This is a guest post by Julia Powles, who researches and writes on law, science and technology at the University of Cambridge.

Maidsafe

One of the great things about the architecture of the internet is that it is truly decentralised. By design, no one rules it and everyone can use it. But in the last two decades, a small collection of global technology companies have come to control the bulk of internet traffic. Google, Facebook, and others have captured our attention and with it, our data. In the face of such consolidation, concerns about the implications for personal privacy and security have never been more pressing. This is particularly the case following the NSA/GCHQ global surveillance revelations. For many, the solution to this situation is to return the internet to its original state -- distributed, open, and decentralised.


Last week's announcement of Bitcloud, a theoretical peer-to-peer network project that bypasses centralised servers and uses individual devices as secure nodes for routing and distributing network traffic captured significant media attention. It is certainly not the first time that the idea of a peer-to-peer redesign of the whole internet has been vaunted, and it holds great appeal to those who think end-to-end encryption is needed.

But such a system, workable at scale, is still just a thought experiment. Or is it?

A Scottish company, MaidSafe, claims that it has nearly finished building a system that does what Bitcloud is proposing. You can imagine our scepticism when a company we've never heard of, in the tiny town of Troon, with a terrible name and a 12-minute promotional video told me it had solved one of the most compelling problems on the internet. I decided to talk to them. "Do they even have the internet in Troon?" a friend asked. "Yeah", I responded, "maybe even the future of the internet".

You be the judge. Here's what I have translated from the team of exuberant programmers who have been deep in code, deep in Scotland, for the past eight years, and are about to emerge from development to launch.


MaidSafe is a 16-person outfit working on a self-organising, distributed, server-free peer-to-peer network. Founder David Irvine has previously designed and run massive private data networks in Saudi Arabia and worked as a software engineer and serial entrepreneur. He started the company out of a belief that the current system for securing data is intrinsically vulnerable, since it depends inherently on trust in intermediaries. With relentless zeal and backed by nearly £3m in continuous private and angel investment, he's tracked down experts studying complex self-organising natural systems -- anything from ant colonies to neural networks -- as inspiration for a dramatically different network.

Unlike other cloud offerings, which utilise huge centralised data centres, this network utilises the combined resources of individual connected devices. Data are maintained in a fragmented state without accompanying metadata, and can only be restored with personal user keys. Irvine likens using the system to smashing a chair into millions of fragments and spreading them across all the planet's beaches. You'd never be able to find all those fragments and reassemble the chair, or to identify any meaningful information from a single piece. The only one who knows where all the pieces are is the individual user who scattered them in the first place.

Similarly, in MaidSafe's system, only the individual user possesses the login that locates all the data fragments stored on the network. This differs from any centralised system where the physical location of data is known and, as a result, vulnerable. It all depends on what you think is safer: sitting at home under a giant padlock; or milling around anonymously on open beaches, your possessions and identifying features strewn under scattered sandcastles.

The company has done a lot of modelling and testing on its full-scale network and claims it is near ready for launch on the back of early consumer products such as Surefile (an application that secures files stored on cloud providers such as Dropbox) and LifeStuff (free storage for all your data). The engineers are quick to reassure that the system has multiple levels of protection to prevent data loss and that it performs constant integrity checks to ensure that suspicious intervention is immediately controlled. In addition to robust security, it is a system that allegedly gets faster with use, contrary to experience with server-client models.


As an example, in trial tests conducted for the NHS ( which could do with a secure network), a MaidSafe enabled box to store DICOM images (x-rays, MRI scans, etc) was apparently able to reduce disk space requirements by 48 percent while operating at the same speed.

Though still foreign to 99.9 percent of the world and laden with its own legal and economic problems, Bitcoin demonstrates some degree of confidence in algorithms over administrators

The company, which to date has been championed only in the developer community, aims for openness in everything it does, from code and development to corporate structure -- perhaps the only way to be, when you are proposing something radical. Further, the business model is designed to be complementary to existing players (Facebook, Dropbox, Skype, etc), to offer greater efficiency of service, but with complete user privacy and control. So how do they intend to make money? How is this possible? What MaidSafe offers is a frictionless start-up platform to any developer -- any product available on the internet can run on this system, in any data format. Once products built on the platform turn a profit, MaidSafe will take a small cut, following the App Store model. Presumably the hope is that a user demand for privacy combined with a commercial imperative for speed and efficiency will ensure a licensing stream that eventually makes the company profitable. But overall, it seems that the team is primarily motivated by the vision that the internet could be a much more secure and effective ecosystem, and that the infrastructure already exists to make this possible.

There have been countless other projects aiming to re-decentralise aspects of internet services, but perhaps none quite as extensive as this. One obvious comparison is Diaspora, a social network project launched in 2010 in response to the initial wave of Facebook privacy woes. Like MaidSafe, it involves users jumping across to an alternative distributed network -- a jump too far for many. Disapora attracted some degree of funding, but it has failed to capture its audience. The same challenges exist for MaidSafe; though it is better prepared in terms of technical foundations, with many years of coding backed by a well-considered patent portfolio and a strong commercial outlook. It seems that the past eight years have been motivated by the philosophy of "build it and they will come". But the next stages will be all about selling.

Simple setup and ease-of-use will be essential. Abstract technology rooted in the brains of network engineers will need to be carefully pitched to stimulate developers' ingenuity and the creation of enticing applications for users.


One supporting factor is the rapid rise of Bitcoin, a truly decentralised digital currency. Though still foreign to 99.9 percent of the world and laden with its own legal and economic problems, Bitcoin demonstrates some degree of confidence in algorithms over administrators. If it can be done with money, in theory it can be done with data.

Other comparisons that spring to mind are Freenet and Tor, both of which anonymise communications at the publishing or routing stage, but in both cases data are stored on servers where there is the potential for re-identification. MaidSafe's fragmentation methodology claims to anonymise data, rather than just the identity of users. Like BitTorrent, Sync and Tahoe LAFS, it offers decentralised data transfer and storage, but it builds on those services by extending to all data and internet communications, private as well as public.

It's too early to tell whether the future of the internet lies in Troon, but it is certainly a very interesting proposition in light of the complex privacy, security and economic concerns at the heart of today's internet ecosystem, and would seem well worth considering for anyone who is attracted to the Bitcloud concept of a completely secure peer-to-peer data network.