From socialswarm
Jump to: navigation, search

We are looking for a good alternative to Faceboogle. Please discuss different software solutions here.



There is an evaluation criteria list at


<LynX> gives some reasons why it is problematic to rely on servers for privacy. Also, having to set up a server (and pay for one!) is a bigger hurdle than just to install an app on your computer or device. Using somebody else's server for your private affairs isn't so nice either: even if it is your best friend, would you like her or him to be technically able to read into your conversations with other friends? The requirement "end to end encryption" actually means that you have to install some application on your device anyway – web browsers cannot implement end to end encryption without at least the installation of an extra add-on. So, if you are going to require everybody to install software, why not install something that does the whole thing and isn't dependent on servers? The downside of this is, we don't know of any reliably working peer-to-peer social network solution as yet, just works in progress, prototypes and old buggy attempts. So if we want something now instead of tomorrow, we must compromise. If we want something seriously good, possibly soon, we should consider helping it.

<deef> You can do end-to-end-cryptography in the browser using javascript. And if you want to build a solution that is somewhat mass-compatible that's the only way to go. People want to use their social network everywhere, from every internet-enabled computer, they don't want to bother installing software.

<lynX> Javascript crypto solutions are only useful in a limited way if the server is trustworthy. If the server has an interest in your data, it doesn't work out. So it's not such a big improvement from leaving the stuff on the server from the start. See also: Javascript Cryptography Considered Harmful. And why do people bother to install Skype even though they could be using web-based telephony offerings? Also, with smartphones all over, using somebody else's computer (highly unsafe anyway) as a usage pattern will lose in relevance. In the 80s it was normal to say can I use your phone while you're in somebody's house. Today you pick up your own cellphone in most cases.

<LynX> The situation is such that most protocols used in various software aren't performing good and fast enough for all the people that would like to use it and all the data that people would like to exchange. That counts for XMPP and especially for OStatus. Therefore, what is already being proclaimed as an open standard is very nice, but doesn't work well enough. Many projects are spending time being standards compliant, while it doesn't actually do the job. On the other hand, all open source software, that somehow works, can be documented and become an open standard if it works. So, first the world needs an actually working distributed social solution, then we can make its protocol public and invite everyone to use it. Honestly I believe it's such a tough challenge, that we won't be having more than one or two implementations of the actual protocol (similar as it is with TLS/SSL). Most applications will simply be using those implementations as a library or application-programming interface and put their own stuff on top, so making an open standard API for social applications is more important than what actually crosses the wire.


Here is a list of software projects, each with programming language, network protocol and general project condition:

Server-based (decentralized, federated)

Name Language Protocol State Licence Comments
6d PHP HTTP-based don't know MIT
ampify several don't know don't know Unlicence based on CC0 1.0
Appleseed PHP custom don't know GPL
buddycloud CoffeeScript XMPP-based prototypical Apache License V2
diaspora Ruby XML/HTTP-based usable GNU-AGPL-3.0
DSNP C & PHP DSNP prototypical Permission to use, copy, modify...
friendica PHP OStatus/HTTP-based usable Permission to use, copy, modify...
GNU social PHP OStatus/HTTP-based don't know GNU-AGPL-3.0
Kune Java+GWT (gadgets in JS/Python) Wave Federation protocol and XMPP usable GNU Affero GPL v3 Focused on real-time collaboration
lorea/elgg PHP+MySQL HTTP/XMPP/experiments with PSYC popular GNU-GPL-v2
MOVIM PHP XMPP-based don't know GNU Affero GPL v3
Noosfero Ruby on Rails don't know don't know GNU Affero GPL v3
OneSocialWeb Java XMPP-based don't know Apache License v2
Jappix PHP, JS, XMPP-based usable GNU Affero GPL v3 decentralized,
ProjectDanube Java OStatus/HTTP-based don't know ?TBD license?
SocialRiver vs BuddyPress PHP OStatus/HTTP-based don't know ? For Wordpress, Back in action soon...
Social Igniter PHP OStatus/HTTP-based don't know MIT License, CodeIgniter License
Social Stream Ruby/Java OStatus/HTTP-based don't know Permission to use, copy, modify...
SocialZE PHP JSON/HTTP-based prototypical GPL v3
Socknet Perl XML/HTTP-based don't know ? ( PHP OStatus/HTTP-based Popular GNU Affero GPL v3 mostly for twitter-like public updates, not so much for private communications

Federated servers are a major privacy headache: Instead of having one company that can spy on you and sell your data you suddenly enable several companies or private parties to do so. Look at the criticism on the diaspora page, although it actually applies to all federated systems. That's why P2P systems are arising.

P2P/F2F-based (fully distributed)

Name Language Protocol State Licence Comments
freenet, Java, custom P2P with untraceability and WebOfTrust for spam-defense, popular
Tahrir Java related to freenet pre-prototypical (by the inventor of freenet)
Friend2Friend PHP XML over P2P don't know
retroshare Qt/C++ custom P2P over TLS popular
InterFace Qt/C++, libRetroShare productive says the promoter requires custom web-browser.
Safebook proprietary has been sold to the MatchUpBox startup
secushare C PSYC/GNUnet-based prototype in coming weeks
GNU Social P2P Java & Ruby PGP in XMPP/HTTP TLS with DynDNS dependency over Tor pre-prototypical AGPLv3
versionvega Java FreePastry P2P don't know
Briar Java custom pre-prototypical
Forest Java custom pre-prototypical AGPLv3


Please help sorting these out:

Name Language Protocol State Licence Comments
jitsi Java XMPP, SIP, ZRTP, and others ? LGPL
snapchat ? ? ? proprietary
bodycloud ? XMPP ? Apache?

Web interface only

These projects currently provide no well-defined interserver networking. But they are otherwise very popular social networking engines and may provide for a great web-based user interface.

Not considered

FOAF+SSL, SMOB and other semantic web projects are technically quite interesting, but not really viable in practice: If you want to see what your friends have been up to, your web browser must log into each friend's feed using a client certificate. That's cumbersome. You need special software to have a combined feed.

Dyskinesia, psyced, PsycZilla etc are PSYC apps which would work over secushare. Saikound is a building block of secushare.

Thimbl is an art project, its requirements aren't suited for the general public. Many other projects such as Pangaia or Nodilus have all the right ideas, but no code or just 5 files of python.

Duuit! is refusing to publish its source code before 2014, so it is effectively yet another social walled garden.

More and more

New projects show up every day. Here are popular lists of projects:

As you can see the actual meanings of 'distributed' and 'decentralized' are frequently confused even by those who make such lists.

Personal tools