[HN Gopher] Local-First Software:You Own Your Data, in Spite of ... ___________________________________________________________________ Local-First Software:You Own Your Data, in Spite of the Cloud (2019) [pdf] Author : JeanMarcS Score : 95 points Date : 2021-02-25 19:15 UTC (3 hours ago) (HTM) web link (martin.kleppmann.com) (TXT) w3m dump (martin.kleppmann.com) | jasode wrote: | The headline is about the _aspiration_ but not the | _implementation_. | | Within the contents of the paper, it talks about CRDTs to | _technically implement_ it. | | I'm not familiar with the technical tradeoffs but I bookmarked | some past HN threads mentioning CRDT did not fare as well as OT | (Operational Transform): | | https://news.ycombinator.com/item?id=19886883 | | https://news.ycombinator.com/item?id=19847622 | josephg wrote: | Modern CRDTs like Automerge and Yjs should be able to perform | basically just as well as an OT based systems (like my own | ShareDB) now. I ran some benchmarks using Kleppmann's approach | a few months ago[1] and I think a well implemented crdt should | easily be able to do millions of edits/second. The thing that's | holding us back at the moment is the lack of good high | performance native implementations of these systems. But that's | being worked on. | | This has only really started being true in the last year or so. | | [1] https://josephg.com/blog/crdts-are-the-future/ | WhatIsDukkha wrote: | I assume you are following | | https://github.com/automerge/automerge-rs | | I'm hoping this matures a bit more in the next months, seems | really promising. | tmotwu wrote: | If javascript/non-native CRDT implementations are responsive | enough compared to existing algorithms for collaborative | editing like OT, what incentives or cases exist to demand | high performance native implementations? | | To be clear, I think this is exciting stuff and your article | is great. I'm just curious if there are any open research | problems in this area that would make them more appealing in | production. | maxrev17 wrote: | Even a lot of devs have turned to aws/azure/gcp.... Local first | is too much responsibility for some. | camnora wrote: | Local-first software feels underrated especially in the UX realm. | Peer-to-peer applications such as Manyverse load instantly due to | not being blocked by network requests. My hope is that more apps | are developed with a local-first mindset. CRDTs likely introduce | additional complexity around data storage, so this would | certainly be a drawback when considering local-first. | dvt wrote: | These kinds of ideas always get traction here on HN or similar | places (slashdot), but I think that ship has long sailed. People, | by and large, seem to be totally okay with storing data in the | cloud -- from Dropbox, to Google Docs, to InVision. All things | considered, data breaches are rare, and if they _do_ happen, they | 're usually to be blamed on configuration blunders, not the | services at large. | | Other than a few highly-specialized niches (InfoSec, government, | military), the de-facto reality is that online-first | collaboration pros seem to outweigh the cons. | RedShift1 wrote: | People use the cloud because they are being forced through the | software user interfaces. Working with local files takes | increasingly more steps compared to cloud based solutions. So I | wouldn't exactly say that people are ok with it, it feels more | like they choice is being made for them. | jay_kyburz wrote: | If web pages could be more easily given access to a directory | on your filesystem, Google Docs could more easily show you | you files in your Documents folder. | zozbot234 wrote: | 'Access to shared data' for proprietary, untrusted "apps" | is an anti-pattern that even iOS and Android are now | getting away from. If a JavaScript app needs to access some | sort of complex directory structure, that can happen within | current API's by locally "uploading" and "downloading" a | standard archive format, e.g. a .ZIP file. | southerntofu wrote: | Running code from untrusted sources (Javascript/WASM in the | browser) is an anti-pattern. It causes all sorts of | problems and vulnerabilities. | franklampard wrote: | > pros seem to outweigh the cons. | | Exactly | pdimitar wrote: | You seem to underestimate the pressure from the market. | | At one point the younger generation does not even _remember_ | there was a local-first software. | | Sadly the relentless efforts of the corporations are paying | off. | | That doesn't mean people are okay with it. It means their | choice is made for them. | mvzvm wrote: | I disagree. I think HN is rabid about privacy and "owning | your data", but by and large, most people just don't care. | hinkley wrote: | There's a whole thing with growing or making your own food | as much as you can. We keep outsourcing food production. In | affluent areas that's a boon, in others it's an active | problem. | | Probably we will see the same play out here. | codemac wrote: | Most that I talk to do - but it's similar to how they care | about the national debt. | | There's nothing they can do, they have no realistic | expertise or control, and they vote with what - dollars | once every phone purchase? | mvzvm wrote: | I think this is a good analogy, because the national debt | is not a good measure of anything. People bring it up at | all the wrong times, and takes grandstanding postures | around it. Just like this, eh? | deathanatos wrote: | > _and they vote with what - dollars_ | | More and more, I am seeing many companies that realize | they can do both: take the user's money _and_ feed them | ads. After all, that 's more profitable than _just_ | taking their money. | | As examples, T-mo, Verizon, my local gas station, various | airlines all both take my money and give me ads. Some are | even known to sell my data. | | So, _can_ I actually vote with my wallet? | ibeckermayer wrote: | Consider who taught them not to care. | eternalban wrote: | People have no clue as to how computers and networks work. In | fact, you may have even interviewed people for software jobs | who don't have a solid grasp on these matters. | | This is good news, as far as system architecture is concerned, | as the opinion that matters is principally concerned with | utility, convenience, usability, etc. | | Secondly, the ship may have sailed, but interestingly these | ships apparently are generational. There used to be a ship | called AOL. /g | | (There is a reason every ideological effort for authoritarian | control heads straight for the school house and youth camps. | The reason is the said 'ship' that sails, on schedule, every | ~20 years.) | eternalban wrote: | To be constructive here, if you care about these matters and | have technical know-how, invest in the future and mentor the | younger generation on how to build decentralized systems. | Give them knowledge, blue prints, and tools. They'll crack | the generational social code on their end. | southerntofu wrote: | YES! Though why teach only the young? ;) | gobengo wrote: | > People, by and large, seem to be totally okay with storing | data in the cloud | | It's simply not true, or if it is, it's only because of what | you're choosing to looking at to build your view of how it | 'seems'. | | https://mydata.org/ | https://en.wikipedia.org/wiki/General_Data_Protection_Regula... | https://ethereum.org/en/ https://solid.mit.edu/ | | Meeting every week: https://identity.foundation/working- | groups/secure-data-stora... | | > All things considered, data breaches are rare, and if they do | happen, they're usually to be blamed on configuration blunders, | not the services at large. | | Did you work at Google? Do you know about PRISM? | https://en.wikipedia.org/wiki/PRISM_(surveillance_program)#C... | | Can't tell if you're intentionally or accidentally misleading. | dvt wrote: | > Can't tell if you're intentionally or accidentally | misleading. | | All I'm doing is looking at the market cap of companies like | Facebook and Dropbox. I mean, hell, Facebook literally _sold | personal data_ and sure, you occasionally see "boycott FB" | movements, but they're all bark and no bite. | adkadskhj wrote: | This is sort of like saying people are okay with cancer | because they buy certain plastics in mass. The reality is | people are ignorant of what is good for them in a ton of | applications, including this one. | | Only a handful really grasp the context of what is | happening with their data _and most importantly_ how their | data could affect them. | | People routinely do things against their own interest. It's | up to the other people that care about this issue to make | competing products that don't harm. There's simply no way | to get everyone to _really care_ about an issue with nuance | and /or niche knowledge. | Spivak wrote: | I don't think you're giving people enough credit. It's | not exactly a mystery at this point that Facebook/IG make | their money by selling access to your information to | advertisers. People really just don't care which doesn't | make them ignorant and doesn't mean they're wrong to not | care. We're the privacy obsessed weirdos. I've been in | conversations where people talk about products they | "discovered" through IG ads. | | The mindset where we're the only ones that _really | understand what 's going on_ and everyone else are just | sheeple -- sheeple I tell you is gross. This issue really | isn't all that nuanced. That's just the lie we tell | ourselves because we don't want to admit that we're the | nutters being like "they're watching you scroll through | Facebook and they're gonna use that to lower your credit | score. THE ALGORITHMS!!" | | I'm proud to be part of this weird club but let's not use | it as an oppertunity to shit on our outgroup. | southerntofu wrote: | We may be interested in the deep details/debates the | general public has no knowledge about. However i can | assure you many people care about their privacy. They're | not all ignorant, but they're usually powerless. | | Wanna keep in touch with friends? Gotta use facebook. | Wanna watch cool videos? Gotta use Youtube. etc. | | But there's a very strong movement of non-tech persons | for privacy, decentralization and free software/culture. | In France, it's best exemplified by the Framasoft | association which started from a network of teachers : | https://framasoft.org/en/ | jkepler wrote: | I'm in France, and have met some of the excellent folks | who help framasoft with their project to degooglize the | Internet. | | I know a number of people who dispair, thinking they | can't protect their privacy. But gradually, those who | know a geek may be moving towards better software, as | privacy respecting options with decent UX get developed, | and as their FOSS-geek friend or family member patiently | points out tools they can actually use. | bachmeier wrote: | From a business perspective, it doesn't really matter. There's | still a large market of people that do care about it. Look at | the explosive growth of Obsidian in large part because it's a | local-first solution. | | In addition, there's a difference between using those services | and being "totally okay" with it. If you like Evernote, then | sure, you'll be using the cloud. If you had a way to use | Evernote without storing your data in someone else's cloud, a | lot of people would be happy. | | Even non-technical people talk all the time about not trusting | services because of data issues. Many will not use a new | service because they're worried about their data if the service | stops. It's a really big issue for businesses. | hemloc_io wrote: | I think you're mostly right. | | However I would've said the same thing about | Telegram/Signal/Defi and other decentralized/privacy first | technology not too long ago. | | I think there's a reasonable case for the idea that as the | conversation around censorship and data ownership evolves, | we'll see a restructuring of the market toward some level of | personal data ownership. We're probably far from that today | though. | [deleted] | Geee wrote: | You can own your data if you use client-side encryption with | cloud. When encrypted, you don't have to trust the cloud | provider. This opens up new possibilities such as P2P networks | with fair pricing, no provider lock-in, equal access and | censorship resistance. I'm excited about Sia / Skynet which | enables these kind of apps. | saurik wrote: | That works fine as long as you don't care that advances in | computers and cryptography would one day (maybe after you are | dead, and likely only with some notable effort) allow someone | to read your data and (much more practically) you are extremely | confident you can't lose control of your key somehow. | Geee wrote: | Managing and using private keys safely is still a huge | unsolved problem in general. | amadeuspagel wrote: | PouchDB/CouchDB is great for this kind of software. Shameless | self-promotion: I used it for thinktype[1], a note-taking app. | | [1]: https://thinktype.app | pdimitar wrote: | I am completely behind the idea and would work full time on it | (if I had my time for myself) but all such documents or sites are | all talk and no code and it's getting tiring. | | I get that they want to inspire, to show data backing up the idea | that people are open to that software model, and in general to | give hope and inform but... I am getting way too cynical and I | can't help but wonder if actually writing a tool that builds the | foundations of such a movement wouldn't have been a time better | spent? | | I mean, at what point will _somebody_ do something about it? And | does it have to be your average overworked programmer who is | sacrificing their scarce free time? When will one of these | organizations that periodically toot their own horn about much | they care, will hire several hardcore programmers to do | something? | bhl wrote: | Have you seen Kleppmann's automerge library? | https://github.com/automerge/automerge | pdimitar wrote: | No. Checked quickly, looks good. Thanks for the link! | iamwil wrote: | James already has. https://actualbudget.com/ | | It's personal budgeting software that's local-first. | Jtsummers wrote: | > I am getting way too cynical and I can't help but wonder if | actually writing a tool that builds the foundations of such a | movement wouldn't have been a time better spent by the authors? | | One of the authors wrote a book on this topic that gets high | praise and frequent recommendations on this site. Several | (all?) of the coauthors worked on prototypes on this topic that | they discussed freely in order to enable others to follow their | same path and explore it further. So yes, I'd say you're | getting way too cynical. | pdimitar wrote: | I'll immediately agree I am getting too cynical. I just wish | we had something more than inspirational articles about the | issue. | | Didn't know about the prototypes. Good on the authors! I do | wonder why not one has been seen to completion though, do you | know? | endisneigh wrote: | I wish OneDrive, Dropbox, etc. had a notion of a Personal | Database File System, PDFS. With PDFS if they all shared the same | API then you could build a database ontop of the PDFS that syncs | to popular file systems. | | If both of those things existed you would be able to build apps | like LinkedIn such that LinkedIn could just access your PDFS so | your profile is actually hosted directly on your PDFS - so if you | delete your profile info on your PDFS it's gone from LinkedIn. Of | course, this also depends on trusting LinkedIn to not just copy | over the contents of your PDFS but that could be handled as well. | southerntofu wrote: | So if it's just about protocol to exchange files, SSH and | webdav are the de-facto standards for that (FTP has declining | popularity). | | If we're talking about the semantics of building desktop | applications, then i think you're looking for freedesktop.org, | although it quite POSIX-centered. | | Higher-level, federated alternatives include ActivityPub (HTTP | signatures + JSON ActivityStreams), XMPP (XML stanzas), Solid | (HTTP + Linked Data). | | All four of these standards could receive extension proposals | for more semantics for specific use-cases. However, Microsoft | (who owns linked in) and other evil tech-multinationals will | never adopt a standard because that would allow competitors to | walk on their turf. Remember when gmail.com chat was federated | with Jabber/XMPP until Google pulled the plug? | WrtCdEvrydy wrote: | You have to remember that all of these companies are either | part of a large company or a startup. Locking you in is the | reason they can justify their stock, their IPO, their exit and | their high developer salaries. | qbasic_forever wrote: | Microsoft was planning this 20 years ago with WinFS, to be | shipped in what became Windows Vista. For many political and | technical reasons it never came to pass. Some of the folks | working on it went on to work on what became OneDrive though. | jay_kyburz wrote: | Isn't the API the filesystem? | | What happens if you set up OneDrive and Dropbox (and Google and | Apple) to sync the same folder. | qbasic_forever wrote: | > What happens if you set up OneDrive and Dropbox (and Google | and Apple) to sync the same folder. | | Chaos, potentially. Think about deletes... delete a file from | the web UI of one service, its client deletes the file | locally, but that same instant the _other_ service sees the | missing file and happily restores it, the first client | deletes, the second client restores, etc. etc. until you've | blown gigabytes and gigabytes of network bandwidth. | Jtsummers wrote: | In other words, ultimate control needs to be on the client | side. You delete from Dropbox, and the local machine marks | the file as no longer being backed up by Dropbox but does | not delete it. Some UI needs to present to the user: This | file is backed up in these services, but not the other one. | At that point, the user has the choice of fully removing | the file, restoring it to Dropbox, or leaving it alone. | They may even decide they don't want it backed up in _any_ | service, but want it to remain on the filesystem. | snthd wrote: | https://en.wikipedia.org/wiki/Solid_(web_decentralization_pr... | | >Solid (Social Linked Data) is a web decentralization project | led by Tim Berners-Lee, the inventor of the World Wide Web, | developed collaboratively at the Massachusetts Institute of | Technology (MIT). The project "aims to radically change the way | Web applications work today, resulting in true data ownership | as well as improved privacy" by developing a platform for | linked-data applications that are completely decentralized and | fully under users' control rather than controlled by other | entities. The ultimate goal of Solid is to allow users to have | full control of their own data, including access control and | storage location. To that end, Tim Berners-Lee formed a company | called Inrupt to help build a commercial ecosystem to fuel | Solid. | | https://solidproject.org/users/get-a-pod | | https://solidproject.org/developers/tutorials/getting-starte... | sjbrown wrote: | https://www.inkandswitch.com/local-first.html | | HTML version here ___________________________________________________________________ (page generated 2021-02-25 23:01 UTC)