Scuttlebutt: how to exit facebook and start coding your first web 3.0 social network_Alessandro Confetti_Codemotion Berlin 2019

Transcript

1. SSB - SECURE Scuttlebutt how to exit Facebook and start

   coding your first web 3.0 social network Alessandro Confetti November 13th, 2019

2. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 2

   Are you often off-line? (no internet) Are your friend as “eccentric” as you? Are you a fan of Decentralized Web? Do you live on a self-steering sailboat? Dominic Tarr antipodean wandering albatross a Node.js developer with more than 600 modules published on npm

3. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 3

4. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 4

   Courtesy of https://www.scuttlebutt.nz SSB Tech Stack & GitHub repositories • apps • ssbc/Patchwork • Manyverse • git-ssb • dnssb • […] • ssbc/ssb-server • ssbc/secret-stack • ssbc/muxrpc • packet-stream-codec • ssbc/multiserver • net • simple-http-server (shs) • websockets (ws) • buffer-type (bt) • ssbc/ssb-keys (asymmetric crypto keypair) • ssbc/ssb-db • flumedb • flumelog-offset • flumelog-memory • flumeview-query • flumeview-level • flumeview-reduce • flumeview-hashtable • flumeview-search

5. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 5

   Patchw ork

6. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 6

   M anyverse

7. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 7

   M ithril

8. HOW TO INSTALL SSB-SERVER 8 # install nvm & node

   10 $ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.1/install.sh | bash $ nvm install lts/dubnium $ nvm use lts/dubnium # install ssb-server $ npm install -g ssb-server # start server $ ssb-server start # show user id $ sbot whoami Alessandro Confetti - November 13th 2019 – Codemotion, Berlin

9. 9 Alessandro Confetti - November 13th 2019 – Codemotion, Berlin

   Credit - Robert Ng

10. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 10

11. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin The

    Guardian - Sat 19 Oct 2019 05.48 BST The Guardian - Sat 19 Oct 2019 05.48 BST 11

12. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 12

13. 13 Alessandro Confetti - November 13th 2019 – Codemotion, Berlin

    Credit - Getty Images / Sandra Montanez / Staff

14. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 14

15. 15 Alessandro Confetti - November 13th 2019 – Codemotion, Berlin

16. 16 Alessandro Confetti - November 13th 2019 – Codemotion, Berlin

17. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 17

    • PRISM = Faceboogle = Most web- based social network services including Facebook, Human Connection, Google+ etc • Jab = XMPP-based open source federation projects such as BuddyCloud, movim • SVPN = SocialVPN, an XMPP-based tool that establishes virtual private networks among friends • FSW = Federated Social Web projects like Diaspora, Friendica and several more • S@T = isolated server-based installations operated in trustworthy manner using a Tor hidden service • SSB = Secure Scuttlebutt over Tor • RS = RetroShare • RS@T = RetroShare over Tor • NW = Nightweb over I2P. S = stands for secushare's current status. Courtesy of secushare.org • ✓ • ⊕ • ⊝ • ✗ • ✖ • ⊙ • –– provided likely, possibly, planned, optional partial, provided in a suboptimal way or planned for later unlikely, optional but underused, feasible but not available requires special trust in the provider of the service¹ we don't know not provided

18. Alessandro Confetti - November 13th 2019 – Codemotion, Berlin 18

    Courtesy of secushare.org • Link Encryption: Without it, anyone operating your DSL router, local network, your Internet connection, the Internet backbone or anyone hacking into any of the involved machines can read in on your activity. • Forward Secrecy: Traffic between endpoints cannot be decrypted at some later point in time if access to the private key was gained […]. • E2E Encryption goes seamlessly from one person to the other person, end-to-end […]. • No Strangers: Most offerings require you to trust a company and the jurisdictions it operates in and to give it most or all of your data exchanged with friends […]. • Secret Friends: The additional privacy of keeping the information of who is your friend secret from companies and other complete strangers. You only want your friends to know, and maybe isolate some groups of friends from each other […]. • Unobservability: Traffic does not allow an observer to understand what kind of content is being sent. • Untraceability: Traffic does not allow an observer to understand who is talking to whom (also known as metadata protection). Untraceability and Unobservability may be considered pointless if you are trusting strangers in the first place […]. • Post Deniability: Do we like that things we said in a comment or status update can be used against us? […]. • Lightweight: To be of maximum use the technology implementing such essential jobs should be a part of the operating system or close to it, not require large language engines […] and also not require an entire web browser to be running all the time. […]. By lightweight we also mean not having heavy duty obligations towards the network like needing to operate a DHT instead of using it remotely. […]. • Group Encryption: The strategy of sharing a group encryption key with all participants of a distribution context and occasionally refresh it, especially when a person leaves the group (or unfriends a person). […]. • Distribution: Efficient delivery to a large number of recipients. […]. • Relay Backbone: Servers are nasty if they know everything about you, but relays are nice when they know nothing, but do everything for you. […]. • Usability: Web-based offerings require users to maintain a password safely. Federation-based systems additionally require you to deal with domain names and server addresses. XMPP has the additional problem of not supporting encrypted contents and cryptographic authentication by default. […]. • Features: Does the offering actually provide social network services or is it just primarily a social framework that needs further work? SSB features

19. …The original idea was to make the internet just super

    bare bones. So the initial internet had no representation of people. There was no membership concept. There was no identity concept. There was no sense of authentication. There was certainly no implementation of commerce solutions. There was nothing. It was just very, very raw… 19 Jaron Lanier - We need to have an honest talk about our data [Wired 2018] Alessandro Confetti - November 13th 2019 – Codemotion, Berlin

20. The 5 Paradoxes of the Internet 20 1 Available everywhere

    but stored in very few places 2 Easy to find only if they remain in the same place 3 Easy to search but hard to catalog 4 Cheap to duplicate but costly to attribute 5 Both storage and access are encoded Alessandro Confetti - November 13th 2019 – Codemotion, Berlin

21. Are we building the internet for future generations? 21 Alessandro

    Confetti - November 13th 2019 – Codemotion, Berlin

22. $ tail -f questions 22 Alessandro Confetti [email protected] twitter @zigolab

    blog http://blog.zigolab.it