Table of Contents

Part 2: The Web Was Never Decentralized

▀█▀ here are so many people today focused on "re-decentralizing the web". The

░█░ implied assertion is that when the web was invented it was born out of a

wonderfully optimistic vision of a decentralized and democratic future with

free information and free access that all of humanity would benefit from.

People would be well behaved and companies would only want to help make things

better with their services. The second part of the myth is that somewhere

along the line the web fell under the control of irresponsible corporations and

governments and was set on a path to being the "broken and centralized" system

that it is today. People who perpetuate these myths are misguided. They think

with just enough effort and good will that somehow the web can be

"re-decentralized" into something resembling the original web.

The only problem with this narrative is that none of it is true. Zero. Zilch.

Goose-egg. Nichts. Nada. The web was *never* decentralized and the

centralization and surveillance of the web for profit started almost

immediately after it was created. The web we have today is the result of 30

years of weaponization of the original design. With almost no decentralized

solutions for any of the nine problems of distributed systems, the global

surveillance capitalism system the web has become was absolutely inevitable

from the very first day that Tim Berners-Lee started writing code.

I'm sorry to tell you, but the web cannot be fixed. There's not enough tweaking

that can be done to make it more decentralized. The entire stack needs to be

reinvented using fully decentralized solutions to have any hope of making

things better. If we did that, what would we have? I don't think it would look

like the web we know, but it would be better.

If you're curious to refresh your memory before the analysis begins, here is

the original proposal for the world wide web:

World-Wide Web: The Information Universe

Getting the Story Straight

I spent the day today greping the internet for stories about the

"re-decentralize the web" movement. There are many of them and nearly all of

them repeat the lies I just debunked. I found two exemplary articles to

illustrate my point.

Decentralization: the next big step for the world wide web

Right away the author of this story gets wrong the history of the web when she says:

In the early days of the world wide web, which came into existence in 1989,

you connected directly with your friends through desktop computers that

talked to each other. But from the early 2000s, with the advent of Web 2.0,

we began to communicate with each other and share information through

centralised services provided by big companies such as Google, Facebook,

Microsoft and Amazon.

So, web centralization started in the 2000s and it was the fault of Google,

Facebook, Microsoft and Amazon? Really? This is not true. The first wave of

centralization of the web was promulgated by America Online (AOL) in the early

1990s. By the mid 90s, more than *half* of all internet users in America were

AOL subscribers. AOL had an all encompasing "walled garden" that wasn't

separated from the dialup and connect functionality. To connect to the

internet, users were forced to run AOL's version of it and for many users AOL

The gatekeeping done by AOL drastically reduced the sovereignty of their users

and it didn't go unnoticed. The wikipedia article on AOL mentions an article

from the 1990's that talks about how customers were mad even back then:

There have been many complaints over rules that govern an AOL user's

conduct. Some users disagree with the TOS, citing the guidelines are too

strict to follow coupled with the fact the TOS may change without users

being made aware. A considerable cause for this was likely due to alleged

censorship of user-generated content during the earlier years of growth for

AOL.

Why do the complaints from the 1990s about "...the TOS may change without

users being made aware." and "...censorship of user-generated content..." sound

so familiar? Oooh, that's right, because the community guidelines and

censorship rules keep changing on

Twitter

Twitter Again!

Facebook

Facebook Again!

YouTube

YouTube Again!

Nothing has changed. AOL did all of the same things back in the 1990s that

Facebook, Twitter, and YouTube do today. The web was never decentralized. Web

users have always been subject to gatekeeping, censorship, and monetization by

large tech companies.

The second article that I found is here:

Re-decentralizing the Web, for good this time

Nice title. Reading it made me think of only one thing, Lana Kane:

NOOOOOPE

Here's why. The author doesn't hesitate at all. The very first line is the lie.

Originally designed as a decentralized network, the Web has undergone a

significant centralization in recent years.

Again, the web has always been centralized, the decentralized feel came from

the fact that it was originally a centralized system that only seemed

decentralized because it was inefficient.

Farther down the article the author sort of goes in the right direction when he

states:

The concept of centralization does not pose a problem in and of itself:

there are good reasons for bringing people and things together. The

situation becomes problematic when we are robbed of our choice, deceived

into thinking there is only one access gate to a space that, in reality, we

collectively own.

On second thought, I disagree with a lot of this. I would argue that any

distributed system without solid decentralized solutions opens itself up to

corporate capture and centralization. The profit to be earned from that

centralization is a very strong motivator making the eventual capture and the

resulting robbery of our choice and subjugation to gatekeeping is inevitable.

Centralization will always put profits over user sovereignty. It's built into

the venture capital deals and corporate fiduciary responsiblity. Profit will

always trump users' interests.

What's NOT Helping

Tim Berners-Lee (TBL)—the inventor of the web—wrote a post a few years ago

outlining what he though were three major challenges to an open and free web.

Three challenges for the web, according to its inventor

In it he lists the challenges as:

I think the first point is an actual challenge, the other two are reflections

of his own personal politics. What is important to point out is that these are

all *symptoms* but not the *problem*. The problem lies with the fundamental

design of the web and the web browser and the only way to fix it is to

re-invent it from the ground up following the six principles of user

sovereignty to get a fully decentralized system for exchanging data on the

internet.

What Went Wrong?

Pretty much everything went wrong from the start. To refresh everybody's memory

here are the nine problems of distributed systems:

Of these nine problems, only three—coherence, coordination and persistent

state—were solved in an almost decentralized way. The other six weren't even

addressed. I'm not casting aspersions on TBL. It was impossible for him to be

malicious when we were all just ignorant. Back then nobody had a coherent model

and set of values for distributed system design. He was shooting from the hip

and can be forgiven for the shortcomings in the proposal. The point is, the

lack of decentralized solutions back in 1989 guaranteed the creation of the

centralized surveillance capitalism web that we have today.

Let's go through all of the problems and talk about how the web did or did not

address them.

Discovery

Discovery is the process by which new users/nodes find and connect with other

nodes to form a network or to join an existing one. In the case of the web,

you had to know the domain name of the web server ahead of time. Back in the

summer of 1992, I personally had a sheet of 8.5" x 11" lined paper with the

domain names of *every* web server in the world. If I recall correctly, it was

around thirty or fourty servers. Shortly after that, the publications that

tracked the BBS world began publishing directories of web server domain names

and it all culminated in the publishing of annual "internet guides" containing

reviews and highlights of places to go on the web. This is a fun read if you

want to know how us old-timers did it:

The Internet on Dead Trees

The discovery problem was quickly solved by corporations creating centralized

services. Back in 1994 we saw the rise of the first big search engines:

WebCrawler, Lycos and Infoseek. In 1995 Yahoo!, AltaVista, and Excite. Google

didn't start until 1998. It was Infoseek, one of the very first search engines,

that invented a business model around selling ad impressions on the web and

mining the data of the searches and tracking users. From its infancy, the web

was no safe.

Of course we all know the impact Google has on the web today. They weaponized

what InfoSeek invented and it is all possible due to the lack of a

decentralization from the start.

Introduction, Trust and Privacy

Introduction, Trust and Privacy weren't addressed at all in the early web. It

wasn't until the Secure Socket Layer (SSL) protocol in 1995 and later the

Transport Layer Security (TLS) protocol in 1999 that the web began using

cryptography to solve those problems. The only issue was that the solution was

the top-down centralized Certificate Authority (CA) system. Web site operators

and users alike had to pay lots of money and undergo scrutiy to be issued an

official certificate that would work in web browsers. This centralized rent

seeking and gate keeping meant that the web wasn't mostly encrypted until 2020.

What changed? The Let's Encrypt Project, started in 2012, began giving away

TLS certificates for free. By 2020 they had given away more than one billion

certificates and more than 90% of all web page loads use encryption.

However, all is not kittens and roses. The centralized CA system has been

abused by governments around the world to surreptitiously spy on web traffic

that users thought was encrypted. By forcing state telecoms and other root

certificate authorities to issue false certificates for domain names such as

google.com or facebook.com, government surveillance authorities can trick

browsers into thinking a connection to a web server is encrypted and private

when there really is a government spy in the middle. I can't imagine how many

people have been fined or imprisoned in corrupt countries using this spying

technique. The web's lack of a decentralized solution for these problems put

web users at risk, even today.

Coherence, Coordination and Persistent State

To it's credit, the web does completely solve the coordination problem. The

HTTP protocol does provide all of the capabilities to do all necessary

communication within the system. The other two problems of coherence and

persisitent state are the ones I identified as being half-solved in the orignal

web proposal. Clients that wish to reconnect to a web server (i.e. coherence)

only need to know the domain name of the server and their computer is able to

get the updated IP address of the server. The persistent state solution is the

storage of content in HTML files on those server. The web's storage model is

decentralized. Howevery, both solutions are only half-solutions because they

both rely heavily on the centralized Domain Name System (DNS). The DNS system

has been used by governments and abused by hackers to deny access to web server

and/or hijack them and take them over.

Public Services

In the case of the web, public services are web sites that offer publishing of

content. The web design had no easy way for new users to publish content and in

the beginning it was a daunting task. First you had to buy a domain name that

wasn't cheap. Then you had to set up a computer that would never crash and

would stay running even when the power went out. Next you had to get a web

server set up and then after all of that you had to hand program an HTML file

for your web server to serve to web browsers.

The original web proposal assumed that the web would only ever be used by

academics and business people with access to mainframes that were cared for

like prized ponies. It never occurred to TBL that his vision of a "world-wide

web" necessarily included all of the people in the world having access. Did he

expect that everybody would be tied to a university or a business to be able

to publish and contribute? No. He thought the web was mostly read only. He has

even said as much on multiple occassions. His new work is around building a

read/write web. Even he knows the lack of a decentralized public service for

publishing content is a major design flaw.

This non-solution left a gaping hole so large that the economic opportunity for

centralization by corporations has created more billion dollar companies than

anything else in history. The first company to tackle it was GeoCities. Back in

1995 they began offering a free space for users to create their own web page.

By 1997, GeoCities began placing advertisements on users' pages and despite the

negative reaction by the users, the site continued to grow. In 1999, GeoCities

was acquired by Yahoo for $3.57 billion in stock and it was the third most

visited site on the web.

Many other companies followed to fill in finer niches of the web publishing

market. Blogging took off with the launch of LiveJournal and blogger.com in

1999. YouTube for videos in 2005. Twitter for voyeuristically watching

celebrities, crushes and political enemies in 2006. SoundCloud for music and

audio in 2007. Github for open source software in 2008. The list goes on. All

of these companies are, or have been, valued at more than a billion dollars.

Those companies are now centralized and entrenched castles of surveillence

capitalism. They use the features of web server and web browsers to track users

everywhere they go and to monetize that data. In the case of Github being

purchased by Microsoft, that centralization threatens the independence of large

swaths of the open source software market.

Imagine if the web had been designed differently. What if the web browser had

also been a web server? Just downloading it would make it simple to browse and

publish. Would we have seen the rise of all of those companies? Probably

because the layers below the web—the domain name system, web servers, etc—also

had to be in place. But assuming there was a ubiquitous fabric for storing the

published data and keeping it available, it would have only taken a web browser

and server combination—the read/write web as TBL puts it—and all of those

companies may have been entirely unnecessary.

Membership

The last major non-solution in the original design of the web deals with

authentication and authorization. The membership problem is how users of a

distributed system form relationships with other users that have a higher

level of privileges. This can be an employee or admin accessing private company

documents. It can be friends sharing photos privately. The membership problem

allows there to be graduated privileges based on authentication

and authorization mechanism.

The web didn't get authentication until 1997. It operated for nearly a decade

without any way to differentiate users and delegate privileges. When

authentication finally came, it was bound to single domain names and it was

based on things users know (e.g. username and password). Because it was so

intimately tied to the centralized domain name system, there was no way a

user could be issued a credential that was portable across different web sites.

The solution didn't really come until 2005 with the invention of the OpenID

authentication protocol and later in 2009 with OAuth. Together they allow for

cross-domain authentication, letting users log into sites using their Twitter,

Google, or Facebook credentials. This too has many serious problems because of

the foundation it is built upon. It is tied to the domanin name system and to

large social media platforms because it isn't based on a portable credential.

As a consequence, if you use your Twitter credentials to log into many

different sites and then you say the wrong thing on Twitter and get banned, not

only do you lose access to your data you uploaded to Twitter but also to your

data that you uploaded to the websites you used your Twitter credentials with.

The same goes for logging in with Facebook and Google credentials. The best

solution for authentication and authorization on the web today is a centralized

one that magnifies the censorship power of the large social media platforms.

What could possibly go wrong?

It didn't have to be like this. The decentralized identity community building

the new standards around standard, portable, verifiable credentials have shown

us that we can have credential "wallets" and use them across sites and remain

fully in control of those credentials. With this new system for creating

trusted connections and verifiable credentials users maintain their

sovereignty. That is what decentralized membership looks like and the web has

like it, even in 2020.

Conclusion

In the light of experience hard won over three decades, it is now possible to

see exactly what went wrong with the web and when. It was *not* centralization

big tech companies like Facebook and Google. It did not happen in the 2000's.

The design flaws were baked into the cake from day one. It didn't become

worse, it just became more obvious.

So?! How do we fix it? Where do we go from here?

I know I like to joke about it being time to burn down the social media

platforms and break up the giant tech companies but that's just cathartic

ranting. The best news I have to give you is that we only have to ignore them

and build the internet we want from the ground up. I reject the status quo.

That's why this is only published in a Gemini space. I am building a ubiquitous

mixnet that is pseudonymous and private and encrypted by default. I am building

new user sovereign services that run on top of it. I no longer hate the social

media platforms; I no longer care about them. The opposite of love isn't hate,

it is indifference.

Do you still use Usenet groups? How about Gopher? (I know, I know, wrong crowd

to ask). When was the last time you chatted with a friend using ICQ or AIM?

How about the last time you played a Flash game on the web? Technology evolves

and obsolete technologies fade away. The interesting thing about Usenet and

Gopher and ICQ and Flash is that their users liked those tools even when they

switched away. They switched away because there were better alternatives, not

because they hated them.

Tons of Facebook, Twitter, and YouTube users actually dislike--and many

hate--them for how they treat their users. The arbitrary censorship and

demonetization coupled with the creepy surveillance and emotional manipulation

has created a very large and vocal group of anti-users. Many anti-users have

moved on to alternative services such as Gab and Bitchute but that won't bring

down the system. Why? Because the alternatives are just copy cats. They aren't

convincingly better. They are constructed within the same constraints and bad

architecture of the web that Facebook and Twitter and YouTube operate in. Users

don't believe Gab when they claim they won't censor posts and surveil their

users. Censorship and surveillance are built into the fabric of the web and

therefore any alternative built using the web will censor and surveil.

The only answer is to build a completely new stack from the ground up that is

fully user sovereign and decentralized. Then, and only then, can we build

information sharing and social applications that cannot be censored and cannot

be used for surveillance capitalism and societal manipulation. Users will have

the choice of what to see, hear, and read and what not to see, hear, and read.

Freedom is messy. If you want to be free you will have to build your own

fence, sweep your own sidewalk and work with your friends and neighbors to pick

up the trash in your part of the internet.

▪ .

.

█▀▀ █░█ █▀▀ █▀▀ █▀█ █▀ █

█▄▄ █▀█ ██▄ ██▄ █▀▄ ▄█ ▄

. ▛ ╿ ▋

▎ ▪ ╵ ▎ .

▏ ╵ ▏

Table of Contents