Initially released in 2011, MediaGoblin offers a free and open software alternative to centralized media publishing. Recognizing its privacy potential after Edward Snowden's NSA leaks, founders Christopher Webber and Deb Nicholson launched a campaign earlier this year to enhance the anti-surveillance platform with Federation, a tool that will give users the social experience of YouTube even amidst the decentralization.
Running on GNU, MediaGoblin allows user to upload videos, images, audio, and other types of digital media. But, unlike YouTube, Flickr, and Soundcloud, users control their own servers. And, if Webber, Nicholson, and the rest of the MediaGoblin community have their way, each users' media will be stored on Tahoe-LAFS, an encrypted server that does not know what data it stores.
In the midst of the campaign, Nicholson and Webber recently took some time talk about their work on MediaGoblin and what the Federation protocol will do. They also explained that in order to more effectively duck the prying eyes of the NSA, users should really have their own servers, which is made possible with MediaGoblin.
MOTHERBOARD: What was the impetus behind the original MediaGoblin project?
Webber: A couple of years ago there was a certain amount of awareness starting to be raised in the free and open source software community as far as if none of us are running our own servers, then there is no control on the back end. Everything is on these centralized servers, which is really scary for freedom.
And then something came out called the Franklin Street Statement, which was a big inspiration for me. At that point, there was a project called StatusNet on Identi.ca. I wanted to contribute to something in this space, and I was really interested in the area of media sharing.
So, you basically asked if any others were interested media sharing?
Nicholson: Yeah, Chris posted something on Identi.ca and found a whole bunch of folks, including myself, who were interested in helping.
Webber: Someone said we needed an alternative to Flickr, YouTube, and stuff like that. And I said, “I'm actually going to be working on something, and I'll be making an announcement in a few months." That pre-announcement exploded, and people began asking when it was coming out. It made me take the project much more seriously than I otherwise would have.
How is MediaGoblin's Federation de-centralized?
Webber: Anyone can run their own server. The code is out there, so anyone can take it and run it, the same as you can with WordPress and other things like that. That's layer one of things, and it already exists. You can already host an image or video site, and it's extensive and flexible. I think one of MediaGoblin's key features is that it's a free and open source software. Without software freedom, there is no network freedom, or really any computing freedom at all.
The really interesting part about modern media publishing sites is that people are used to these experiences that are centralized like commenting and the interactive [features]. You want to be able to preserve those social features. That's the part we're working on right now with the Federation layer, where you can have separate sites but sync the social components across the different nodes. You already have a sense of this with email, where people are on completely different servers. That's what we're trying to replicate, and which we're currently building out of this campaign.
Nicholson: If you're the NSA, you can contact a dozen websites and get 98% of the stuff that people are sharing with twelve letters. That's as easy and tempting as a giant pile of candy. Whereas sending letters to tens of thousands of tiny servers to get all of that data is like finding a needle in a haystack.
Did any particular technology inspire Federation as far as concept and design?
Nicholson: For the back end it's really the StatusNet code, then email when we were thinking about preserving those social components across servers and sites.
Webber: In terms of technical decisions, we decided to design it in Python for a number of reasons. First of all, we think Python is a very accessible language for people to get involved in, and we're having a lot of success with that already across a wide contributor base. We also use Pump API for Federation, as well as for web and desktop applications that connect to MediaGoblin. A really awesome contributor named Jessica Tallon is working on a Python library called PyPump using the Pump API, which should make it a lot easier for other Python applications to integrate the Federation protocol.
"If they can get ahold of the software, they can run it, and they don't have to ask for permission. They can run a server and nobody would know."
Will a lot of the campaign funds be used to pay people who are working on the protocol?
Nicholson: Yes, hackers gotta eat. [laughs]
In your privacy features section, it's mentioned that you want to have support for a crypto-storage system called Tahoe-LAFS. Can you talk about how it works, and how it's integrated with MediaGoblin?
Webber: When you're running media on your own server, you don't have a huge amount of local storage. So, maybe you can pass off the storage aspect to something else. You think of something like Amazon Prime or Rackspace, but they're centralized. OpenStack is a bit better, but it's still easily snooped on. One of the interesting things about Tahoe-LAFS is that the server itself has no idea what you've stored. Your server passes the encrypted files off to Tahoe-LAFS, and it has no idea what's on there.
Nicholson: Also, instead of having your data all in one hunk on one place in clearly readable text, you encrypt all of these different shards and store them all over the place. It's similar to how torrenting works, where everyone carries a little bit of the weight, but the shards of data are encrypted. LAFS stands for Lease Authority File System, so even if one of the places that is storing an encrypted shard is leaked or goes out of business, it's duplicated and it has built-in redundancy.
What would users see as far as a content management system in MediaGoblin 1.0, assuming they want to create, say, their own personal YouTube?
Webber: Setting up the site for the first time, users would be presented with the welcome view. They can register and create a user, and then they'd have the usual file upload option. If somebody is running one of these sites, they have the options of what media types they want to enable. They may want to run just a YouTube-type site, so they just enable the video option. Or maybe they want to also support audio, so they could select that as well in the initial configuration stage. From there, they can click a drop-down menu and just start uploading.
In 1.0, users will be able to go to other users' MediaGoblin sites and subscribe, which doesn't exist right now. We'll also make the uploading experience a little bit nicer than it is presently.
Nicholson: This is to really make it easy for those migrating over to this system.
It seems like this would have some interesting applications for activists and rebels.
Webber: I think the social aspect of this is a pretty significant component. We'd also like to free up the journalism aspect of things.
Nicholson: People could run it without being in touch with us at all. If they can get ahold of the software, they can run it, and they don't have to ask for permission. They can run a server and nobody would know.
How close to completion is the project?
Webber: We're getting close to 1.0. The YouTube and Flickr-like experience already works. What we've been lacking is the Federation component. Jessica Tallon did some of the early work on that, but we really need to wrap it up and polish it. But, in the free and open software community, people tend to work on whatever they're excited about, so we need to focus. I think we can get it done in the next year.
Nicholson: We need the dedicated time on the not-so-glitzy back end stuff to get to 1.0. We have a lot of people who want to work on more manageable projects in their volunteer category of time. So, finding someone else to work on the back end is going to be critical to meeting that goal.