From 3d18f1447ef22b297415fe1e1ce50b885c6f2e43 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Mon, 19 Dec 2016 22:20:45 -0500 Subject: More heading work and some content rearrangement. --- doc/about/about_hubzilla.bb | 123 ++++++++++++++++++++------------------------ 1 file changed, 57 insertions(+), 66 deletions(-) (limited to 'doc/about') diff --git a/doc/about/about_hubzilla.bb b/doc/about/about_hubzilla.bb index 61f5dd586..1117fd25a 100644 --- a/doc/about/about_hubzilla.bb +++ b/doc/about/about_hubzilla.bb @@ -1,8 +1,18 @@ -[h1]Project Overview[/h1] +[h3]Project Overview[/h3] $Projectname is a decentralized community server providing communications, identity, and access control services which work together seamlessly across domains and connected websites. It allows anybody to publicly or [b]privately[/b] publish a range of web/media/personal content. The cross-domain privacy implementation is unique and somewhat revolutionary, as identity and access rights are negotiated by servers invisibly in the background. + +$Projectname provides distributed web publishing and social communications with [b]decentralised permissions[/b]. + +So what exactly are "decentralised permissions"? They give me the ability to share something on my website (photos, media, files, webpages, etc.) with specific people on completely different websites - but not necessarily [i]everybody[/i] on those websites; and they do not need a password on my website and do not need to login to my website to view the things I've shared with them. They have one password on their own website and "magic authentication" between affiliated websites in the network. Also, as it is decentralised, there is no third party which has the ability to bypass permissions and see everything in the network. + +$Projectname combines many features of traditional blogs, social networking and media, content management systems, and personal cloud storage into an easy to use framework. Each node in the grid can operate standalone or link with other nodes to create a super-network; leaving privacy under the control of the original publisher. + +$Projectname is an open source webserver application written originally in PHP/MySQL and is easily installable by those with basic website administration skills. It is also easily extended via plugins and themes and other third-party tools. + + $Projectname is free and open source. It is designed to scale from a $35 Raspberry Pi, to top of the line AMD and Intel Xeon-powered multi-core enterprise servers. It can be used to support communication between a few individuals, or scale to many thousands and more. $Projectname aims to be skill and resource agnostic. It is easy to use by everyday people, as well as by systems administrators and developers. @@ -22,7 +32,7 @@ Along the way, $Projectname offers a number of unique goodies: [b]Privacy:[/b] $Projectname identities (Zot IDs) can be deleted, backed up/downloaded, and cloned. People have full control of their own data and content. Should you decide to delete all your content and erase your Zot ID, all you have to do is click on a link and it's immediately deleted from the hub. -[h2]Additional Resources and Links[/h2] +[h4]Additional Resources and Links[/h4] For more detailed, technical information about Zot, check out the following links: [list] [*][url=http://hubzilla.org]Hubzilla project website[/url] @@ -30,10 +40,10 @@ For more detailed, technical information about Zot, check out the following link [*][url=https://github.com/redmatrix/hubzilla-addons]Hubzilla official addons repository[/url] [/list] -[h2]$Projectname Governance[/h2] +[h4]$Projectname Governance[/h4] Governance relates to the management of a project and particularly how this relates to conflict resolution. -[h3]Community Governance[/h3] +[h5]Community Governance[/h5] The project is maintained and decisions made by the 'community'. The governance structure is still evolving. Until the structure is finalised, decisions are made in the following order: [ol] @@ -56,10 +66,10 @@ Community Voting does not always provide a pleasant outcome and can generate pol -[h2]Privacy Policy[/h2] +[h4]Privacy Policy[/h4] -[h3]Summary[/h3] +[h5]Summary[/h5] Q: Who can see my content? @@ -71,7 +81,7 @@ Q: Can my content be censored? A: $Projectname (the network) CANNOT censor your content. Server and hub administrators are subject to local laws and MAY remove objectionable content from their site/hub. Anybody MAY become a hub administrator, including you; and therefore publish content which might otherwise be censored. You still MAY be subject to local laws. -[h3]Definitions[/h3] +[h5]Definitions[/h5] **$Projectname** @@ -85,7 +95,7 @@ An individual computer or server connected to $Projectname. These are provided b The system operator of an individual hub. -[h3]Policies[/h3] +[h5]Policies[/h5] **Public Information** @@ -109,7 +119,7 @@ Comments to posts that were created by others and posts which are designated as $Projectname developers will ensure that any content you provide which is designated as PRIVATE will be protected against eavesdropping - to the best of their ability. Private channel content CAN be seen in the database of every involved hub administrator, but private messages are obscured in the database. The latter means that it is very difficult, but NOT impossible for this content to be seen by a hub administrator. Private channel content and private messages are also stripped from email notifications. End to end encryption is provided as an optional feature and this CANNOT be seen, even by a determined administrator. -[h3]Identity Privacy[/h3] +[h5]Identity Privacy[/h5] Privacy for your identity is another aspect. Because you have a decentralized identity in $Projectname, your privacy extends beyond your home hub. If you want to have complete control of your privacy and security you should run your own hub on a dedicated server. For many people, this is complicated and may stretch their technical abilities. So let's list a few precautions you can make to assure your privacy as much as possible. @@ -121,7 +131,7 @@ A decentralized identity has a lot of advantages and gives you al lot of interes * You can have a blocked hub. That means that all channels and content on that hub is not public, and not visible to the outside world. This is something only your hub administrator can do. We also respect this and automatically enable "Do Not Track" if it is set. -[h3]Censorship[/h3] +[h5]Censorship[/h5] $Projectname is a global network which is inclusive of all religions and cultures. This does not imply that every member of the network feels the same way you do on contentious issues, and some people may be STRONGLY opposed to the content you post. In general, if you wish to post something that you know may nor be universally acceptable, the best approach is to restrict the audience using privacy controls to a small circle of friends. @@ -131,32 +141,13 @@ $Projectname RECOMMENDS that hub administrators provide a grace period of 1-2 da If you typically and regularly post content of an adult or offensive nature, you are STRONGLY encouraged to mark your account "NSFW" (Not Safe For Work). This will prevent the display of your profile photo in the directory except to viewers that have chosen to disable "safe mode". If your profile photo is found by directory administrators to be adult or offensive, the directory administrator MAY flag your profile photo as NSFW. There is currently no official mechanism to contest or reverse this decision, which is why you SHOULD mark your own account NSFW if it is likely to be inappropriate for general audiences. -[h1]Features[/h1] - -[h2]$Projectname in a Nutshell[/h2] - -TL;DR - -$Projectname provides distributed web publishing and social communications with [b]decentralised permissions[/b]. - -So what exactly are "decentralised permissions"? They give me the ability to share something on my website (photos, media, files, webpages, etc.) with specific people on completely different websites - but not necessarily [i]everybody[/i] on those websites; and they do not need a password on my website and do not need to login to my website to view the things I've shared with them. They have one password on their own website and "magic authentication" between affiliated websites in the network. Also, as it is decentralised, there is no third party which has the ability to bypass permissions and see everything in the network. - -$Projectname combines many features of traditional blogs, social networking and media, content management systems, and personal cloud storage into an easy to use framework. Each node in the grid can operate standalone or link with other nodes to create a super-network; leaving privacy under the control of the original publisher. - -$Projectname is an open source webserver application written originally in PHP/MySQL and is easily installable by those with basic website administration skills. It is also easily extended via plugins and themes and other third-party tools. - -[h2]$Projectname Features[/h2] - +[h3]Features[/h3] $Projectname is a general-purpose web publishing and communication network, with several unique features. It is designed to be used by the widest range of people on the web, from non-technical bloggers, to expert PHP programmers and seasoned systems administrators. This page lists some of the core features of $Projectname that are bundled with the official release. As with most free and open source software, there may be many other extensions, additions, plugins, themes and configurations that are limited only by the needs and imagination of the members. -[h2]Built for Privacy and Freedom[/h2] - -One of the design goals of $Projectname is to enable easy communication on the web, while preserving privacy, if so desired by members. To achieve this goal, $Projectname includes a number of features allowing arbitrary levels of privacy: - -[h3]Affinity Slider[/h3] +[h4]Affinity Slider[/h4] When adding connnections in $Projectname, members have the option of assigning "affinity" levels (how close your friendship is) to the new connection. For example, when adding someone who happens to be a person whose blog you follow, you could assign their channel an affinity level of "Acquaintances". @@ -166,11 +157,11 @@ At this point, $Projectname [i]Affinity Slider[/i] tool, which usually appears a The Affinity Slider allows instantaneous filtering of large amounts of content, grouped by levels of closeness. -[h3]Connection Filtering[/h3] +[h4]Connection Filtering[/h4] You have the ability to control precisely what appears in your stream using the optional "Connection Filter". When enabled, the Connection Editor provides inputs for selecting criteria which needs to be matched in order to include or exclude a specific post from a specific channel. Once a post has been allowed, all comments to that post are allowed regardless of whether they match the selection criteria. You may select words that if present block the post or ensure it is included in your stream. Regular expressions may be used for even finer control, as well as hashtags or even the detected language of the post. -[h3]Access Control Lists[/h3] +[h4]Access Control Lists[/h4] When sharing content, members have the option of restricting who sees the content. By clicking on the padlock underneath the sharing box, one may choose desired recipients of the post, by clicking on their names. @@ -178,45 +169,45 @@ Once sent, the message will be viewable only by the sender and the selected reci Access Control Lists may be applied to content and posts, photos, events, webpages, chatrooms and files. -[h3]Single Sign-on[/h3] +[h4]Single Sign-on[/h4] Access Control Lists work for all channels in the grid due to our unique single sign-on technology. Most internal links provide an identity token which can be verified on other $Projectname sites and used to control access to private resources. You login once to your home hub. After that, authentication to all $Projectname resources is "magic". -[h3]WebDAV enabled File Storage[/h3] +[h4]WebDAV enabled File Storage[/h4] Files may be uploaded to your personal storage area using your operating system utilities (drag and drop in most cases). You may protect these files with Access Control Lists to any combination of $Projectname members (including some third party network members) or make them public. -[h3]Photo Albums[/h3] +[h4]Photo Albums[/h4] Store photos in albums. All your photos may be protected by Access Control Lists. -[h3]Events Calendar[/h3] +[h4]Events Calendar[/h4] Create and manage events and tasks, which may also be protected with Access Control Lists. Events can be imported/exported to other software using the industry standard vcalendar/iCal format and shared in posts with others. Birthday events are automatically added from your friends and converted to your correct timezone so that you will know precisely when the birthday occurs - no matter where you are located in the world in relation to the birthday person. Events are normally created with attendance counters so your friends and connections can RSVP instantly. -[h3]Chatrooms[/h3] +[h4]Chatrooms[/h4] You may create any number of personal chatrooms and allow access via Access Control Lists. These are typically more secure than XMPP, IRC, and other Instant Messaging transports, though we also allow using these other services via plugins. -[h3]Webpage Building[/h3] +[h4]Webpage Building[/h4] $Projectname has many "Content Management" creation tools for building webpages, including layout editing, menus, blocks, widgets, and page/content regions. All of these may be access controlled so that the resulting pages are private to their intended audience. -[h3]Apps[/h3] +[h4]Apps[/h4] Apps may be built and distributed by members. These are different from traditional "vendor lockin" apps because they are controlled completely by the author - who can provide access control on the destination app pages and charge accordingly for this access. Most apps in $Projectname are free and can be created easily by those with no programming skills. -[h3]Layout[/h3] +[h4]Layout[/h4] Page layout is based on a description language called Comanche. $Projectname is itself written in Comanche layouts which you can change. This allows a level of customisation you won't typically find in so-called "multi-user environments". -[h3]Bookmarks[/h3] +[h4]Bookmarks[/h4] Share and save/manage bookmarks from links provided in conversations. -[h3]Private Message Encryption and Privacy Concerns[/h3] +[h4]Private Message Encryption and Privacy Concerns[/h4] Private mail is stored in an obscured format. While this is not bullet-proof it typically prevents casual snooping by the site administrator or ISP. @@ -231,7 +222,7 @@ Private messages may be retracted (unsent) although there is no guarantee the re Posts and messages may be created with an expiration date, at which time they will be deleted/removed on the recipient's site. -[h3]Service Federation[/h3] +[h4]Service Federation[/h4] In addition to addon "cross-post connectors" to a variety of alternate networks, there is native support for importation of content from RSS/Atom feeds and using this to create special channels. Also, an experimental but working implementation of the Diaspora protocol allows communication with people on the Friendica and Diaspora decentralised social networks. This is currently marked experimental because these networks do not have the same level of privacy and encryption features and abilities as $Projectname and may present privacy risks. @@ -239,21 +230,21 @@ There is also experimental support for OpenID authentication which may be used i Channels may have permissions to become "derivative channels" where two or more existing channels combine to create a new topical channel. -[h3]Privacy Groups[/h3] +[h4]Privacy Groups[/h4] Our implementation of privacy groups is similar to Google "Circles" and Diaspora "Aspects". This allows you to filter your incoming stream by selected groups, and automatically set the outbound Access Control List to only those in that privacy group when you post. You may over-ride this at any time (prior to sending the post). -[h3]Directory Services[/h3] +[h4]Directory Services[/h4] We provide easy access to a directory of members and provide decentralised tools capable of providing friend "suggestions". The directories are normal $Projectname sites which have chosen to accept the directory server role. This requires more resources than most typical sites so is not the default. Directories are synchronised and mirrored so that they all contain up-to-date information on the entire network (subject to normal propagation delays). -[h3]TLS/SSL[/h3] +[h4]TLS/SSL[/h4] For $Projectname hubs that use TLS/SSL, client to server communications are encrypted via TLS/SSL. Given recent disclosures in the media regarding widespread, global surveillance and encryption circumvention by the NSA and GCHQ, it is reasonable to assume that HTTPS-protected communications may be compromised in various ways. Private communications are consequently encrypted at a higher level before sending offsite. -[h3]Channel Settings[/h3] +[h4]Channel Settings[/h4] When a channel is created, a role is chosen which applies a number of pre-configured security and privacy settings. These are chosen for best practives to maintain privacy at the requested levels. @@ -270,12 +261,12 @@ The options are: - Anybody on the Internet. -[h3]Public and Private Forums[/h3] +[h4]Public and Private Forums[/h4] Forums are typically channels which may be open to participation from multiple authors. There are currently two mechanisms to post to forums: 1) "wall-to-wall" posts and 2) via forum @mention tags. Forums can be created by anybody and used for any purpose. The directory contains an option to search for public forums. Private forums can only be posted to and often only seen by members. -[h3]Account Cloning[/h3] +[h4]Account Cloning[/h4] Accounts in $Projectname are referred to as [i]nomadic identities[/i], because a member's identity is not bound to the hub where the identity was originally created. For example, when you create a Facebook or Gmail account, it is tied to those services. They cannot function without Facebook.com or Gmail.com. @@ -295,53 +286,53 @@ $Projectname offers interesting new possibilities for privacy. You can read more Some caveats apply. For a full explanation of identity cloning, read the <HOW TO CLONE MY IDENTITY>. -[h3]Multiple Profiles[/h3] +[h4]Multiple Profiles[/h4] Any number of profiles may be created containing different information and these may be made visible to certain of your connections/friends. A "default" profile can be seen by anybody and may contain limited information, with more information available to select groups or people. This means that the profile (and site content) your beer-drinking buddies see may be different than what your co-workers see, and also completely different from what is visible to the general public. -[h3]Account Backup[/h3] +[h4]Account Backup[/h4] Red offers a simple, one-click account backup, where you can download a complete backup of your profile(s). Backups can then be used to clone or restore a profile. -[h3]Account Deletion[/h3] +[h4]Account Deletion[/h4] Accounts can be immediately deleted by clicking on a link. That's it. All associated content is then deleted from the grid (this includes posts and any other content produced by the deleted profile). Depending on the number of connections you have, the process of deleting remote content could take some time but it is scheduled to happen as quickly as is practical. -[h3][size=20]Content Creation[/h2] +[h4]Content Creation[/h4] -[h3]Writing Posts[/h3] +[h4]Writing Posts[/h4] $Projectname supports a number of different ways of adding rich-text content. The default is a custom variant of BBcode, tailored for use in $Projectname. You may also enable the use of Markdown if you find that easier to work with. A visual editor may also be used. The traditional visual editor for $Projectname had some serious issues and has since been removed. We are currently looking for a replacement. When creating "Websites", content may be entered in HTML, Markdown, BBcode, and/or plain text. -[h3]Deletion of content[/h3] +[h4]Deletion of content[/h4] Any content created in $Projectname remains under the control of the member (or channel) that originally created it. At any time, a member can delete a message, or a range of messages. The deletion process ensures that the content is deleted, regardless of whether it was posted on a channel's primary (home) hub, or on another hub, where the channel was remotely authenticated via Zot ($Projectname communication and authentication protocol). -[h3]Media[/h3] +[h4]Media[/h4] Similar to any other modern blogging system, social network, or a micro-blogging service, $Projectname supports the uploading of files, embedding of videos, linking web pages. -[h3]Previewing/Editing[/h3] +[h4]Previewing/Editing[/h4] Post can be previewed prior to sending and edited after sending. -[h3]Voting/Consensus[/h3] +[h4]Voting/Consensus[/h4] Posts can be turned into "consensus" items which allows readers to offer feedback, which is collated into "agree", "disagree", and "abstain" counters. This lets you gauge interest for ideas and create informal surveys. -[h3]Extending $Projectname[/h3] +[h4]Extending $Projectname[/h4] $Projectname can be extended in a number of ways, through site customisation, personal customisation, option setting, themes, and addons/plugins. -[h3]API[/h3] +[h4]API[/h4] An API is available for use by third-party services. This is based originally on the early Twitter API (for which hundreds of third-party tools exist). It is currently being extended to provide access to facilities and abilities which are specific to $Projectname. Access may be provided by login/password or OAuth and client registration of OAuth applications is provided. -[h1]What is Zot?[/h1] +[h3]What is Zot?[/h3] Zot is the protocol that powers $Projectname, providing three core capabilities: Communications, Identity, and Access Control. @@ -350,7 +341,7 @@ The functionality it provides can also be described as follows: - a relationship online is just a bunch of permissions - the internet is just another folder -[h2]Communications[/h2] +[h4]Communications[/h4] Zot is a revolutionary protocol which provides [i]decentralised communications[/i] and [i]identity management[/i] across the grid. The resulting platform can provide web services comparable to those offered by large corporate providers, but without the large corporate provider and their associated privacy issues, insatiable profit drive, and walled-garden mentality. @@ -360,7 +351,7 @@ Zot allows a wide array of background services in the grid, from offering friend You won't find these features at all on other decentralized communication services. In addition to providing hub (server) decentralization, perhaps the most innovative and interesting Zot feature is its provision of [i]decentralized identity[/i] services. -[h2]Identity[/h2] +[h4]Identity[/h4] Zot's identity layer is unique. It provides [i]invisible single sign-on[/i] across all sites in the grid. @@ -380,7 +371,7 @@ You login only once on your home hub (or any nomadic backup hub you have chosen) You cannot be silenced. You cannot be removed from the grid, unless you yourself choose to exit it. -[h2]Access Control[/h2] +[h4]Access Control[/h4] Zot's identity layer allows you to provide fine-grained permissions to any content you wish to publish - and these permissions extend across $Projectname. This is like having one super huge website made up of an army of small individual websites - and where each channel in the grid can completely control their privacy and sharing preferences for any web resources they create. @@ -391,7 +382,7 @@ This type of control is available on large corporate providers such as Facebook Access can be granted or denied for any resource, to any channel, or any group of channels; anywhere within the grid. Others can access your content if you permit them to do so, and they do not even need to have an account on your hub. Your private photos cannot be viewed, because permission really work; they are not an addon that was added as an afterthought. If you aren't on the list of allowed viewers for a particular photo, you aren't going to look at it. -[h1]Credits[/h1] +[h3]Credits[/h3] Thanks to all who have helped and contributed to the project and its predecessors over the years. It is possible we missed in your name but this is unintentional. We also thank the community and -- cgit v1.2.3