - in order to get what... a manual?

      You don't need to register on github. Just scroll down on the manual page and you will see the directory listing and after that the rendered manual in Markdown. But granted, usability wise this is abysmal. Possibly they currently intend to make it accessible only for people who already have experience with github and other weird things until it has matured enough to be used by the general public.

    • by KjetilK ( 186133 )
      Yeah, we might not have said too clearly that the whole thing is a prototype made for other hackers. The code has been through a long journey, so we know pretty well how the foundations will look, but there is quite a lot of work to get the server into a good shape security-wise. Then, we need to work a lot on Developer Experience and then User Experience. But we're attracting people now, which is good.
  • by DogDude ( 805747 ) on Sunday September 30, 2018 @09:51AM (#57399158)
    The Web isn't broken. It's still there. It's still working the way it always has. Most people have simply chosen to use it badly.
  • I can't serve the world.
    If I post the worlds best corn bread muffin recipe, and it goes viral, then either; my web site crashes because of the slashdot effect, or my provider charges me thousands of dollars for the honor of having a successful web site, or some combination of the two.
    The reason Youtube is popular isn't the technically difficultly of hosting video clips, it's the cost of doing so.

    Replacing a central server with a group of central servers helps, but it's not good enough.
    We need a solution li

  • ...should be where you are in control of the information you read, and no one should be able to purchase themselves the top search result positions.

    When you have to register, you immediate place all your privacy and trust in those who claim to protect it, as history shows us again and again, this is seldom the case - we always end up at the shallow end of the dreampool.

    A library, is sort of anonymous, because they never register what books you read, they only label them, track them for recovery purposes, an

  • by WaffleMonster ( 969671 ) on Sunday September 30, 2018 @11:17AM (#57399432)

    Spent some time on solid website. It certainly appears to be compliant with all modern standards.

    1. Talks about how important privacy is while using Google Analytics
    2. Massive fonts
    3. Jackpot scrolling
    4. Low information content that leaves the reader guessing what you are talking about.
    5. Piling on armies of crappy framework over another until something notably unremarkable is achieved.

    "Solid is a set of modular specifications, which build on, and extend the founding technology of the world wide web (HTTP, REST, HTML). They are 100% backwards compatible with the existing web. "

    "At its core, Linked Data is really simple: every piece of data gets its own HTTP URL on the Web, and we use those URLs to refer to those them. So if your photo is identified by https://yourpod.solid/photos/b... [yourpod.solid], then my comment at https://mypod.solid/comments/3... [mypod.solid] will link back to that URL."

    "PODs are like secure USB sticks for the Web, that you can access from anywhere. When you give others access to parts of your POD, they can react to your photos and share their memories with you. You decide which things apps and people can see."

    In other words quite literally nothing new.

  • Giving everyone in the world their own HTTP REST endpoint for granting information access to 3rd parties isn't a bad idea on the surface, but I think the implementation here might be a bit too convoluted. I would make an extension to DNS and flow everything based on e-mail address alone, similar to how MX works:

    - Your e-mail address is your unique identifier. Just as most sites already use today.
    - To participate, domains expose a new DNS record of type, let's say "IX" (information exchange)
    - An IX record on

  • "...Every bit of data he creates or adds on Solid exists within a Solid pod -- which is an acronym for personal online data store..."

    So you have to trust somebody to host it and storage is not free, and also to trust your browser manufacturer (Google, MS and Apple) and trust your OS manufacturer as well (again Google, MS and Apple). Finally Google will put Facebook out of business (unless people keep going with the status quo).

  • by Anonymous Coward

    Listen to your selves...

    In the light of the recent blow to net neutrality and the recently passed European copyright law, I find it disheartening reading the comments.

    You sit here nay-saying any effort to decentralize the internet and better privacy before it has a chance to mature. You regurgitate political and corporate bias left and right. These tech giants like alphabet/google, amazon and the likes, should be considered the enemy of privacy and a free, decentralized internet, and it is their ideas that

  • It's my 128GB USB stick containing all my data, which I keep in my watch pocket, with copies at two other places.

  • I'm sure Tim has thought this through but what happens when Solid is compromised?
  • It's not likely that the big powers of the web will give up control without a fight.

    They will let their best weapon, which is network effect, fight and defeat it. If people want to reach their friends, they need to go through the existing giant corporations products.

  • by RhettLivingston ( 544140 ) on Sunday September 30, 2018 @09:26PM (#57401118) Journal

    Just read much of the inrupt.com site and some of the specifications on github. Not everything, but alot. Two critical problems seem obvious though it is possible I missed the provisions.

    First, I see no indication that access to the pods is end-to-end encrypted. So, if your pod is stored on a server that is not your own, they definitely have access to your data. No 3rd party server can be trusted with your data (even if it can, you won't get notified when that changes) and few have the skills to stand up their own server. I would think that a requirement for end-to-end encryption of all data is an obvious one. An app given permission to access it must also be given some type of revocable keys.

    Second, I don't see provisions to stop apps from taking the data and writing it somewhere else. To control your data, you must control the writing at everywhere it is processed as well. Apps should be forced to run in a sandbox that can only write data to approved places and all memory in the sandbox should be reliably wiped when the app is no longer needed. Trust of the sandbox should be verified before pods can be accessed.

    Without at least these provisions, I see no possibility that this system can deliver user's control of the dissemination of their data.

  • There have been glimmers of a federated style systems (Jabber, RSS / Atom / Salmon, Diaspora etc.) in the past. There are even devices such as Freedom Box that attempt to encapsulate a person into a device that can be controlled by the person themselves.

    The main problem with all these things is that the majority of people lack the means / motivation / technical skill to set them up. Therefore if a federated system is to work, or we expect people to store their private info in "pods", it requires that ther

  • so you have 'pods' that contain your information and you control which website/app can access information in the pod.
    you'll end up with sites/apps that will require you to allow access to your pod or else you can't use the site.
    they will take use all data from the pod, while still building their own database depending on your actions on their site.
    the end result might be even worse then what we have now, where at least you could potentially island of certain sites/apps.

Keep your boss's boss off your boss's back.

Working...