Unhosted Adventures 1: Personal servers and unhosted web apps

Skip to first unread message

Michiel de Jong

Dec 18, 2012, 8:02:32 AM12/18/12
to unho...@googlegroups.com

Launching the "Unhosted Adventures" blog series as the official handbook of the No Cookie Crew, here is the first post. Enjoy!

Link: https://unhosted.org/adventures/1/Personal-servers-and-unhosted-web-apps.html


Personal servers and unhosted web apps

Hosted software threatens software freedom

The Linux operating system and the Firefox browser have an important thing in common: they are free software products. They are, in a sense, owned by humankind as a whole. Both have played an important role in solving the situation that existed in the nineties, where it had become pretty much impossible to create or use software without paying tribute to the Microsoft monopoly which held everything in its grip.

The possibility to freely create, improve, share, and use software is called Software Freedom. It is very much comparable to for instance Freedom of Press. And as software becomes ever more important in our society, so does Software Freedom. We have come a long way since the free software movement was started, but in the last five or ten years, a new threat has come up: hosted software.

When you use your computer, some software runs on your computer, but you are also using software that runs on servers. Servers are computers just like the ones we use every day, but usually racked into large air-conditioned rooms, and stripped of their screen and keyboard, so their only interface is a network cable. Whenever you "go online", your computer is communicating over the internet with one or more of these servers, which produce the things you see online. Unfortunately, most servers are controlled by powerful companies like Google, Facebook and Apple, and these companies have full control over most things that happen online.

This means that even though you can run Linux and Firefox on your own computer, humankind is still not free to create, improve, share and use just any software. In almost everything we do with our computers, we have to go through the companies that control the hosted software that currently occupies most central parts of our global infrastructure. The companies themselves are not to blame for this, they are inanimate entities whose aim it is to make money by offering attractive products. What is failing are the non-commercial alternatives to their services.

One server per human

The solution to the control of hosted software over our infrastructure is quite simple: we have to decentralize the power. Just like freedom of press can be achieved by giving people the tools to print and distribute underground pamphlets, we can give people their freedom of software back by teaching them to control their own server.

Building an operating system like Linux, or a browser like Firefox is quite hard, and it took some of the world's best software engineers many years to achieve this. But building a web server which each human can choose to use for their online software needs is not hard at all: from an engineering perspective, it is a solved problem. The real challenge is organizational.

The network effect

A lot of people are actually working on software for "personal servers" like this. Many of them are already have functional products. You can go to one of these projects right now, follow the install instructions for their personal server software, and you will have your own personal server, independent from any of the hosted software monopolies. But there are several reasons why not many people do this yet. They all have to do with the network effect.

First, there is the spreading of effort, thinned out across many unrelated projects. But this has not stopped most of these projects from already publishing something that works. So let's say you choose the personal server software from project X, you install it, and run it.

Then we get to the second problem: if I happen to run the software from project Y, and I now want to communicate with you, then this will only work if these two projects have taken the effort of making their products compatible with each other.

Luckily, again, in practice most of these personal server projects are aware of this need, and cooperate to develop standard protocols that describe how servers should interact with each other. But these protocols often cover only a portion of the functionality that these personal servers have, and also, they often lead to a lot of discussion and alternative versions. This means that there are now effectively groups of personal server projects. So your server and my server no longer have to run exactly the same software in order to understand each other, but their software now has to be from the same group of projects.

But the fourth problem is probably bigger than all the previous ones put together: since at present only early adopters run their own servers, chances are that you want to communicate with the majority of other people, who are (still) using the hosted software platforms from web 2.0's big monopolies. With the notable exception of Friendica, most personal server projects do not really provide a way to switch to them without your friends also switching to a server from the same group of projects.

Simple servers plus unhosted apps

So how can we solve all those problems? There are too many different applications to choose from, and we have reached a situation where choosing which application you want to use dictates, through all these manifestations of the network effect, which people you will be able to communicate with. The answer, or at least the answer we propose in this blog series, is to move the application out of the server, and into the browser.

Browsers are now very powerful environments, not just for viewing web pages, but actually for running entire software applications. We call these "unhosted web applications", because they are not hosted on a server, yet they are still web applications, and not desktop applications, because they are written in html, css and javascript, and they can only run inside a browser's execution environment.

Since we move all the application features out of the personal server and into the browser, the actual personal server becomes very simple. It is basically reduced to a gateway that can broker connections between unhosted web apps and the outside world. And if an incoming message arrives while the user is not online with any unhosted web app, it can queue it up and keep it safe until the next time the user connects.

Unhosted web apps also lack a good place to store valuable user data, and servers are good for that. So apart from brokering our connections with the outside world, the server can also function as cloud storage for unhosted web apps. This makes sure your data is safe if your device is broken or lost, and also lets you easily synchronize data between multiple devices. We developed the remotestorage protocol for this, which we recently submitted as an IETF Internet Draft.

The unhosted web apps we use can be independent of our personal server. They can come from any trusted source, and can be running in our browser without the need to choose a specific application at the time of choosing and installing the personal server software. This separation of concerns is what ultimately allows people to freely choose:

  • Which personal server you run
  • Which application you want to use today
  • Who you interact with

No Cookie Crew

This blog is the official handbook of a group of early adopters of unhosted web apps called the No Cookie Crew. We call ourselves that because we have disabled all cookies in our browser, including first-party cookies. We do actually keep a secondary browser on the side, with cookies (as well as Flash) still enabled, but will only use it when we have to, for example to interact with what we consider "second parties". To give an example: if you publish something "on" Twitter, then Twitter acts as a third party, because they, as a company, are not the intended audience. But if you send a user support question to Twitter, then you are communicating "with" them, as a second party. Other examples of second-party interactions are online banking, online check-in at an airline website, or buying an ebook from Amazon. But if you are logging in to eBay to buy an electric guitar from a guitar dealer, then eBay is more a third party in that interaction.

There are situations where going through a third party is unavoidable, for instance if a certain guitar dealer only sells on eBay, or a certain friend of yours only posts on Facebook. For each of these "worlds", we will develop application-agnostic gateway modules that we can add to our personal server. Usually this will require having a "puppet" account in that world, which this gateway module can control. Sometimes, it is necessary to use an API key before your personal server can connect to control your "puppet", but these are usually easy to obtain. To the people in each world, your puppet will look just like any other user account in there. But the gateway module on your personal server allows unhosted web apps to control it, and to "see" what it sees.

In no case will we force other people to change how they communicate with us. Part of the goal of this exercise is to show that it is possible to completely log out of web 2.0 without having to lose contact with anybody who stays behind.

To add to the fun, we also disabled Flash, Quicktime, and other proprietary plugins, and will not use any desktop apps.

Whenever we have to violate these rules, we make a note of it, and try to learn from it. And before you ask, at this moment, the No Cookie Crew still has only one member: me. :) Logging out of web 2.0 is still pretty much a full-time occupation, because most things you do require a script that you have to write, upload and run first. But if that sounds like fun to you, you are very much invited to join! Otherwise, you can also just follow from a distance by following this blog.

This blog

Each blog post in this series will be written like a tutorial, including code snippets, so that you can follow along with the unhosted web apps and personal server tools in your own browser and on your own server. We will mainly be using nodejs on the server-side. We will publish one episode every Tuesday. As we build up material and discuss various topics, we will be building up the official Handbook of the No Cookie Crew. Hopefully, any web enthusiast, even if you haven't taken the leap yet to join the No Cookie Crew, will find many relevant and diverse topics discussed here, and food for thought. We will start off next week by building an unhosted text editor from scratch. It is the editor I am using right now to write this, and it is indeed an unhosted web app: it is not hosted on any server.

For two years already our research on unhosted web apps is fully funded by donations from many awesome and generous people, as well as several companies and foundations. This blog series is a write-up of all the tricks and insights we discovered so far.

Jan-Christoph Borchardt

Dec 20, 2012, 5:31:42 AM12/20/12
to Unhosted, Michiel de Jong
Not sure if it’s just for me, but now everything unhosted.org redirects to that post. That also means it’s impossible to access the slides and anything else. And the front page just had a good short explanation of everything and looked nice.



Dec 20, 2012, 9:35:23 AM12/20/12
to unho...@googlegroups.com
Hi Jan,

> Not sure if it’s just for me, but now everything unhosted.org redirects to
> that post. That also means it’s impossible to access the slides and
> anything else. And the front page just had a good short explanation of
> everything and looked nice.

If there is any information that should be linked from unhosted.org then I'll
put it in the sidebar, where the links to Unhost'12, Unhost'13, remotestorage,
list of contributors, etcetera are.

Old slides are still on there in case people linked to it, but not linked
from the front page because I want to drive people to the Unhost'12 talks
and to remotestorage.io (see below)

The idea is that the first blogpost explains:
- what unhosted web apps are,
- how they give us freedom from web2.0
- why this is so important

This is basically what used to be in the manifesto, as well as in the list of 5
advantages that we had on https://unhosted.org/index-removed.html

The difference is that on https://unhosted.org/manifesto.html it still talks about
"What we aim to do", and now that we actually have something to show people, it has
taken the form of blogposts with code snippets.

The video of your CCC talk we had on there for a long time was a mixture of first
the manifesto, and then more technical details about remotestorage, but we have
http://remotestorage.io/ for that now. We are basically postponing the launch of the
remotestorage.io website until a few days after you, Niklas, Martin and Nick get to
Hacker Beach. All remotestorage-related information should then be on there. So then
it will all look a lot different.

Which specific pieces of information do you feel is not currently findable?


Thad Guidry

Dec 20, 2012, 10:18:59 AM12/20/12
to unhosted
How much more innovative and meaningful could our web experience be if everything was unhosted ?  What have we lost and forgotten about ?

Anil Dash documents exactly that: http://dashes.com/anil/2012/12/the-web-we-lost.html

(MUST READ HOMEWORK for The No Cookie Crew) Papers due by end of Friday ;)

Good to know that the No Cookie Crew is in some small way, "bringing back the web we have lost".

Jan-Christoph Borchardt

Dec 20, 2012, 11:13:00 AM12/20/12
to Unhosted
Ok, I always check and link the slides via https://unhosted.org/slides/intro – which doesn’t work. With .html appended it works. Is that fixable in the server config?



Dec 20, 2012, 11:26:08 AM12/20/12
to unho...@googlegroups.com
> Ok, I always check and link the slides via https://unhosted.org/slides/intro
> which doesn’t work. With .html appended it works. Is that fixable in the
> server config?

Ah ok, no the correct link is now https://unhosted.org/slides/intro.html (note also
that we switched from http to https with the update).


☮ elf Pavlik ☮

Dec 23, 2012, 10:23:53 AM12/23/12
to michiel, unhosted
Hi Michiel,

If you use some *roll my own* email client please note that it may break threads by not setting In-reply-to & References headers... just makes it harder in my client to follow conversations :(


erek zek

Sep 29, 2017, 5:39:16 AM9/29/17
to Unhosted Web Apps
Not sure, this project is alive or dead. But I would like to more about this platform.
                                    Regards - a open source lover - Ghost Cms - Abhinav das

Michiel de Jong

Sep 29, 2017, 6:45:08 AM9/29/17
to unhosted
Hi Erek,

This, under the 'unhosted' name and on the unhosted.org website, can more or less be considered as 'completed' - we discussed what should be done to build unhosted web apps, and the website is full with 52 blog posts about this topic.

However, in terms of what people are working on, the project lives on at its "spin offs", so to speak; on-topic:

And slightly off-topic spin-offs, if you will:

If you're interested in developing unhosted web apps, you should also search the web for 'offline first' (subscribe to the offline first reader) and 'progressive web app' (especially Google Chrome's dev relations, but also people at Mozilla Firefox, talk a lot about this).

Any questions about unhosted web apps, that you want answered, you can still use this mailing list! :)



You received this message because you are subscribed to the Google Groups "Unhosted Web Apps" group.
To unsubscribe from this group and stop receiving emails from it, send an email to unhosted+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
0 new messages