Relationship between inrupt and Solid


#1

@csarvan wrote:

I’ve read that blogpost before. I’m looking forward to Inrupt and community to clear up concerns regarding rights, licensing, IP… community governance/participation. It was sufficiently clear pre-Inrupt given Solid vision/initiative and expectations from the tech stack (development…standardisation). I hope you don’t find me being difficult about this, but I find whatever the transition entails quite important! It is not just for my sake but for the health of the project going forward. ATM, the apparent push to migrate discussions from Gitter and GitHub (relatively neutral parties as far as the “Solid project” or community goes) to somewhere that is governed by a single company needs to be better understood or maybe even agreed up on. This is not just about the differences in software (although I have raised some concerns about that earlier). This is of course completely orthogonal to the faith that the community has on one user/builder/leader of the Solid initiative: Inrupt. So, I’m not trying to pick on Inrupt in any way. I’m interested in community’s rights and acknowledgement especially of the past work, as well going forward. There are a few things that don’t seem to align well or ring right to me, but I’ll chalk that up for now as my misinterpretation or possibly miscommunication (genuinely unintended) from the Inrupt end. For example, the User Content License and Intellectual Property seems to overstep rights/control as I read it. What would be the incentive for people to commit their ideas given CC BY-NC-SA that’s attributed to the “Solid Project” (aka Inrupt?) alongside the IP? How does that align with fostering a healthy ecosystem such that other companies engage on equal grounds without having to fear that it’ll come back to bite them later on? Which measures is Inrupt taking so that there is a clear signal along the lines of: “the Solid vision and development is community-driven” (and not yet another centralised ecosystem in the works… open but different?).

That’s just some stuff off the top of my head right now… I hope it’ll be well received :slight_smile: This sort of stuff many startups go through - myself having been in one with a very similar concepts/drive, some overlapping tech stack, and presumably a business model similar in some aspects… a decade ago - and so I’m genuinely concerned to see these things resolve early on and transparently… especially when I’m making these observations from “the other side” this time around :slight_smile:

and @theWebalyst wrote:
I’ve read that already. As I said I don’t doubt any of the people involved, that’s not the issue. I’ve been a part of this community for a while now, so I know the ethos, and all the people are beyond reproach as far as I can tell. I’ve met Tim one to one and spent time exchanging experiences. All good, but I hope, perhaps over optimistically, that when it comes to setting up a business there’s going to be more than ‘trust us’ because from experience, that can fail badly. Just look at how we got here. Let’s not repeat those mistakes and think that getting the technology right is enough. I firmly believe it isn’t for something so crucial to our collective fate, or more to the point, our children’s fate.

Very soon there will be new material on the inrupt.com and solid.inrupt.com website and I would like to invite others to a conversation on this topic here.


#2

BTW @theWebalyst (Gitter) = @happybeing (here).


#3

Thanks for raising this here on the forum, @MitziLaszlo.

One other thing to throw into the mix here, because I think it relates to answering people’s questions about Inrupt itself, is whether there’s any possibility that Inrupt would consider going the benefit corporation route, or an actual B Corp.

I know there is a lot going on and that right now and that it’s very important to prioritize management attention. But even stating the intention to move in this direction might go some ways to addressing concerns of having a VC-backed company at the center of this ecosystem.

I found this article explaining Glasswing’s reasons for investing in Inrupt helpful. I think the nightmare scenario is investors pushing the current management team out at some point and taking the company in directions that are antithetical to the current vision. How do we ensure that doesn’t happen? There are good answers to these concerns, I’m sure, and it’s probably worth articulating these upfront, just to help clear the air.

I hope this honest feedback is taken with the supportive spirit with which it is offered.


#4

I think everyone has some valid points in their arguments. What we have plenty of in the current “community” is brain and passion.

What we don’t have is acceptance from the big companies to embrace this technology and accept that the user should be able to be owner of his/her own data. And we still are missing products that can be used by anyone, the solutions today are to technical.

If we all leave ideologies and personal thoughts aside, could we join up on a mission go put the data in the hand of the user, together? YES, we can. It all starts with Vision, Mission, Values + people with passion that can make things happen.

I think the best way to join up everyone on the boat, is a interest group / non-profit or what ever one would choose, with the ambitions as follows:

  • Create ambassadors in each country, that can preach and teach and convert media/companies/states into believers/partners
  • Assist companies in getting started with the technology
  • Lecture in events/incubators etc…
  • Collaborate in conversations with Solid project, Inrupt, and all others that are now coming into this fantastic mission.

I don’t believe in getting organised just to have a saying or “control” over something(Solid) or someone, I believe in organising to take actions moving forward together.

One thing that such an interest group could do for example is to organise a Solid venue ones a year.

If this sounds like something interesting for everyone in this talk, i would gladly take this into an online open talk.

/Eduardo


#5

@eduardoinnorway I agree, and would support this kind of awareness and community building initiative. I expect it is something Inrupt are also thinking about. I like it when things come from a community and are supported to the point of giving away control. If it is mostly lead from a centre, however well meaning, the community doesn’t grow as strongly. A bit like over parenting. This is though a lot of hard work, and finding people who can do this without making them employees is hard indeed. So maybe we need to be lead but with support given to anyone who is willing to take things on themselves. This isn’t my area, just speaking from observation and participation in other communities, so I hope more experienced people can help guide this area. One concern is that this is not how startups work, nor business, for obvious reasons they tend towards transactionality and control, rather than giving things away for nothing.

Another thing I’d like the Solid community and Inrupt to foster is working actively with others pursuing similar aims, and to grow out as well as upwards.

I get that for now there needs to be a lot of focus on getting things in place technically such as UI/UX, a working platform, and to a useful product, so all these other things will take time. I hope we can though get clarity on the intentions around these things, even if there isn’t enough time do much about them for now, and to encourage others who are willing to do that work to do their thing.


#6

@happybeing @gideonro @MitziLaszlo all good thoughts. It is in everyone interest to have some type of interest group. Solid and Inrupt will not be able to alone do everything that needs to be done, they must have a strong community support. We could start with organising a Solid venue next year, for example here in Oslo, where there is active Solid supporters and interesting open source / idealist communities.


#7

If I recall correctly, similar things were said about Canonical (devs behind Ubuntu) and yet they have maintained their founding principles and core team for more than twenty years.

Is this really a big concern? I doubt the opensource community would allow it to be be perverted. Although given the takeover of RedHat I suppose anything is ‘currently’ possible…


#8

Corporations go for the efficiencies. That means they don’t take over everything for the sake of it, but are selective.

As you note, a few weeks ago RedHat might have been held up as an example of a long standing open source business, a few weeks before that github as thoroughly committed to the open source community but who knows how that will change over the next ten years.

As soon as Microsoft’s takeover of github was announced, many in the Solid community saw the risks and some began working to decentralise git through Solid. The same happened in the SAFE community for the same reasons, and I now have a prototype in testing. So it makes no sense to me for Solid to be complacent about this wrt pod services.

At some point any business can become a valuable target. The same is true when too much data becomes collected together.

So even if large pod providers remained true to the goals of Solid, large concentrations of user data on their servers will make the servers and those businesses a valuable target for hackers, criminals and profit seeking businesses.

Maybe it will all just be OK. But why put all our Solid eggs in that one kind of back end basket? This is too important for me to take that risk. Let’s have a backup :wink: So I’d like Solid to look for ways to support multiple storage backends, including ones that decentralise data and can’t be taken over, and are not attractive or easy targets for hacking.

Under the requirements of GDPR, companies are notifying about 120 data breaches every day, and I expect many more go unnoticed or are not notified. Data security is a very serious problem, and getting worse all the time.


#9

Last week @johnb responded on the gitter chat and just wanted to make sure to have it here to so others can find it more easily in the future.

@csarven @theWebalyst great questions re inrupt and solid, and well received. We’ll add them to the FAQ Mitzi’s working on. inrupt’s got modest resources and the majority of the team are working on solid, so it takes longer than we’d like to put together FAq, ToS and the like. Not for the lack of intent.
Some clarity in the meantime. License and IP - same as it has been. All we’ve done is continue the way works were already being licensed for some years whilst the project was being driven out of MIT. The work that inrupt’s putting forward ditto. The solid website and content is currently sponsored by inrupt. The material there was coordinated with the ‘inrupters’ some of whom you’ll see on the inrupt.com site. It’s some inrupt employees (including Tim as project lead) along with long term Solid contributors. Intention is to establish a Foundation at some point - not Tim’s first - and hand over thius and similar. And for the questions about business model, still being determined. Number one priority to do our utmost to help Solid adoption and we’ll figure out a way to build a vibrant business in the context of that. We’ve seen great examples of that before - open source projects that spawn commercial entities that are complementary - and we’re listening hard to comments here.”


#10

I can confirm that one of the more important things we’re looking at on the node-solid-server architecture is modularity of backends, as opposed to the current implementation which is tied closely to the local filesystem.

This is a bit off-topic for this thread, but since you explicitly brought this up I thought it worthwhile to address that point for you :slight_smile:


#11

Thanks John, it would be good to open up some of these discussions to the community.

Sorry if it was straying too far from the OP. It is related through the post to which I replied, and I think part of the whole question of the directions of Inrupt and so on. I think it’s hard to separate these issues all into separate threads, though as an ex moderator I appreciate the need to also try to keep topics focused sometimes.


#12

@happybeing Agreed re POD services. We’re trying to encourage multiple POD providers, but have a mind to create a community-built ToS to try and hold those providers to. And as for the security of PODS, separate stream of work underway to look into architecturally how might we do that in such a way as to mitigate the risks we all face currently, huge silos with password protection. Including, as you know, SafeNet.


#13

Thanks for the update.

This I’m not aware of from Inrupt, so if you can share more about your activity in this area please do. I am aware of some contacts with Maidsafe and was party to some low level discussion, but that’s all.


#14

SafeNet part of our ecosystem sketch - motivated out of discussions with Maidsafe. Not much technical exploration going on, but then, no less than elsewhere - a hard placeholder for intent once more resources available. We have another inrupt strategy session scheduled for a week in early December and it’ll get more consideration for effort than most other potential projects. To set expectations, this’ll likely in the immediate term translate to offering modest support for the potential partners who want to work with us, rather than a significant development effort on inrupt’s part. For that, we’re going to need more resources,


#15

@johnb, a handful of us are looking to coordinate a migration of Google+ users over to Solid. Still lots of unknowns, but we’re starting to pull together a plan and reaching out to others who share this interest. We’ll be following up with @MitziLaszlo once we have something more solid.

I raise this here because I’ve encountered a little bit of pushback from folks on Google+ who are quite gun shy after what happened there with the shutdown and wondering about they can trust another company. I wouldn’t say it’s a widespread concern but all it takes a handful of folks to fan the flames of doubt.

I know you all have a ton on your plate, but publicly articulating the ideas about the foundation would help a lot, I think. Don’t know if a Benefit Corp or B Corp is also something you all would consider. Thanks for your transparency on all this.


#16

Very keen to help with G+ efforts - we’ve got some parallel work underway that might be useful. As for the Foundation, it’s how we discussed things way back when Tim and I sketched out inrupt. On the list but not highest priority tbh. I’ve asked the team to arrange a meetup for first week December, first of a few we’ll organize in different geos. At that first one we’ll be happy to answer any questions live. Hopefully that might help.


Questions for inrupt
#17

@johnb, I think that could go a long way, especially if it’s recorded in some way where we can point to it for those who are unsure. I think it’s perfectly fine for now to say “we’re super swamped, but directionally this is where we’re headed.” Especially useful is if you can point to specific examples that you think will model where you are headed.

As for G+, details on what, exactly, we will end up with data-wise from Google are still fuzzy and in motion. There is virtually zero information coming from the G+ team at this point.

I’m aware of some of @timbl’s efforts and we are looking to build on what we already know about on that front. We will make use of whatever help you can spare from the team. I’m assuming that @MitziLaszlo is the right person to share our plans with once we are a little further along, but let me know if you and others would be interested in seeing them. We are moving fast to articulate a plan right now.


#18

Thanks John for clarifying.

Re foundation structure etc, you could look at how Maidsafe did this. They are very committed to not being in control of SAFE Network. Their Maidsafe Foundation is a Scottish Charity, so independent and closely regulated to ensure it operates only for its specified charitable aims, which are around education.

There are some very small investors in Maidsafe Ltd, but the Charity is in control, owns the patents and the majority of Maidsafe, and will recieve an income from the network (alongside other stakeholders). Once the network is running, this makes it very hard for anyone to interfere with or control the network (including Maidsafe), technically or through economic power.

If Inrupt aimed for that level of robustness I’d sleep easier. As you know I’m concerned about centralisation through economic power. I’m also concerned by the presence of VC investment in Inrupt. And also that addressing these issues including the Foundation is not a high priority. I have heard from David Irvine that setting the Maidsafe Foundation up and getting it right was a lot of hard work, so if it’s not a priority for Inrupt I’m worried it won’t get the attention it needs.

I guess I could be called a worrier but worriers can help to keep everyone safe. :slight_smile:

To me the world could benefit from more worriers atm.


#19

There a number of ways to do it. Maidsafe one, we’re looking hard at others. Nothing wrong with being a worrier


#20

In December inrupt will host a Solid event in Boston that will be streamed live as an open channel for conversation globally. More details on the event time and location to come soon. Do you have any questions for inrupt that you would like to be answered during the December event? Submit your questions via this thread: Questions for inrupt