I have an extreme position here because this is the backbone of my company: "running a personal server" should require zero sysadmin or any other technical skills at all.
If you can click a button, you can have an always-on, always-connectable machine that requires no maintenance and allows you to install server software just as easily.
I tend to agree with you. People need to take back the control of their data and run their own servers. But how does a laymen manage security risks on their server without a basic understanding?
How would this work in vaporware?
I also want to know because it’s not just about having your server not work. It’s also about security/safety and ways you can compromise yourself by accident
A good mental model to have is AWS Lambda or other "serverless" cloud functions - you don't have to worry about the setup and security of the host server itself because it isn't the server itself you care about, it's the result of a particular run of code or data access that you're concerned with. The hardware is slightly abstracted away.
The short answer for both of you for the moment: most security risks are about unwanted access or OS vulnerabilities.
For the latter, the flippant answer is "our OS will just not have vulnerabilities". That sounds like a bullshit answer, but our entire stack from the kernel to userspace has a very contained footprint, no dependencies on external code or libraries, our compiler binaries are human readable so nowhere for exploits to hide, and the privileges/access of any additional applications you install will be transparent to the OS and auditable by you. When you have typed, pure functional programming up and down the whole stack, deterministic guarantees like that are feasible.
Re: unwanted access: Our OS should be thought of like a VM. So either a slightly technical person takes the most rudimentary steps to insure a host machine they fully control has access control handled (this isn't that hard. SSH settings + firewall); or a totally non-technical person has a hosting provider (or friend or family member!) handle that detail for them on mamaged hardware.
Kind of vague response for now, but as the weeks and months roll on we'll have more authoritative technical documentation to link to in place of my blathering.
What’s the difference between Kinode and Vaporware (is that the name of your company?) then? Both use wasm to containerize the apps right?
We don't use WASM, we use an entirely new computational model called PLAN and a new Lispy/Haskelly functional language called Sire. The core of our system is an SSI (solid state Interpreter), Kinode's is not. (We'll have a blog post with a frendlier definition of the SSI soon, but for now there is this whitepaper that introduced this concept to the world: https://media.urbit.org/whitepaper.pdf . Disclaimer though that we are not building on Urbit, it's just that the SSI is a general concept.)
We've got some explanation of PLAN here: https://vaporware.gitbook.io/vaporware/overview/overview#persistence-plan
Kinode's identity/networking layer requires blockhain integration. Our networking and identity are optional, freely-chosen by the user, and compatible with standard, blockchain-less cryptographic keypairs very much like Nostr. In fact, you'll be able to use your Nostr keys as identy in our system!
Oh! So maybe then we can think of a spectrum from least to most groundbreak/different like
Umbrel
Kinode
Vaporware
Plunder
Urbit
Vaporware is right in the middle. Nice!
Yea! I like that.
I think you'd want "Solid State Interpreter" at the bottom, rather than "Urbit" as technically urbit is *A* solid state interpreter. But your framing is good regardless
I’m in. Let me know how to be an early adopter haha
🤝
As of this moment we don't yet have any more user-facing toys to play with (we had a few limited demos a couple months back. New ones are in the works).
If you're a developer and want to check out the system as it stands today I could point you to the docs.
If you want to just hang out and talk about whatever and find out about things as they develop, you could join our telegram: https://t.me/vaporwareNetwork
I'll always post relevant stuff on Nostr, too, if you prefer that!
Would Vaporware have issues with this for example? https://x.com/qualys/status/1807693619161133539?s=46
In an environment where a host VPS is running an instance of the Vaporware Operating Function, the host VPS might be compromised, but so long as our VM is encrypted and the user has redundant versions replicated elsewhere, an attacker exploiting the VPS via this attack would get nothing more than a bunch of encrypted bytes.
In the (further) future when we're running on bare metal or on mobile devices (like Android forks) - no.
You should repost this note, really makes your whole deal more understandable
How do you mean?
For example when we argued about whether server space is sovereign property, I wasn't thinking about you being laser focused on making server operation itself unstoppably easy
Oh no I don't remember that argument. The server space being sovereign (or not). Got a note link?
I'm usually pretty good at memorizing every nevent id I publish just in case but that one is slipping the mind I must admit
It was the one where I kept going "I double dog dare you to kill the president or ur server isn't sovereign"
I remember you telling me to kill the president, but I think that was about something other than servers...
Nah, it was servers. I was saying I couldn't think of a non-violent or even feasible way to have "sovereign" servers. But now I'm thinking it's all relative and you lowering the barrier to entry does help individuals gain some sovereign authority in the server universe
Okay yea I'm remembering that. It was about file storage and image hosting and the homeless guy's filmmaking!
Yes, we want to DELETE the barrier to entry. anyone on Earth should be able to have performant, persistent, secure, private, always-on, networked, censorship-impossible, server-like personal compute infrastructure whether they want to use it merely for a diary, for organizing communities of any size, or for building a new globe-spanning media empire.
Something about the way that was framed made me think "this guy is doing denialism about a system that doesn't let everyone have a stable IP address." You use a lot of hyperbole and I wasn't seeing that your actual idea is kinda close enough since you could help all kinds of technologies decentralize and spread explosively.
I'm not sure why I was clinging so hard to my commie views in that argument though - I've long believed in solving this issue with a form of capitalism anyway, those types of crypto that natively support smart contracts for file storage and stuff. This would also massively help drug addicts keep phones & encourage charities to help them get free phones because it would be easier to make money on having a phone instead of pawning it
♥️♥️♥️
I would also add, for fun: commies are more than welcome to use our technology. Ancaps too. And the politically disinterested, and addicts and normies and grandmas and and and lol
