Launchpad’s License Will Be AGPLv3

January 15, 2009 in development, software licensing by bkuhn | No comments

I just wrote a brief blog entry in my SFLC blog about the announcement that Launchpad’s planned license is AGPLv3.

Now that Canonical has made an indication that they want to respect the freedom of network users, it’s very important for the community of users to pay careful attention to Launchpad’s process, to help them make it a user-freedom respecting network service.

blogspam.net

January 9, 2009 in software services by evan | 1 comment

I was alerted by MJ Ray about this great new service for managing blog spam. BlogSpam.net is a gratis service for determining if comments on a blog page are spam or not. It was created by hacker Steve Kemp, announced on his blog on December 30th (”When the light is green, the trap is clean.”). It’s implemented with Free Software,  and as far as I can tell it complies with the Open Software Service Definition. It doesn’t seem to have any persistent data on the server side, so the Open Data requirements of the OSSD are met by default.

I’ve installed the blogspam WordPress plugin on controlyourself.ca and openmicroblogging.org, and it’s already caught about half a dozen spammy comments. It seems to be working really well, which I’m happy about.

I hope that as the software and the service matures, it continues to be aligned in goals with the Franklin Street Statement. I think there’s a great opportunity, with a shared service, to do distributed spam detection, either with Bayesian spam filtering or a fuzzy checksum service like DCC or Vipul’s Razor. If this happens, it’s going to be pretty important to make that accumulated data freely available.

I’m looking forward to the growth of this project, increased sophistication of the checks, and more plugins for other Free Software Web projects. And I hope we can get it installed here at autonomo.us, too!

With Software as a Service, Is Only the Network Luddite Free?

December 23, 2008 in podcast by bkuhn | No comments

I gave the keynote speech at 2008 Plone Conference in October entitled With Software is a Service, Is Only the Network Luddite Free?. I recorded the audio of it, but had, until now, failed to put it up anywhere. I’ve finally released the audio as part of Episode 0×03 of the Software Freedom Law Show (available as ogg and mp3). The slides from the talk are browsable online and I have of course released the source code of the slides as well.

Fabrizio Capobianco interviewed by Linux.com

December 11, 2008 in fellow travellers, interview by bkuhn | No comments

Fabrizio Capobianco of Funambol was interviewed this week on linux.com. He talks about his work to get OSI to accept AGPLv3 and why network-service-freedom respecting software licenses are good for his business.

new thinking on privacy and data portability

December 8, 2008 in Uncategorized by luis | No comments

I’ve argued here (and elsewhere) that privacy in network services is a problem best solved by data portability. The resultant competition, which would let people migrate from services with worse privacy policies to services with better privacy policies. Of course, the issue isn’t that simple- in particular, there are complex questions about who can export what data. If someone comments on your wall, can you take that with you? If you comment on their wall? What if they put up a picture of you? A picture of you, and someone else? I don’t pretend to have a solution to that, but my sense has always been that once a reasonable line was drawn, it’d got a long way towards helping resolve the privacy problems that have plagued Facebook.

James Grimmelman has a new paper out on privacy in social networks that suggests I might be wrong. In short, Prof. Grimmelman argues that data portability is not a solution to the privacy problem, because privacy is determined not just by who controls data, but by what code controls and interprets the data. Of course, the code won’t follow ‘ported’ data. For example, if a friend shares a picture with you, they aren’t deciding ‘just’ to share that picture with you, they are deciding to share it under the specific rules of the social network they are sharing it through. They may not fully understand those rules, but the rules are discoverable, choosable, and maybe even predictable. If that picture is taken elsewhere the rules may be better- but they may well be worse. Using the example of Scoble getting banned from Facebook for importing information into the notorious Plaxo, Grimmelman points out that this helped Scoble’s independence- but may well have violated the privacy expectations of anyone who had shared data with Scoble, assuming that Facebook would enforce certain rules on the use of the data. Or to put it more abstractly: “data portability may reduce vertical power imbalances between users and social network sites, it creates horizontal privacy trouble.” I think I’d known this before reading this paper, but Grimmelman laid the problem out so clearly that I will be forced to revisit the question.

(Tangentially, Grimmelman notes that this problem is in part a side-effect of the use of notions of ‘ownership’ to describe personal data, when property norms may well be the wrong metaphor for personal data. Certainly we’ve been guilty of that mistake here from time to time.)

Grimmelman does suggest a slew of other approaches that might lessen the privacy issues in modern social networks, and critiques a slew of others that he thinks won’t work - so for anyone thinking about privacy and network services the paper is well worth a read. In the meantime, I’ll be mulling what it means for free/autonomous social networks, and invite others to do the same.

AGPL Declared DFSG-Free

December 1, 2008 in software licensing by bkuhn | 1 comment

Late last week, the FTP Masters of Debian — who, absent a vote of the Debian developers, make all licensing decisions — posted their ruling that AGPLv3 is DFSG-Free. I was glad to see this issue was finally resolved after months of confusion; the AGPLv3 is now approved by all known FLOSS licensing ruling bodies (FSF, OSI, and Debian).

It was somewhat fitting that the AGPLv3 was approved by Debian within a week of the one year anniversary of AGPLv3’s release. This year of AGPLv3 has shown very rapid adoption of the AGPL. Even conservative numbers show an adoption rate of 15 projects per month. I expect the numbers to continue a steady, linear climb as developers begin to realize that the AGPL is the “copyleft of the Cloud”.

Social Networking

November 15, 2008 in development, distributed software, standards by evan | 9 comments

A few weeks ago, I wrote a post here about the state of Free Network Services for social news. I think we’re moving forward in that area. I’ve got a very initial implementation of the Pligg software, without license metadata, at Criti.ca set up, and I hope to get it ready for full release RSN. I think it might be worthwhile to apply the same attention to some of the other sectors of the Web 2.0 space to help set some goals for Free Network Services.

In this article, I’m going to attempt to cover social networking sites like MySpace, FaceBook, Friendster, Hi5, Bebo, Tribe.net, and Orkut as well as special-purpose networks like LinkedIn. It’s hard to provide a focused definition of this kind of site, but prinicipally users can create a profile page in the service, and then declare that other users are their “friends” and link from their profile page. Some allow “group” pages for affinity groups, sharing music, images, videos and other media, or even custom applications that tap into the social network data.

The format has been wildly successful and many other types of Web applications, like microblogs, social bookmarking, and photo-sharing, provide similar social-networking paradigm and functionality. There’s a fine line between this kind of site and a social aggregator like FriendFeed or SocialThing. Probably the main difference is that social aggregators pull together functionality from around the Web, while social networking sites tend to provide this kind of functionality within the site.

The news in this space is good and bad. Good, because there are a lot of Free and Open Source applications in the area, and also good because most of these work in a distributed model. Bad, though, because there are few or no existing well-known sites that provide social networking services to the public with Free Software (compare Reddit in the social news space). The worst news? Social networking sites like Facebook are some of the most egregious walled gardens on the Internet today — yet they remain incredibly popular.

A lot of software

These are some of the more promising Free Software packages that provide social networking services.
  • Elgg is pulling away as the leader in this area and is rapidly becoming the poster child for Free and Open Source social networking software. I’ve played around a bit with the version at community.elgg.org and it’s definitely a nice piece of software. The developers have put a lot of work into supporting distributed protocols like OpenID, OpenSocial and Open Data Definition, to their credit. The main downsides? First, there’s not a well-known flagship service for general public use — a head-on competitor to Facebook or MySpace. Second, although the data portability is impressive, it would still be nice to have cross-site sociality — so if your profile is on site A and I’m on site B, we can still be “friends” and interact. Finally, there doesn’t seem to be much emphasis in the code for Free and Open Content licenses; I don’t know if it’s possible to mark up pages for Creative Commons licenses, allow users to choose licenses for their data, and require license agreement at signup. I think these can come, though.
  • DiSo is a project we’ve discussed on this blog before (see my Interview with Steve Ivy of the Diso Project). DiSo is built on top of the ubiquitous WordPress blogging software, with special extensions to support semantically-rich links to other people’s blogs. The goal is to create a social network of independent sites — one site per person. I think this is a strong contender, and the emphasis on distribution is laudable; using WordPress gives the opportunity to leverage that platform’s wide array of data-licensing tools, media-sharing, and other cool features. But the software remains pretty new. The ease-of-use is nowhere near competitive with proprietary sites like Facebook. I think DiSo still has a long way to go.
  • AroundMe is another interesting, distributed product, using PHP and MySQL. It used to be aimed at a one-site-per-user model, but has recently moved to a group-collaboration model: one site per group. Each group has a collaboration site, group blog, and wiki; users join the group using OpenID (using, for example, the related Prairie software). I think this is an awesome way to push typical group dynamics into a distributed model, and it uses the increasingly popular OpenID network to achieve that. The downside? Very little of the sociality propagates back to people’s identity server. If I look at your OpenID page, for example, I can’t see the AroundMe groups you’re part of or the people you consider “friends”. I think this model, although promising, needs to push more sociality back into the identity page.
  • NoseRub is a package similar to AroundMe but with more of a global network model. It seems to be doing a better job at “profile aggregation” — tying together people’s profiles from elsewhere on the Web — rather than centralizing in itself. The downside of that, though, is that people are still using non-free services for photo-sharing, video-posting, etc. Probably the most exciting thing about NoseRub is its distributed sociality model — it does a very good job of synchronizing data between sites. There are also a few sites with medium-high profile, like identoo.com, that are providing the software as a service to the public.
  • HelloWorld (de) is a new project that autonomo.us reader Matthias Weiler recently notified us about. I haven’t got the German language skills to decrypt the site, so I’m not 100% sure there’s even software to check out, yet. I think this will be one to watch.
  • I’ve only just poked at it a bit, but the CC Network looks promising, and the software is available under the AGPLv3.
  • The Mugshot Project, part of/related to the Gnome Open Desktop initiative, is an attempt to make something like a social aggregator. I think it’s a step in the right direction, but the functionality hasn’t been built out very well, and the project seems to be moribund (no posts on the blog in 2008, for example). This may not be cause for alarm; Gnome projects are renowned for going dormant for years on end and eventually re-emerging with incredible strength.
  • Many general-purpose community/CMS software packages, such as TikiWiki, Drupal, or Joomla!, have social-networking tools or plugins. To be honest, their social networking tools leave a lot to be desired, and with the exception of Drupal’s well-intentioned but poor efforts in cross-site login, there’s little or no cross-site sociality. The penetration of these kinds of community software packages is incredible, and activating them as a distributed social network would be a huge step forward for this effort.

The protocols

The outlook on the protocol level isn’t particularly heartening. The philosopher’s stone for social networking on the Web will be a standard for distributed sociality: defining “friend” relationships between people and groups with identities on different servers. With the exception of NoseRub, there’s not been much advancement in the area. However, some of the pieces are coming together, and I’d like to mention them here.
  • The aforementioned Open Data Definition standard is intended to allow users to transfer their identities from one server to another. (This has been a goal for the Data Portability project, which seems to be getting more attention.) Currently, it’s only supported by Elgg; I’d like to get it built into Laconi.ca, too, if only for solidarity’s sake.
  • OpenSocial is a project led by Google. It’s an interesting development, but ultimately it’s about providing a platform for widgets that fit into existing (mostly proprietary) social networking services. It does not, for example, allow users of one OpenSocial container site to be social with friends on another container site. I think ultimately social networking software like Elgg will do well to implement this protocol to encourage development and deployment of widgets, but I think it’s insufficient for building a Web-wide social network.
  • Although it’s not normally considered a social networking protocol, OpenID holds a lot of promise in this area. The protocol allows people to associate their identity with a single URL and then use that identity to interact with other people, groups, and data objects on the rest of the Web. To a large part, that’s mostly what a distributed social network is about. What’s missing? Group and social data doesn’t back-propagate to the OpenID provider sites; my identity URL on for example certifi.ca doesn’t have a full-featured profile, links to groups I belong to, or links to the profile pages of my friends. There are some protocols for back-propagating data in the OpenID world, but no one has applied them to the social networking space. A great opportunity, though!
  • XMPP is also an interesting part of this space. It’s distributed, it’s got lots of Open Source implementations, it’s got a strong concept of universal identity and it’s got a refined model for social connections. I think there’s a lot to watch here, and the xmpp social mailing list is an important place to monitor.
There’s a big vacuum in this area in terms of projects and leadership; hopefully efforts like the W3C’s Workshop on the Future of Social Networking will bring more attention to the problem.

What is to be done?

Clearly, we’re reaching a cusp for Free Network Services for social networking. First and foremost, we need some flagship sites with high visibility and traffic. I think public services here are crucial to mass adoption; it’s simply infeasible for inexperienced Facebook or MySpace users to install and manage their own software instances.

A smart business person who wants to break into this crowded market could use the Free Network Service model as a strong differentiator and attract a sophisticated and influential crowd of early adopters to such a site. Using Elgg as an initial platform and applying serious development resources to it would probably give a big leg up. Alternately, non-profit groups may want to provide this kind of service, too.

More important, I think, is going to be the development of a featureful social-networking protocol that the developers of Elgg and other social networking software can implement. I think that such a protocol should definitely include OpenID as an enabling technology for user identity and as the base URL for profile pages; attribute exchange might be a good data platform to start with.

The great part about a good open protocol here is that it can be implemented in software that’s not specifically about social networking. Free and Open Source photo-sharing, video-sharing, microblogging, and social bookmarking software could implement the protocol and tie themselves into a Web-wide social net. Additionally, community CMSes like Drupal and blog software like WordPress could implement the protocol and expand the open network even farther.

There are a lot of challenges. A lot of the advocacy around opening up social networks has been around petitioning existing networks like MySpace or Facebook to open up to the wider world. This has been almost entirely unsuccessful; there’s a strong incentive for these companies — especially the more successful ones — to keep their customer base captive. Social networks are extremely sticky sites; abandoning one means leaving behind all the friends you have there. Finally, thought leaders on the Web have a strong incentive to maintain their presence on existing social networks; they already have influence there. Taking a principled stand is hard. (Let me note that I personally still have a Facebook account and probably will for some time.)

But I believe this is a fight worth fighting. (Some of my colleagues at autonomo.us will probably disagree; hackers are typically pretty sniffy about popular sites and software, and social networking is no exception.) Today’s social Web is one with too many walls, too much manipulation, and too much lock-in. We need to make the social Web look more like the document Web — open, distributed, and interconnected.

AGPLMail: Taking steps toward Franklin Street Applications

November 4, 2008 in development, fellow travellers by bkuhn | No comments

Ben Webb (aka bjwebb) has announced the launch of a project called AGPLMail.

bjwebb has been asking me questions on and off on IRC about starting this project, and I am very glad to see his announcement. He asks in his blog post am I doing something valuable?. My unequivocal answer is yes!

As developers, we have to clone each application that has become a standard in “the Cloud” and make sure there is a Free-as-in-Freedom (FaiF) equivalent. We need readers and signers of the Franklin Street Statement to get to work writing FaiF applications that embody its ideas. That’s the only way we will meet and overcome the challenge of truly distributed network services that respect user freedom and autonomy.

It’s tough to always be playing catch-up, but the Free Software world has shown that we “get there in the end”, and that the final result is something that really respects the freedom of the users. I’m glad bjwebb is taking a stab at the FaiF Web 2.0 mail client, and I hope others will help him make it better.

As a final note, I wanted to point out the admirable humility bjwebb has shown in putting his code out there. What he’s looking for is others to join him on the journey and try to make the application into something interesting. He doesn’t purport to have the answers, but he’s certainly asking the right questions in the best possible way for a developer — putting some code out there under a Free license and asking his peers to give him some feedback!

Autonomo.us Podcast Episode 2: Interview with Jimmy Wales of Wikia

November 3, 2008 in podcast by evan | No comments

I’m proud to announce the second episode of the autonomo.us podcast. In Episode 2: Interview with Jimmy Wales of Wikia, we discuss:

  • Richard Stallman’s quotes in a recent article in the Guardian
  • our efforts to make our own Web site a Free Service
  • our interview with Wikipedia founder Jimmy Wales about Wikia Search, his company’s project to create a Free Network Service for Web search.
The episode is about 53:30 minutes long, and alternative formats are available at the Internet Archive. It includes these musical samples: I had a great time making this podcast with Mako, Brett, and Bradley, and I think we all appreciate the participation of Jimmy Wales in this recording. We recorded on October 18th — one month after our previous recording — but it took me the last couple of weeks to find time to learn Audacity well enough to slice-and-dice this episode and stick in theme music and bumpers and level out the voices and all that jazz. Fun stuff, glad I know it know — and glad we have such great Free Software at our disposal for making recordings like this.

Please comment here or on the Podcast wiki page. I’m looking forward to more exciting podcast recordings in the coming months.

Capobianco Delivers Pro-AGPLv3 keynote at OSS 2008

October 22, 2008 in fellow travellers by bkuhn | 1 comment

Dirk Riehle has an interesting summary in his blog of Fabrizio Capobianco’s keynote at OSS 2008. Riehle credits Capobianco as the primary catalyst for OSI approval of the AGPLv3. I didn’t realize we owed Capobianco our thanks for that, but I am glad he did that work and wanted to take an opportunity to thank him for it!

« Older entries