> Wordpress has pretty high adoption, but there are very few companies which support wordpress integration, and if they do, it is at a much higher price (bluehost: $3/mo regular hosting, $20/mo wordpress hosting)
What's stopping you from getting the $3/mo package and installing wordpress yourself? The pain of learning how to administer and secure and update it, right? Urbit is (or claims to be) painless enough that you would install it yourself and not need to do any maintenance afterward.
> This blackhole mechanism is very much like spam problem, so it has all the usual questions: Is it going to be managed by someone? Does identity get un-blackholed after some time with no spam? Can you pay $$$ to make this process faster? Can someone blackhole whole galaxy? What if your computer gets malware which spams other users on your behalf?
This is all up to apps and users to handle. If you did write an app that defaulted to "accept messages from anyone" then you'd need to include some sort of "report spam" feature in it I suppose, but I think it's assumed that most apps would just ignore unsolicited messages. You could also do more nuanced rules, like "Ignore messages from accounts that are less than a week old; if the account is older than that, you can show me one message, but ignore any subsequent ones unless I respond to the first one." Up to the developer of the app.
> Looks like in this situation, your only hope is that your hosting provider kept your backups, and this is not guaranteed at all. So basically not much better than existing self-hosting systems.
"Your hosting provider might not do a good job of managing backups" is a) well outside of urbit's purview, and b) something I thought was pretty much a non-issue these days.
> Are you sure that every user will have different urbit credentials and admin credentials to the hosting provider?
At the end of th day, urbit is just an executable. You log in to your shell, you run ./urbit, and you tell it what to do. Anyone who can log in to your shell can run your urbit and tell it to do something you don't like. So of course you need to keep your login and password safe, and the host OS needs to be secure, and so forth.
But, if the claims of the people who made it are true, it should be impossible for J. Random Cracker to send a message to an urbit over the network that makes it do something bad. Not "we think we found all the buffer overflows" impossible, I mean "mathematically proven to be impossible" impossible. That's why they rewrote the thing from the ground up in such a hokey way. Whether they succeeded in, or whether that claim is laughably deluded, is something I'm hoping someone much smarter than me will definitively determine someday...
> Urbit is the server-app-container thing that would make my non-techy Mom want to pay $5/mo for a hosted server instance.
> Want to see what Bill Smith is up to? finger bsmith. Want to argue about politics? talk.politics. God, how simple things were!
> Urbit is designed to be essentially impervious to malware.
... and we ended up with:
> but one presumes that if you host an urbit on EC2, you'd also be putting cloudflare in front of its webserver
> If you did write an app that defaulted to "accept messages from anyone" then you'd need to include some sort of "report spam" feature in it I suppose,
> "Your hosting provider might not do a good job of managing backups" is a) well outside of urbit's purview,
> So of course you need to keep your login and password safe, and the host OS needs to be secure, and so forth.
So what are then advantages of urbit over, say, wordpress install with some plugins? So far I have heard:
- Universal identity system for other urbit users
- Automatic application update
- Some subset of security bugs has been eliminated
- Simple application installation
Wordpress (with plugins):
- Has OAUTH and facebook/g+ auth plugins
- Has auto-update functionality
- Written in PHP, which entirely eliminated at least buffer overflow bugs and concurrency bugs from the user-written code.
- I can find EC2 images with wordpress already installed -- just create a machine based on them and you are all set! And wordpress provides somewhat easy interface to install new plugins!
And apparently neither Urbit nor wordpress take care of the hard stuff:
- How to set up backups and make sure they will not fail 6 month in (and no, most hosting providers will not do this automatically for you)
- How to prevent malware on your personal computer from destroying all your digital life
- How to prevent SPAM while still allowing messages from people you did not know before
- How to monitor the server and fix it (restart?) when it fails
- How to select the hosting plans to optimize cost for the resources you want to use
Now, you may say that urbit does [will do] much more that wordpress, but so far you have not mentioned anything like that. Your original comment mentioned: mail server, minecraft server, and apps that "let you upload a file to the cloud and they let your friends access it". Wordpress does the last one, and from I understand, urbit will not be that great for the first two ones.
So it does not make sysadmin's life much easier, nor does it give you some killer features you cannot find anywhere. What's the point then?
Dude, it's an os, a container, a thing you write and run apps in. You want it to select a hosting plan for you and help you if you forget the password to the box it runs on?
Look, if you're a hacker, and you've got some time to kill, just download it and run it and spend an evening with the "Getting started" doc and writing a little bit of hoon. You'll figure out what it is and what it might be a lot faster than by asking questions on a forum. And if you're not, ignore it, it is nowhere near being useful for end users yet.
What's stopping you from getting the $3/mo package and installing wordpress yourself? The pain of learning how to administer and secure and update it, right? Urbit is (or claims to be) painless enough that you would install it yourself and not need to do any maintenance afterward.
> This blackhole mechanism is very much like spam problem, so it has all the usual questions: Is it going to be managed by someone? Does identity get un-blackholed after some time with no spam? Can you pay $$$ to make this process faster? Can someone blackhole whole galaxy? What if your computer gets malware which spams other users on your behalf?
This is all up to apps and users to handle. If you did write an app that defaulted to "accept messages from anyone" then you'd need to include some sort of "report spam" feature in it I suppose, but I think it's assumed that most apps would just ignore unsolicited messages. You could also do more nuanced rules, like "Ignore messages from accounts that are less than a week old; if the account is older than that, you can show me one message, but ignore any subsequent ones unless I respond to the first one." Up to the developer of the app.
> Looks like in this situation, your only hope is that your hosting provider kept your backups, and this is not guaranteed at all. So basically not much better than existing self-hosting systems.
"Your hosting provider might not do a good job of managing backups" is a) well outside of urbit's purview, and b) something I thought was pretty much a non-issue these days.
> Are you sure that every user will have different urbit credentials and admin credentials to the hosting provider?
At the end of th day, urbit is just an executable. You log in to your shell, you run ./urbit, and you tell it what to do. Anyone who can log in to your shell can run your urbit and tell it to do something you don't like. So of course you need to keep your login and password safe, and the host OS needs to be secure, and so forth.
But, if the claims of the people who made it are true, it should be impossible for J. Random Cracker to send a message to an urbit over the network that makes it do something bad. Not "we think we found all the buffer overflows" impossible, I mean "mathematically proven to be impossible" impossible. That's why they rewrote the thing from the ground up in such a hokey way. Whether they succeeded in, or whether that claim is laughably deluded, is something I'm hoping someone much smarter than me will definitively determine someday...