Pondering Diaspora's Security
Aug. 26th, 2011 03:41 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
odaI really love Diaspora, but I have some significant reservations about recommending it to any users who are concerned about the privacy or integrity of their data. I would be thrilled if I were confident enough in it to be able to recommend Diaspora freely. However, I do not yet know enough about its internal structure to feel that I can do it in good faith.
Right now Google+ is having a great many privacy issues and is suspending users right and left in the #nymwars, which means that there are many people looking around for a new home. Diaspora is a strong contender. It's got great basic functionality and a clean UI that Google+ seems to have cribbed from. The privacy model on Diaspora is also great. It's the security that I'm worried about. Users need to know that their data can't be read by anyone they haven't authenticated to read it, and that it can't be deleted or modified by anyone but themselves.
Personally, I also love Dreamwidth, but I know that some people want the ease of commenting that Diaspora has, where all of the comments are kept in a stream, unlike Dreamwidth's more post-centric model. So I want to have somewhere to send people who want that instead, or who want to be able to run their own servers.
We're almost a year out from the Security Lessons Learned From The Diaspora Launch. How is the software doing now, security-wise?
When I go look at The Official Diaspora Wiki there is an empty red link pointing to Security Architecture Proposal. This is not exactly comforting. When is the Security Architecture Proposal due to be posted?
I know that the problems exposed in the review have since been patched, but is Diaspora moving forward in a way that avoids new problems? Has anyone examined the inter-server protocols for security flaws? Where would I go to look for more information on this? I'm not a coder, so I can't simply read the code, but I can usually follow higher level reviews done by coders or architects, and I would love to see a newer security review if such exists.
In my experience, security is immensely easier to maintain if it is built into software from the ground up. This is from the perspective of a system administrator, not a developer, but I have always found it easier to maintain software that started out with the intention of being secure. One example is sendmail vs. postfix. Sendmail started out very permissive, and as abusers figured out how to manipulate it, it became more secure in response. However it has always been troublesome to maintain and more likely to need patching, because that security wasn't part of its core design. Postfix was designed for security from the ground up, and is much less difficult to maintain.
Another issue that was exposed in the early code review was the lack of a design document or commented code. Again, I am not a coder, but I know that documentation is the heart's blood of any team project, and absolutely critical for being able to maintain code. Where is Diaspora as far as documentation goes?
(Mirrored to Google+) (Mirrored to Diaspora)
Right now Google+ is having a great many privacy issues and is suspending users right and left in the #nymwars, which means that there are many people looking around for a new home. Diaspora is a strong contender. It's got great basic functionality and a clean UI that Google+ seems to have cribbed from. The privacy model on Diaspora is also great. It's the security that I'm worried about. Users need to know that their data can't be read by anyone they haven't authenticated to read it, and that it can't be deleted or modified by anyone but themselves.
Personally, I also love Dreamwidth, but I know that some people want the ease of commenting that Diaspora has, where all of the comments are kept in a stream, unlike Dreamwidth's more post-centric model. So I want to have somewhere to send people who want that instead, or who want to be able to run their own servers.
We're almost a year out from the Security Lessons Learned From The Diaspora Launch. How is the software doing now, security-wise?
When I go look at The Official Diaspora Wiki there is an empty red link pointing to Security Architecture Proposal. This is not exactly comforting. When is the Security Architecture Proposal due to be posted?
I know that the problems exposed in the review have since been patched, but is Diaspora moving forward in a way that avoids new problems? Has anyone examined the inter-server protocols for security flaws? Where would I go to look for more information on this? I'm not a coder, so I can't simply read the code, but I can usually follow higher level reviews done by coders or architects, and I would love to see a newer security review if such exists.
In my experience, security is immensely easier to maintain if it is built into software from the ground up. This is from the perspective of a system administrator, not a developer, but I have always found it easier to maintain software that started out with the intention of being secure. One example is sendmail vs. postfix. Sendmail started out very permissive, and as abusers figured out how to manipulate it, it became more secure in response. However it has always been troublesome to maintain and more likely to need patching, because that security wasn't part of its core design. Postfix was designed for security from the ground up, and is much less difficult to maintain.
Another issue that was exposed in the early code review was the lack of a design document or commented code. Again, I am not a coder, but I know that documentation is the heart's blood of any team project, and absolutely critical for being able to maintain code. Where is Diaspora as far as documentation goes?
(Mirrored to Google+) (Mirrored to Diaspora)
no subject
Date: 2011-08-26 11:43 am (UTC)I see no sign that the Diaspora fans advocating Diaspora to regular non-geek disgruntled Facebook or G+ users understand this or why it's important.
no subject
Date: 2011-08-26 06:39 pm (UTC)I have been cautioning people about security when I give out invites, and I am not putting any data there that isn't mirrored elsewhere, but I still worry that someone might get stung.
(I do also wonder if it might be possible to give Dreamwidth display options that would make it more appealing to Facebook/Google+ refugees without breaking its essential nature.)
no subject
Date: 2011-08-26 07:56 pm (UTC)no subject
Date: 2011-08-26 10:19 pm (UTC)I wrote a post that was accidentally only to my aspects rather than public, and then deleted it, and forgot to update the references. Thanks for catching that!
All of the mirroring is a bit of a pain, but it's probably more convenient for people to be able to read where they want to, and it seems rude to post a link Dreamwidth on Diaspora if it's a post discussing Diaspora.
no subject
Date: 2011-08-27 11:14 pm (UTC)no subject
Date: 2011-08-28 12:34 am (UTC)One of the things that I really like about both Dreamwidth and Diaspora is that they both offer RSS. Diaspora I think only offers it on the public feed, but that is at least a good start, and much more friendly than all of the walled gardens.
no subject
Date: 2011-08-29 12:15 pm (UTC)no subject
Date: 2011-09-12 05:06 am (UTC)