Is the serverless approach the future of software development? A case of Quiet
Tue, Aug 23, 2022 •8 min read
HOPE (Hackers On Planet Earth) is a unique event where IT professionals from around the world discuss the current state of the industry and come together to inspire, transform and share their highly innovative ideas. One of the concepts showcased during the last edition of the conference was a project we’re heavily involved in, Quiet - a local-first peer-to-peer communication app presented by its creator Holmes Wilson. What is so groundbreaking about Quiet and why does it matter? Keep on reading to find out!
Amongst many threats that await Internet users, privacy breaches and giving away personal data to big tech are probably one of the most worrying. We’ve basically agreed to sell our sensitive information to GAFAM (Google, Amazon, Facebook, Apple, Microsoft) in exchange for their services - Messenger, Whatsapp, Gmail, Instagram, etc. And they can easily disconnect the users from the service, while still owning and storing their data. The power imbalance is undeniable here. Luckily for us, human rights activists and fans of software freedom are actively looking for ways of giving power back to people. One of the organizations that strive to do that is Fight for the Future, a collective of artists, engineers, and technologists that campaign for a future where technology is empowering humans, not oppressing them. Fight for the Future co-founder, Holmes Wilson, is now building a peer-to-peer serverless communication app that people can use without giving ANY of their personal info away. And we are helping him along the way!
What’s the issue with the communicators we use right now?
There are two main problems with messengers we use on a daily basis - firstly, there is a huge risk of potential breaches, phishing attacks, and data leaks. When privacy is of the essence, using big tech apps is simply not a way to go. Secondly, those apps all rely on servers which is a problem on its own. Servers belong to corporations, so you depend on a third-party vendor not only for the quality of the service but also entrust them not to censor you in any way. Server dependence is obviously a major threat to the freedom of software. As Wilson pointed out during his HOPE2022 presentation, in areas that don’t depend on servers, like web browsers, media players, or document readers we don’t see high prices, almost any advertising, or massive data collection. And in areas that rely on servers heavily, like social media, e-commerce, or collaboration tools we observe high pricing, very few privacy protections, and an unhealthy amount of advertisement.
Two of the world’s most popular communication apps as of May 2022 were WhatsApp (31%) and Messenger (7%) both owned by Meta (previously Facebook). There are also other communicators that gained recognition recently and were praised for their superior privacy properties, but when we look closer, we see the holes in their performance. For example, although Signal tried to eliminate server dependency, it still remains powerful, and to use the app you need to log in with your phone number which is a potential data breach risk. In a perfect world, you shouldn’t be forced to give any of your personal data away to use an app as simple as a communicator.
Another possible angle when analyzing available messengers and group chats is their forkability. If you’re not satisfied with the way Slack works, there’s little you can do about it without losing access to your contacts that use the app. A fully forkable product allows its users to take its code, upgrade it as needed, and still be able to communicate with others who use the original version of the app. There are some messengers that are fully forkable, Quiet included.
What is Quiet and how does it work?
Quiet addresses the risks mentioned above by eliminating server dependency and allowing for full anonymity and privacy when using the app. It’s an encrypted peer-to-peer communicator that doesn’t require a server as all data syncs directly between the users’ devices over Tor. It’s a dream come true to fans of software freedom and all of those who value their privacy and wish to be more independent from giant corporations. It’s also entirely forkable and gives its users complete control over how they wish to adapt the code to their needs. Full software freedom!
Quiet syncs messages between devices over Tor, with no server needed. Each community (a group of people communicating via Quiet) gets its own isolated network, and the message synchronization is covered by OrbitDB, which is a peer-to-peer database for the decentralized web. The owner of a specific community (i.e. the person who created it) sends out the invitation code (which is basically a Tor onion address - unguessable, lasts forever, and is end-to-end encrypted by Tor) to their peers who then can join said community without the need of giving away any of their personal information.
Another great aspect of Quiet is that it’s completely forkable - anyone can take the code and adjust it to their needs without the fear of not being interoperable with the official version of Quiet. So teams working on a project, a group of activists, or anyone that likes the privacy and freedom of using Quiet, is able to upgrade the app as needed. That opens a sea of possibilities and releases us from the monopoly of big tech companies.
Quiet is still very much a work in progress. The roadmap contains adding features such as:
mobile versions of the app (at the moment Quiet is available on desktop only),
direct messaging (right now one can communicate within a community, not directly with its members)
joining multiple communities
and many others.
At the end of our roadmap, we have a completely decentralized, private, and secure communication platform independent of big tech influence, able to replace traditional messengers like Slack or Discord.
Please note that Quiet hasn’t been audited yet, so it shouldn’t be used when security or privacy is critical.
That’s a wrap!
Over the years, software became more and more dependent on company-owned servers which is a major threat to the free software movement. In order to hold power accountable, we need to think of new ways of using technology to the advantage of humans, not big tech companies. One of the methods to do so is to create brilliant serverless software products to compete with those that collect and sell our data, use heavy advertising, and make us dependent on third parties. That’s why we’re involved in creating Quiet - an encrypted p2p team chat that gives the power back to people!
Check out the case study to see the technical details of what we do in Quiet.