When you have a centralized system like ICANN DNS, the governments know which IP addresses the domain points to. They can go and serve them National Security Letters or shake them down to install secret backdoors.
WhatsApp and Facebook can lie to you that they’re end-to-end encrypted. There is nothing stopping them from shipping custom updates. In facg they’ve been caught red-handed spying on both your video and audio. The only way you can be SURE an app isnt lying to you is with open source software, then you only have to trust the OS and browser (the Trusted Computing Base).
(That is why I am a big fan of blockchain-based smart contaracts. But blockchains are slow, so the next best thing is hosting your business logic using open source software on servers you control.)
Why do so many people trust Big Tech? Simple. We have no other choice!
Where are the VIABLE AND USER FRIENDLY open source alternatives to Facebook, Twitter, Telegram backends?
No one seems to have built anything better or more efficient than, say, Mastodon.
Except us. It was a labor of love and cost me a million dollars to date: https://github.com/Qbix/Platform
PS: If you play with it for a afternoon, post your experience or email me. I would be thrilled to hear about your experience, good or bad. And of course use it for anything you want.
I would be very happy to be proven wrong and see some more competitors being mentioned here, but if you do, make an honest assessment of how they compare! People need alternatives to the closed walled gardens, but having all these features working and up-to-date with browser tech is extremely hard: https://qbix.com/features.pdf
I'm not well versed for encryption, but isn't this a matter of perspective? If you're downloading a .midi file from a server, the other "end" is that server, isn't it? Will the forces pushing this make any nuanced distinction, outside of this?
Servers are online 24/7 listening and can be found and raided and/or hacked by various forces.
Clients are harder to locate. Especially if all you need to authenticate is a public/private keypair you generated.
That is why governments are so frustrated with crypto.
Why not? Are servers not communication endpoints?
HN opinions on CloudFlare aside, CloudFlare Tunnels mean DNS records point at CloudFlare servers, and the IP address of the origin server isn't discoverable via DNS. Sure, it's a court order away from being figured out even with dynamic IPs and historical logs with ISPs, but it's an interesting thought.
Qbix certainly looks very interesting. How have you guys been around for ten years and flown under the radar?
I realize your point, that in most circumstances https is not being used as end to end encryption. But it can be, so wouldn't it also be attacked in this war?
But as I said, our definitions need to be useful. If the goal is for individuals to safeguard their conversations from prying eyes, then HTTPS is not the way to do it. Hence the government is likely to start with end to end encryption of the sort I have been emphasizing. With servers, they already have the tools… they can even IMPERSONATE YOU in Australia now and post as you.
The sad truth is, we were always low on money and bootstrapping. We spent a lot of time building, and very little time pitching.
We pitched about 10 VCs total in this whole time. I remember being at an event where Reid Hoffman spoke, he said he pitched 99 VCs before he got investment.
But we spent zero on marketing and PR, and 11 million people in 100 countries downloaded our Groups app. But the app is not that interesting, people don’t understand that most of our users are community leaders.
What people don’t get is that in this space, you need ALL THE FEATURES that Big Tech platforms offer before people will switch. It simply took us 10-12 years to get to this point. I picked a hard problem, but a very rewarding one in the end.
Look, MySQL and NGinX took 10 years before VCs funded them. But to be fair, they grew a lot whereas Qbix didn’t. Maybe I and my team simply suck at making things viral. But I believe this year will change that.
Networking is hard. I’m a guy who came from an immigrant family in Brooklyn. I never moved to the West Coast. We applied to HN with Qbix every other year since 2011. Never even got invited to the interview.
Now, I personally know Noam Chomsky, Tulsi Gabbard, Andrew Yang, Tim Berners-Les (see the photo at https://wefunder.com/Qbix), the Rohingya Project guys, Queen Diambi of a tribe in the Congo, the hed of United Nations Capital Development Fund, the head of CoinDesk, and many more randomly assorted people I met over the years. But it took years.
And I still don’t know very good VCs. And many VCs still look at our open source project as ”too big”. They prefer to invest in small feature companies, which we can now spin off from our accelerator.
If you want to introduce me, I’m very happy to take a meeting and demo on Zoom.
And if you want to support it, just go to https://wefunder.com/Qbix and kick in $100 or something. We are gearing up launch the 5th of November this year — and you’ll definitely not forget that :)
Sure it is. It's just that the "ends" in this case are your browser and the web server.
Correct, but when you're viewing a web page (as opposed to using the web for peer-to-peer communications), that webserver is the ultimate end of the communication.
See: https://en.wikipedia.org/wiki/End-to-end_encryption#Etymolog...
> The term "end-to-end encryption" originally only meant that the communication is never decrypted during its transport from the sender to the receiver.
> ...
> Later, around 2014, the meaning of "end-to-end encryption" started to evolve when WhatsApp encrypted a portion of its network. ...
But, I don't have confidence that the policy makers will make this distinction.