First, I applaud your passion for making the web a better place, and for being willing to put yourself out there and be open with your views.
That said, there's a number of problems with what you're saying and the proposed solution, but let me point out just a few:
1. Normal people don't care. Seriously, my mom uses a handful of websites and doesn't really care about any of the problems you mention. If a solution were offered and it was more convenient, she might use it, but it's just not a big deal to her.
2. Identity and data centralization seem to offer a lot of security risks and the philosophical problem of putting all that data into the hands of one company, or even just a few companies. Making an open, distributed standard sounds good, but in practice, I think a few companies (Google, Microsoft, Facebook, Amazon) would end up handling the gateway role for 95% of users, which puts you in an even more dangerous position.
3. The big players have little incentive to lower barriers to entry, and you have a chicken/egg problem in trying to force them to 'adapt or die'. Also, see #1.
4. If OpenID and OAuth aren't working (agree on the 1st, not sure on the 2nd), why not, and why would this be any different?
5. I don't see any way of implementing something like this over the next 50 years without either a) government mandate, or b) every internet giant getting involved. As I pointed out above, the internet giants are unlikely to do this, and the government getting more involved in the web is the last thing we need.
I think some of the problems you pointed out are legit, but I'm not sure that this kind of a system is really any better. It seems you'd be swapping one set of problems for another, and the new set of problems would seem to make the web extremely vulnerable to being controlled by a few large organizations, or the government. Over time, I see this kind of centralization and "perfect system" model resulting in stagnation and oppression.
+1
The OP says why YC won't fund him (single founder, no biz model), but he's overlooking the doozy. YC has freakin' T-SHIRTS that say "Make something people want". Not is this addressing a problem that 99.9% of people don't have, but it's also something that the big web properties don't want (for a number of reasons).
Solve problems. Solve painful problems. Or, if you're more consumer focused, get smart about dopamine.
It's a problem 99.9% of people don't have now, but could have at any time. Seatbelts are also a solution to a problem 99.9% of people don't have, but that doesn't mean I don't want one.
(Is it profitable? Maybe not -- look how few people make backups now. But that's distinct from not wanting to have had it.)
I wish you wouldn't have started off with that. It's insulting and doesn't add to the discussion. Just because you see the author's conclusions as somewhat naive (which you've articulated) doesn't make it OK to belittle his effort. FWIW, Other than that snide start it's a thoughtful post.
What I meant was that I feel the same way about some of the issues he raised, and I think that there are lots of large-scale improvements that could be made on the web, but the scope of the problem makes it overwhelming to deal with.
The "where to start" piece in particular sounds bad, but I just meant that I wasn't sure how to articulate the problems I see with his solution. I get that it doesn't come off that way, especially now that I read it. Apologies to the author.
I didn't mean to belittle his effort in the least. It's a noble task to try and effect change in such a large domain because you believe in it.
You're barely contributing to the conversation here. The world isn't lovey-dovey. If you can't take the heat, get outta the kitchen.
In regards to 2., you are right but today the same risk is multiplied on dozens of websites that I know basically nothing about. I don't know how they store and backup my stuff and I don't know how they deal it.
As per 4. OpenID and OAuth DO work (I use them a lot), what I tried to say is that they do not solve the underlying issue.
Lead with your strengths. Your first paragraph, which is the most important one you will write because it is the one that determines whether the rest of your piece gets read, is filled with self-inflicted strikes against you.
English is not my mother tongue and I’m not a great writer, so I am borrowing the words JFK used in
There is a place for modesty and self-effacement. It is not during proposals.
The quote from JFK does not give me a reason to entrust you with money. That suggests cutting it. Ruthlessly eliminate any distraction from the goal.
First of all: I to say I have applied for Winter 2010 YC funding with this idea (still have to make a video). The problem is I don’t think this is gonna get funded for two reasons: I have no team mates (YC tends to fund teams composed by 2-3 people) and I don’t have any solid idea on how to make it profitable.
Here you are again telling me how you're not the right man for the job.
So since my desire for a better Web to live and work in is kinda huge I am writing this article hoping that maybe it’s going to be an inspiration for someone else, or act as a catalyst. Or just to state the obvious. Whatever.
In addition to not being the right man for the job, you're diffident about even wanting to do the job. You are not projecting the image of a driven, with-it individual who is going to take a difficult technical, social, and marketing problem and solve it, making very rich rich men out of everyone associated with the project.
Look how differently your first paragraph reads from my reimagining of it:
The Internet as we know it is broken. Dozens of accounts per user -- broken! Web services that can't speak to each other -- broken! Our lives and friends scattered over a hundred web sites -- broken! Our identities owned by service providers -- broken!
We can fix the Internet. It will not be easy. Worthwhile things rarely are. The fix is a federated identity gateway, built out of technologies which are already accepted and in common use. The rest of this proposal will outline a sketch of what the federated identity gateway is, how it fixes the Internet, and why the first group who succeeds in building it will realize profits beyond the dreams of avarice.
Commentary: start with the problem, offer a solution, whet people's appetite for reading about the solution. Don't focus on yourself, most particularly not on your faults.
It's not all about money, and "making very rich rich men out of everyone associated with the project" is antithetical to the motivations conveyed by the piece.
But be careful not to overdo it with this marketing gibberish. Some geeks can be allergic to it.
What's wrong with that? I'll take banal truth over exciting falsehoods any day. (Of course exciting truths are even better but you can't have everything)
I left this one alive because it's arguably just over the line. It's really more of an essay that mentions they're applying for winter 2010. But I took the ref to YC out of the title.
My gut tells me it would be a bad idea. I sure wouldn't have done it as a founder, and if only lame groups did this, there would be no upside, only downside. But I could be wrong; I haven't thought more about it than what I just wrote.
I like the questions you are raising. I have written about them before and have started playing with my own approach. It is a big project, but unlike yourself, I would not be concerned much about applying to YC with it. YC is not a research incubator but a business, and no matter how cool the people seem to be, they're after the money. Nothing bad, it's just capitalism. YC makes most of the money from the VCs, so they need you to have something that will sell (to VCs). It's a very smart business model that they're running.
If you are really passionate about these issues, you need to build a prototype or specification and throw it out on the web as an open source to get support. I see the possibility of a viable business model in the authentication scheme.
That said, I disagree with your approach to tackling the problems you listed. Your issues are valid, but not the most important. You have not identified the core problem. Consider this. You publish something on the web, the website goes bankrupt or decides to shut down. Your data goes down with it. Your article, your comment, your photo, blog post, this comment I'm writing. We've given all the power of data preservation to the web sites. The web is not preserving it self. If we see it at the biggest library of all, just imagine this, every day a part of it gets burned down.
Making data independent of servers will solve most of the issues you raised. Your address book and contacts belong to servers and web apps, as you said, so you don't manage them. If you were to own the data yourself, and the webapps only managed and used your data, you would have a single point of authentication, single address book, single stream of your produced content.
Think of the desktop vs web app paradigm. We need a platform for applications on the web that will be based on user content. You own your data, but the webapp only uses it to add functionalities. You install a webapp onto your data just as on the desktop. You delete an application (or detach from your data). This would be a new paradigm of the web, where all the control is with the user, the user base is unique on the web without clustering, and applications are just that.
Emails are nothing else but user generated content. We tend to see it differently, but it is absolutely the same, the servers own it. I wrote recently an article about emails describing how much we don't have control over them:
http://www.aleveo.com/ideas/decentralized-email
You do not own your emails. The problem I want to stress is that, as long as someone else owns them, you don't. If no one owns them, you might claim full control. It is the benefit of decentralization.
If you take a route of making another central point of aggregation and data control, you have simply contributed the system you want to change. I would suggest you start thinking in the decentralized direction.
As you said, the web has issues, but you can't build on top of it if you want to change, you need to go lower.
We can take this further if interested dejan dot strbac at aleveo dot com, I will publish the whole thing on www.aleveo.com when I am done with the draft.
I wish you much success with the YC application, I couldn't agree more that such fundamental projects need to be supported rather than useless web bubbles.
He is right that we should be able to have this centralized data source, but it would likely be one source for our contacts that we want on our phone, one other source for our online connections of a certain type, and a separate source for our photos, etc. What is necessary is one point where we can find out where the user stores his different data, an shared understanding of what the different data is and how it is represented.
I also applaud you for recognizing that the way things work is less than ideal, and for making a noise about it, because the lack of that noise is what deters people that might have the same thought pop into their head from continuing the train of thought and acting on it.
To those who continue to point out that the author didn't make a great proposal, he wasn't trying to make one, in fact he explicitly said that he's only trying to make a noise, and although he wrote as though he was looking for financial support in his idea, I think his confusion between proposal and making a noise about it was a decision to show that he believes in his idea enough to take the responsibility for it if no one else will, which is a necessary show of belief, because these problems have existed for ages, and then things like openID came along acting like they're about to solve them, and then completely miss the point, so I'm sure he, like myself, believes that people need to hear a louder message to counter their belief that these existing efforts are doing something about the problem, they aren't. Yes, what you say is indeed a more ideal picture of the web, it will have it's downsides, so it probably won't feel the way you've see it in your dreams, but if your sole purpose was to make a noise about this issue, to point out that those responsible for the cutting edge of this area have been found wanting then you may rest assured that you have made your point.
I have also recognized this problem a long time ago and have been working for a little while in the area of social networking systems and this has indeed been part of my ideal picture as well, so hopefully it helps you sleep better at night knowing someone agrees with you and is working on it.
Cheers.
A system for personal data... why does that sound familiar? I think it's the word personal...OH! I know! Personal Computers! Remember those silly things where you could own your data and run whatever the fuck you wanted and weren't a slave to random updates made on some remote server?
My problem is with the attitude that the internet is 'broken' and that we should just redo it. That, and the suggestion that someone should give you money to play around with hypothetical e-utopias.
Anyway, my rebuttals:
1. Hundreds...really? If you regularly use more than 100 accounts, that puts you in the top .1% of internet users. Normal people just let firefox remember their passwords and also probably spend more time outside.
2. API's, facebook connect, openid. If I meet someone at a conference, I spend 30 seconds each adding them to twitter, linkedin and maybe facebook. Do I really need (or want) to automatically see their flickr feed?
3. Again, the multiple modes of content consumption is perfect. I'll friend you on facebook if I care about you socially, I'll add you to my rss if your blog interests me, and I'll follow you on twitter if you're not terribly annoying. We all get to apply filters to everyone else.
4. Totally agree, improved data portability would be great.
5. "We should stop building new social networks, services and adding entropy to the system. We should stop trying to patch a model that has proven multiple times to be broken by design."
Umm, what?
I couldn't be more excited about the future of web apps and services. The internet is one of the only places where the free market is truly at work. Its glorious. Entropy is a problem, which is why we've seen recent efforts directed at reducing it, but at the end of the day the web, like any market, is about value creation and capture. You don't even mention capturing value, which is why pg, or anyone else, is not likely to fund you.
As for your proposed solution, such services already exists, i.e. webfinger which Google may be supporting in the future.
So the challenge is really, how to enable widespread adoption for webfinger or something similar. If you have an ingenious idea how to support that, lets hear it. Because you are right, it would mean a lot of progress for the web.
I think this will be an extremely long process that is slowly happening on a minor scale, but that we will never see a fully open web - ever - just because of the lack of motivation from its central actors: users and providers.
Things like Wikipedia, OpenID/OAuth, FluidDB, more open API-s (although we don't own the data) are all pointers to the web maybe being more semi-transparent in the future. I mean, things are getting more open, but it will simply never be fully open, no matter how much us developers and geeks want it. If however someone like google or apple were to find a model were they could still earn their money while being transparent and open, then I would start believing.
The best way to facilitate this process is by doing your part by implementing your site/service in an open and transparent way. If you get successful people will take notice.
Facebook can keep my photos and status updates and pokes. Twitter can have all my 140-character sets of vapid bullshit. Those things don't matter. I don't want Globocorp having access to every bit of information about me.
I think to adress the issues correctly all this info should be stored locally and/or on your phone.
I'd be tempted to start with the mobile companies, though: they already know who I am, where I am and how to bill me. Feels like a natural place to add authentication and identity broking...
Hint: what you propose isn't all that new, you're still suffering from the same chicken and egg problem.
One night you get home and feel happy, satisfied, knowing that your network of users has finally experienced the greatest possible, most efficient, most awesome system ever invented. And before you go to sleep, you pick up a phone and call your mom to tell her how happy you are.
The internet IS democracy. You can't tell it what it should and shouldn't do, or how it should or shouldn't be. It gets to decide that on its own.
The solution is kinda simple. Don't try to control the internet. It has never worked, and it will never work.
Instead, focus on making OpenID & OAuth easier to implement. Most sites don't want to manage authentication & account creation. They would love to farm it out, but right now, it requires a lot of work to do so.
Instead, take a cue from Plaxo: focus on making a better Identity & Privacy control service. Fill it with simple APIs, and let other sites use it. Make it come complete with lifestream feeds & webhooks. Find a way to use Facebook mail without logging into Facebook.
>>You could have multiple profiles on multiple gateways so that you could have multiple identities if you needed them
Doesn't that defeat your entire stated purpose? Now we're back to 2009: multiple logins on multiple sites.
>>either support the construction of this model or to force the startups you found to embrace this model
Are you TRYING to break the internet? You can't force anything! The internet IS evolution. The internet IS democracy. The internet IS freedom. The internet IS bottom-up, not top-down.
This ain't gonna work.
Build something. If it really is better, people will flock to it. If not, they won't.
There is no force, only do.
I didn't say the Internet is broken because authentication is a pain. I said the Web has been created to deal (and access) hypertexts. Nowadays the WWW is used for much more. People use it to shop, keep contacts with friends living far away, some use it to share their "lives" and the current state of art is far from being functional to the scope. To my personal point of view, it is broken by design when it comes to these scopes. And far from me trying to say there should be just a social network.
The gateway I idealize is not a giant bucket (or a silo) you'd fill with your stuff, that's exactly what I want to avoid. The "gateway" would just be a place you use to authenticate and authorize apps to access subsets of your data. Some of it (anagraphical data for the most part) would be stored on the gateway, and other stuff would be in much more appropiate places. Flickr, Twitter, Blogger, Facebook, et cetera. The model I idealize would be a common layer to build thing on, nothing more and nothing less.
That's the good thing about it.
This guy's proposal is all about formalizing a bunch of things that we do on the web today. But there's no reason to assume that 20 years from now we'll be compiling lists of our friends online and authorizing random strangers to follow the 140-character random thoughts that pop into our head. Or shortening URLs or any of the thousands of other things we do online every day that the guys at CERN never expected us to do in 1990.
As such, the only thing this "new web" can possibly do is get stale. As a thought experiment, imagine we'd built it in 2004, and it was all about helping people create Blogs. Or we built it in 1999, so it could help you "optimize the internet" by installing spyware on your computer. Worse still, imagine the original creators put in a bunch of codified methodology to publish and critique research papers, thus making it better suited for the task it was originally intended. What exactly would we be doing with that extraneous functionality today?
So yeah, it's cool that we need a fresh start and all. Just make sure it's capable of expanding beyond the silly OpenID/oauth issues that bother us today.
We do, eventually, need different models of sharing identity and personal data on the web, but this is fairly incoherent.
1. If we assume for a moment that the quoted JFK speech was actually written by JFK (and not by a speechwriter), you've actually proven you're better at penning inspiring words than JFK was. The sentiments in the JFK speech are rousing and inspiring enough that they overcame the wording at the time they were uttered to the world, but the phrasing itself is clumsy and distracting. "And the other things"? Seriously? I've never liked that speech, but I like the passion expressed in this call for a better Web, and it is not as marred as JFK's wording by a long shot.
2. I think a far better idea than using gateway providers is coming up with a way to store the data locally (on your own computer) and authorize (or not) particular Websites to access particular parts of it. You have to develop a protocol that can be used by visited Websites to access the data when they are authorized to do so, anyway; why not make it a protocol that definitively keeps the stored data in your own hands? Either way, the real challenge will be getting the visited Websites to refrain from storing the data in violation of your wishes once they get the data, but if I got to keep the data in encrypted form on my own computer I'd be much more likely to want to get on board with the idea.
When I first got my OpenID, this site was the only use I could find for it. Then I could use it on Stackoverflow. Then I could use it to comment on half the blogs in the world with Disqus. And now I can use it with Facebook (somehow.. I haven't got that working yet). This is a remarkable amount of progress for about one year.
The big players are not as averse to this as you make them out to be. Google in particular seems to be open to the idea of open data. They are also making Wave which I could see having a huge democratizing effect on the internet.
I started developing for the web a decade ago and back then, the only way to "share" data from another site was to scrape it, and that was considered hostile. Now everyone has feeds and APIs and the open standards are clearly catching on. I've seen enough to convince me that this trend will continue until the technorati are satisfied. It may take another ten years but that'll do.
As an example of the vagueness I'm talking about, you write "We would have some kind of gateway that would act as an identity provider (think OpenID) and a system you would put your stuff on." This doesn't say how this system is run, who owns it, who pays for it, or what the difference is from similar proposals that have already been tried.
The passion for making things better comes through loud and clear but the solution conveyed isn't much more specific than "let's make things better".
Development is unfortunately slow because I'm bootstrapping. Who would invest in a project equivalent to inventing the web ? If you know anyone, please let me know.
Note that this technology can't be owned and should become an open standard. But this is not incompatible with earning money from it. So I have a business model, but it is hard to predict if it can succeed.
The technology is the easy part.
You are going to have problems with funding for two reasons (you mentioned one, and I'll disregard the no co-founders thing for a moment):
A) No clear path to monetization and
B) I can't see a reason for any site to go through the effort of adopting the technology you're suggesting, even if it was already written and easy to use. NIH syndrome is very big amongst companies for good reason - if they own all the technology front to back, then they can change it any way they see fit, and not have to worry about someone else's changes.
Yes you can on facebook http://www.allfacebook.com/2009/05/facebooks-openid-live/ Make some better research next time.
What needs to happen is for it to evolve to solve these problems. There are many projects aiming to do just that. We are getting there, but progress is slow.
Here's where OP may have difficulties. He wants to make a major change that affects a lot of people. Better to dance with the elephants than in spite of them. Just ask Loopt.
Lastly, for problems 1-5 - FACEBOOK! No brainer that they will charge for FB connect soon.
Forget the messenger for a moment, if he is good or not for funding, if he has writing problems, or if he is dumb or retard.
Lets focus on the problem please, can we provide solutions?
Even solutions on how to fix proposed solutions that don't work?
