SAFE web browsing


#1

Thank you for boosting this (important) discussion. People will need the smoothest transition possible. That might first be desktop applications to download, but the web-compatibility should not lag far behind, in my opinion.

So from earlier messages I learnt that it will be hard to build a light weight client in JavaScript (even though I still love that idea; it would allow any page to connect to the SAFE network). A browser plugin, I agree, is probably one of the best starting points. Is anyone on this list connected to the Firefox community? Or has experience building browser plugins?

A second question I want to raise is about the DNS service on SAFE. I can see how the network would allocate names on a first come, first serve basis. But if we learnt anything from URLs over the past decades, is that in retrospect it’s rather unfortunate system: domain names get bought up and resold at ridiculous prices, on top of that the majority of top-level domain names point to neglected age-old websites, or nothing.

So in respect, what if you have to pay the network in safecoins to host a domain name? (Network reallocates the coins for farming) - could this work? remarks?
Secondly, can we brainstorm something new, something beyond URLs (and Google search)


Serving dynamic content instead of static files
#2

COPIED FROM MAILING LIST: On 03 May 2014, at 19:31, Dan Jasek wrote:

They way web applications will be built on MaidSafe will be very different then the current standard PHP or MVC style. You won’t see the standard request/response system you see now. All of the logic will be in Javascript and run inside the browser, you will not write any serverside code at all. The javascript will make calls into the safe network to get and put data directly.

This style is called “single page application.” This is the worst name ever, the sites built in this style are not actually a single page.
Here are some links to get you started:
http://itsnat.sourceforge.net/php/spim/spi_manifesto_en.php


Frameworks like Angular.js are commonly used in this type of design.

I do not believe there is any timeline or immediate plans for implementing this, and some of it may come from the community. This is what I expect will be built eventually:
A browser plugin will be built to interface into the MaidSafe network. It will handle routing and network infrastructure. Javascript frameworks will be built to help you write applications that use MaidSafe. Once MaidSafe gains in popularity, the plugins will migrate to the core browser application and users will be able to access SAFE urls without installing a plugin.

You will sign in to the browser plugin and all SAFE sites will just know who you are. You will be able to have multiple aliases and be able to set which sites see what identity/data. It will be the ultimate single sign-on.

The network also does name resolution (like DNS). As an application builder, you will define a name for a directory you save to the network (lets say you name it awesomeapp.com). When users enter in their address bar safe:\awesomeapp.com the plugin will lookup this name, find the directory you set, pull the index.html page from that directory, and provide the page to the browser. That page may have links to other files (images/css/javascript/etc), just as is done now. The browser will request these from the MaidSafe plugin and pull them down in the same way as the index.html file.

When the index.html page and other files are pulled, these are coming from the SAFE network directly. You will not have a server running. You will save the files to the network and be done. You won’t have to deal with scaling, server and database maintenance, or other operations issues. The network will handle it all for you automatically. If your site goes from 10 hits a day to 1,000,000 hits overnight, you will not have to change or do anything (except enjoy the popularity).

As is explained in the links above, the HTML page for your site will not have any dynamic data at all. It will have javascript that will pull the data down from the MaidSafe network. Right now, you are writing PHP that pulls data from your database and uses it to construct the page of the application. The SAFE network IS your database. Instead of PHP, you will be writing javascript that pulls the data down directly from the database (the SAFE network).

Tools, frameworks, and tutorials will be built to make this all very easy. You are looking at the absolute cutting edge of web technology, it will take time for the community and infrastructure to built up to support it in the same way you see currently in PHP.


#3

This just sounds so exciting!!! Can’t wait to build my first page with a scrolling marquee “Welcome to the internet!” :smile:


#4

Adobe Flash was great example for powerful single-page application, and you could pars XML directly.
HTML5 Socket to SAFE would be powerful solution.


#5

So for clarity, is the goal (or one of the goals) to allow developers to develop Maidsafe applications using standard web technologies? i.e. HTML5, JavaScript, etc, as SPA’s (single page applications)? With API calls or hooks to the Maidsafe network? So (in addition to C++ type apps?) one can develop a full screen desktop / tablet / phone “web app” using the power and security of Maidsafe? Where will the initial app reside for download / install? a traditional web server? a Maidsafe app store? both? Will the resident app reside on the desktop / phone / tablet and just the data will be on the Maidsafe network, or will the app dynamically load from the network each time, allowing for seamless “updates” to the core app? Or some hybrid?

I think allowing “web apps” to be a GUI engine for apps (one of) allows for the most flexibility and cross platform, OS agnostic adoption. Granted some things will need native OS access (like accessing the camera on a phone or tablet) and will need to be device / OS specific. But Apple (Google) could block native apps from their app store that they don’t like if it cuts them out from data gathering / marketing / spying / profit. Web apps cannot be blocked right now.

I think much wider / faster adoption will occur with web technologies being used to get apps out there faster. There are many app builder type tools out there that will help accelerate adoption if they can tap into Maidsafe.


#6

That. Is. Awesome. I think it’ll be interesting to see how data gets handled. It seems like for a given application you might want to store user data in the user’s own MaidSafe data store, and store some other data in more of a “global” MaidSafe data location that’s available to everyone who is using the app. Which begs the question, what type of existing database would best work with MaidSafe, or is new database technology required?


#7

@wolf I think the answer to all of the questions you just asked are going to be yes. Everyone is going to come up with a solution that works “for them best” until a real best solution comes to light.

@physics I think a new solution will eventually come out, but only time will tell. The best part about Maidsafe is that it is a framework - you can build what you need to make a best solution using it.


#8

Thanks Wes.

This might not be the right sub forum, but I wanted to ask, what is to prevent someone or some group from stealing your pin / password with an app designed to steal said information? That pin / password combo is the key to all your encrypted data, correct? (I am not well versed in exactly how bitcoin works, and perhaps my answer lies in understanding it better.) i.e. where is the user pin / password entered (a general maidsafe login, or is it on a per app basis?)

For example, let’s say I as a developer make a web app for an Android phone, using maidsafe on the back end to store the user data. As a user, where is the password and pin entered to authenticate the maidsafe user data as it pertains to that the app? Is it a secure maidsafe login object embedded in the app? What is to prevent a rouge app designer from stealing my pin and password or token generated from the secure object and breaching all my data out on maidsafe? It is just 1 pin and password for all my data, right? And it is only entered and stored on the device where it is entered, and it is not transmitted? But if the app is malicious, is there a security threat to all my data?

What is the methodology that will prevent a government or any entity from creating rogue apps with the express intent to gain access to the encrypted data for the user who falls victim to the rouge app? Or what steps are in place to prevent entities from inserting back doors in the core code base? As we have seen with Windows, hardware level firmware back doors, corrupt cell 2G / 3G / 4G code stacks, etc…

Please move this to the appropriate sub-forum if this is the wrong spot for it. I was expanding upon the web app idea with a security oriented questions as to the security of the web app.

Thanks.


#9

The network is by itself one giant database, or rather a key value store: You give it a key, it passes you back a value. Those are the underlying cogs of the machine :).

So yes, your own data should always be in your own account, so you control it at any point in time. A SAFE application can be stored under a different account and have it’s own storage needed for running the application (binaries, graphics, etc).

To share your private information with friends, on the other hand, you don’t need to release this information to application level (as you would upload a picture to Facebook today). You simply share this data with your friends directly, without the application controlling this shared information.


#10

Hi Benjamin

I think the solution lies in this setup:

Instead of an URL use an URI (Uniform Resource Identifiers).

Cheers


#11

This would be great, though I suspect that IE, Safari, and Chrome will take a while to get built-in support for the network. Their companies’ operating systems don’t ship with torrent apps even though including them would be easy.

For browsers like Firefox at least, it would be useful to have this core support early on, maybe before the network goes live. This way, they could end up in the system by clicking a safe:// link, and that would be a smooth welcoming.

I’m guessing that viewing public data (such as webpages) on the network wouldn’t require joining the network, and the incentive for joining would be interaction (posting on forums, contributing to video library sites, messaging others, backing up personal data, etc)?


#12

Sorry to sound like propaganda but I think we need a browser model that irrevocably places total control over the end user interfaces in the end users hands.

On this a stake holder model wont work. We are all end users and that is the means and ends to consider things from. Doing a modal ad on the system now or in the distant future should range from being impossible to completely impractacle. Of course, complementary search/trending and culture, community and education would be needed. But clearly no pop ups or modal window or outside control over scrolling, back/forward.


#13

Just a thought, but as we will need a name for the safe browser, I was thinking “Beagle” as it sounds similar to “google” and has lots of relevance to the Maidsafe project -ie Darwin’s voyage of discovery, evolution etc.


#14

There is Linux software which had that name.


#15

There’s a dog called a beagle too…does it matter all that much? Was it a browser, as if not then it doesn’t matter does it?


#16

It does matter if you care about marketing. If people associate your product with some other product subconsciously then it generates unnecessary confusion.

There was no such word as Mozilla until it was made up. Netscape had no app with that name when they came up with it. Windows described the functionality and look of the GUI but it wasn’t common. Beagle on the other hand is not only a word already in use but in use by one of the primary demographics for SAFE Network.

If you like the name you can use it but it’s risky and could result in people thinking it’s this Beagle


#17

hmmm…related to desktop searches too. Ok, sorry, no idea this existed as not a techie, i just saw the relevance…shame, nevermind


#18

der speigel


#19

I think/suggest that the name of the Safebrowser should be called “EYEBROWSE” (I browse, is also that feeling that you’r browsing is made safe (Maidsafe) without any nosey stalkers)

LOL every time when you fireUp your browser, it shows a different eyebrow with no face and the eyebrow does something weird.

Like this:


#20

Apologies, but I’m spamming three web browsing threads to ensure all interested get to see this…

If you’ve not seen the meshedsites.com plugin go look at [my post here.][1] There is a plugin and dynamic website (blog for now) solution ready on Git for someone to adapt for SAFE.

[1]: https://maidsafe.org/t/an-introduction-to-meshedsites/823/7