Inspecting the headers, it appears to be served by Node/Express.
Where is this node server running? Am I allowed to run my own, or are we only allowed to upload static content right now?
The mail app is neat, but I don’t really want to put all my content into installable electron desktop apps – users should be able to just go to a URL, like always.
Side-note: The network seems to be rather slow right now (site loads slowly) – is that because this is just in alpha? Or because not many people are on the network right now? It’ll get much faster in the future, right?
The data is fetched through the launcher/brave browser, which itself exposes the content via an express nodeJS server (the headers you can see). It is “running” on your local system. Technically you are already “running your own”.
And that is entirely possible but requires a different architecture of the app itself. As an example we have (/had) community prototypes for a blog engine, a decentralised forum and a drink collection app – all serving “non static content” right from the network itself, needing nothing else than the browser to work.
(hint, I am also working on another demo that runs in the browser exclusively using that new lower interface @polpolrene refers to)
Everything is static on the network. I would like to see user dynamic software to manipulate the immutable static data. Not other way around like what we have today on clearnet where the website is dynamic, and user has no abilities to control it. This is a good step to right direction.
Wait…how does that work then? When I click a *.safenet URL, the web-app is allowed to spin up a server on my machine then, which is started by the launcher? And they do this how, through some JS API? Or are they not allowed to run arbitrary programs on my machine, but they can store files on the safe network via some API that only works when connected through the safetnet launcher/proxy?
Would love to move all my low-traffic webapps to safenet and save the hosting costs
Or are they not allowed to run arbitrary programs on my machine, but they can store files on the safe network via some API that only works when connected through the safetnet launcher/proxy?
This is correct.
Would love to move all my low-traffic webapps to safenet and save the hosting costs
That’s the idea
There will be s range of approaches here, depending on what dynamic features a website or app requires.
Search for remoteStorage on this forum for a simple one which uses only the NFS (filesystem) API (my effort), related to SAFEpress which aims eventually to be a CMS.
A different approach, that aims to provide a framework for the features needed by a forum, amongst other things, search for Project Decorum by @Seneca.
There are others also working directly with the API - a file sharing app, a simple blog and so on, and no doubt others I have forgotten (I’m old ) or don’t know about. Look around under the Apps category, and just hang around the forum, particularly the weekly developer updates and the Apps category to see who’s doing what and how. And check out the SAFE developer forum..
When I say it requires a “different architecture of the app itself” it primarily means that is needs to drop the idea of having a “server” (or backend) alltogether and think more of reading and writing data inside the scope of a user – exactly as @happybeing explained it.
Which I think is a novel but actually very good approach. Considering that the majority of what backend servers do nowadays is holding on to user data, organising the permissions on these data (user authentication and such) and managing the reference of what data belongs to what user. If you’d remove this problem from that level all-together because you have a (web)-API that require the User to allow the app in question to read and write that users space once then your app doesn’t need to care about any of this anymore.
The only thing that is still rather different then is how “sharing” data between users is managed and populated. Which is exactly what these new data types (see earlier link) are for. In an appendable structured data, for example, not only one user, but many can add information. That could – for example – be used to form a collective index of some sort.
So, if you can “rewrite” your programs to not require any specialised backend but use the launcher API for all its needs, then yes, you can move all your apps over to safe net.
It needs to be seen whether or not this is sufficient or whether the network must also provide some way to provide services from within the networks which could be queried somehow. One example use case would be to query big search indexes – it will probably be too much traffic to first download the entire index and then do a search query on it on your local system.
So with this new Appendable Data structure… will we be able to do proper ACL?
Like, say I have some photos and I only want to share them with my “Family”. Will I be able to give them read-only access to my photos? And as I add and remove “Family” members will their access automatically be revoked/added? i.e. group-based permissions.
I know that some of the logic in my apps gets very complicated determining who has access to what. Permissions can change based on the time of day. If I have to add or remove users one-by-one when time-based (or other external) events occur, that might get kind of nasty.
Do we have anything akin to ‘cron’ so that I could trigger a script at intervals at least? It might get inefficient if I’m trying to “refresh” the permissions on every piece of data every 5 minutes though.
I do like the idea of giving users access to the data itself, rather than some arbitrary webpage that may or may not display the data you’re after depending on your permissions, and running the risk of some developer messing up the SQL query and displaying too much – but it does have to be manageable.
Not in any classic sense no. At the moment the network doesn’t know of computation as a service, it only knows about storage. So any manipulation is done by “clients” (when someone runs an app) which in turn changes data on the network. One basic problem you face with this, is that in a computed cloud of untrusted clients (like the safenetwork is), you can only trust anything if it can be mathematically (read “cryptographically”) verified. This isn’t trivial and especially time-dependant information is actually quite complicated to enforce.
As the name of the release suggest, the system is still alpha and even basic use cases, like a publicly-accessible search index aren’t yet fully understood nor implemented. While there are various discussions on cryptographical access control, there isn’t any built-in solution at the moment.
HOWEVER, one very interesting thing that comes directly to mind is the most simplistic of all use ACL-crypto implementations: every person connecting to the network, when logging in automatically creates a private and a public key pair. Now, if you “know” the public-key-pairs of everyone, who should have access, one thing your app could do is encrypt each file multiple times, each time with the corresponding public-key of the person, who has access and then you’d share that file with them. Then they’d be the only one who could actually access/read that file. To remove access you just remove the file.
Or, in a more simplistic (and less secure) use-case, you could upload all photos unencrypted and only encrypt an index of the links to those files with each public-key-pair – basically giving each one their own encrypted photo album of “links”. In that case, however, in order to remove access, you’d have to move the file to a new location and update all indexes. This would come closest to how many CDNs handle todays data-access (like google photos and flickr), where only the link to the file is under ACL but the file itself (once the URL is known) can be technically seen by anyone.
this is kind of what I mean with “you need to architect your app differently”…
Mentioning cron though, makes me wonder if it would be possible to implement a cron in the launcher … that could activate apps or scripts to do certain custom things on the network automatically. EDIT … of course that would be bringing the server back into the picture. At least though the server would be totally under the users control.
You can do that already today, just use normal cron and give your script an access-token from the launcher.
There is no benefit over that versus having that “within the launcher” as it does only run when your system is up for both. On the contrary the existing cron is a battle-tested amazing piece of software, re-implementing something like that in the launcher is … pointless.
Hrm… well it sounds to me like SafeNet is fairly well-suited for single-user apps, but it might be too much a challenge for most multi-user applications (at this point). Oh well, I look forward to seeing what’s to come.
People here want to get rid of servers and create some kind of decentralized computing. But I think it is a big mistake trying to avoid all existing technology. If maidsafe creates some kind of realtime messaging between vaults, than nothing can stop you to use all current server technology, (sql, nosql, all server side frameworks) and instead of using direct client - server conections you can use client->safenet->server connections. Server can do all it does now, and send response to client via safenet back.
For me this aproach can be used to 100% hide illegal servers, since noone will be able to find out which server is serving data to those clients. The problem of this aproach is speed and latency. This can be hardly used for some realtime zero latency games, but it can be used as replacement to many current webs.
You can use save net to establish a secure link between two nodes, then allow them to communicate directly. Safe net is a great tool for ensuring both ends are who they say they are, then agreeing terms of secure communication.
What if server want to be hidden from all clients, including all goverments? What if clients want to be hidden too? Direct secured comunication between client and server is current internet over https. There is 0 anonymity.
If you want full security (network anonymity and encryption), you may have to take the latency hit of routing through safe net.
However, if you just want point to point encryption, you can use safe net to handshake, prior to connecting directly. Then, you don’t need to use https - you can use any encryption you wish, as both parties have confirmed cryptographic identify and have securely described the protocol to be used.
This way, you don’t need to communicate with an SSL certification authority (the safe network can confirm identity instead, in a decentralised way) and you don’t even need to use SSL/TLS protocols for encryption - your app can perform encryption with whatever algorithm is preferable.
WRONG… point number one - keeping track and being able to manage in a clear manner of all your SAFE apps using a cron in one place. I’m certain that if one applies some creativity, then one will discover other points.
Good to know that the existing cron will work though… still the arrogance of people here really amazes me sometimes. “pointless” eh? Well we might as well give it up and leave it to you infallible experts who think of everything.
BTW, maidsafe should probably be better at marketing/highlighting these use cases. Providing certification authority alternatives in a distributed way is a big deal - it is a business case in itself. If it wasn’t for safe net being crammed so full of innovation, I suspect technology like this would stand on its own merit.