> Your service will be proxied by Internet.org. Since we cannot support SSL, TLS, or HTTPS as part of proxying, your content or service should not rely on passing or collecting encrypted information — resources that do so will not be accessible within Internet.org or will be dropped altogether. While we would prefer to support fully encrypted connections between user and website in all cases, proxying for third-party sites does not allow for this in its current implementation without introducing man-in-the-middle capabilities.
Catch that? They can proxy HTTPS for themselves, but they won't proxy HTTPS for "third-party sites."
Thus, Internet.org isn't even neutral between Facebook and other developers; Facebook gets special HTTPS treatment that nobody else can get!
> Q: Isn’t it strange that Internet.org wants to offer free basic services but has no email?
> A: If an email provider wants to comply with the platform guidelines that we are announcing, Internet.org would be glad to have it.
Well, yeah, but if that means someone would have to offer email service without HTTPS, so anybody can read my email unencrypted or even send email as me, is that even useful?
> proxying for third-party sites does not allow for this in its current implementation without introducing man-in-the-middle capabilities
Since they're just proxying, it makes sense to abandon encryption all together, not? I mean after all, HTTPS is supposed to protect from man-in-the-middle attacks, but aren't they themselves exactly that?
You can have HTTPS proxies which only connect to a predefined list of IPs if you want. Because this is a surveillance-value-based product, they don't want to do that.
(Given the Indian govt vs Blackberry, I wouldn't be surprised to hear that they had a hand in this somewhere. Very convenient if all mass political organisation goes through unencrypted facebook...)
You would be amazed by the number of webmails that still offer plain HTTP on their login page, and yet people use them. I'd say it's better than no Internet.
People won't know the difference but we should. We need to find the root of the problem. So far, it seems the root of the problem is that developing nations do not have access to a fat enough pipe to the Internet backbone. Now, why do developing nations not have a fat enough pipe to the Internet backbone? What's the reason here? We should try to fix that at the same time as we try to improve connectivity.
Just because I'm doing something for free does not mean I can half-ass it. People see my commitment and motivation in all things I do. So far, Facebook seems to really be interested in growth for itself as well as an effective shield against an upstart from upsetting them in the developing world.
My apologies for being cynical but we really need to make the infrastructure issue a bigger priority.
The pipe's fat enough. There's plenty of dark fiber. It's the last mile (wireless) that isn't cheap enough yet, because telcos want to protect themselves from being turned into dumb pipes before the users arrive -- internet.org is their smart pipe card (among similar, competing plans).
so anybody can read my email unencrypted or even send email as me
For webmail login it'd be a problem, but email is almost always sent over the Internet in plaintext; those who want encryption and authentication will be using something like PGP.
Your service will be proxied by Internet.org. Since we cannot support SSL, TLS, or HTTPS as part of proxying, your content or service should not rely on passing or collecting encrypted information — resources that do so will not be accessible within Internet.org or will be dropped altogether. While we would prefer to support fully encrypted connections between user and website in all cases, proxying for third-party sites does not allow for this in its current implementation without introducing man-in-the-middle capabilities.
“Websites that require high-bandwidth will not be included. Services should not use VoIP, video, file transfer, high resolution photos, or high volume of photos.” — Facebook points out that operators are giving up resources for the project for free, so this is a limit to prevent them totally being taken to the cleaners.
Perhaps HTTPS is too heavy for the large number of users on such crippled networks?
Assuming a dumb pipe, SSL is no harder on the ISP than unencrypted traffic. It's likely that they want unencrypted because the data is then easily cacheable, drastically reducing cost on network operators.
In the west, sure. But that can't be generalized to all over the world.
In some developing countries the internet connection costs of an operator can be very significant. High enough that it's been profitable to deploy expensive caches even for non-HTTP protocols, which account for a very small proportion of traffic. In the most extreme cases it's not just that the connectivity is expensive, it's that there's an absolute hard cap on bandwidth for a whole country, which is rationed among all the operators. No amount of money could buy a bigger portion in a sensible amount of time.
No JavaScript is also curious given their own React Native. Maybe they don't consider it "optimized for smartphones"?
No SSL/TLS/HTTPS is just ridiculous and flat out unacceptable in this day and age. I'd expect a "no HTTP" clause and not the other way around.
The linked technical guidelines from the original FB blogpost also seems to be dead:
https://www.facebook.com/docs/internet-org/platform-technica...
Better than their first attempt but still not the real thing. If you want to give internet for free to some people there are no alternatives than paying them a full blown data connection with no artificial limits.
I believe that my original comment of 2 weeks ago is still relevant:
"Dear Mark, this open-to-ISP initiative is one way to look at what you're doing. Another one is closed-to-most-of-the-Internet. Let's turn it into an open-to-all-Internet initiative (web sites, mail, etc - all protocols), with no other costs for service providers (web sites, etc) than the amount of money they're paying to get online right now. Then I'll believe you're really trying to help those poor people by giving them free access to the full Internet, not only to what you think they must be allowed to access. Forgive me if I'm skeptical about how unbiased you are about it. Thanks."
Facebook is a business. Don't be naive. They don't care for poor people, they care about getting money. They are even obligated to do so.
Don't expect business to solve all issues for humanity, because they won't.
A government is needed to take responsability we don't want to entrust business with and to do necessary things no business wants to do, and it needs to be strong to be able to do it even if business opposes.
The are not "obligated to do so". It's a myth that a business can't pursue anything but short-term gains. Executives have a lot of leeway in how they conduct their affairs and the only thing that can stop them is the board, which is often dominated by the founders, a few large investors or the CxOs anyway.
Remember "corporations are people, my friend?". If that idea can't be stopped, it should be coopted to imply that companies should behave morally above and beyond what the law requires. If we expect people to volunteer and donate, why not expect the same from corporations? That's not my idea, by the way. It's a trend called "corporate social responsibility".
There's also just too much ambiguity between "good business" and "morality" for any hard rules to apply. Is paying workers in poor countries a living wage a waste of money (and thus "illegal") or does it make business sense because it creates employee loyalty & good PR? Is Tim Cook wasting the shareholders' money when Apple spends a few million extra to power their data center with renewable energy or is that good PR, as well as future-proofing your investment?
In the case of Google & FB, their size creates a situation where any additional internet user creates so much value for them that it becomes economically viable to spend a significant amount of money to get that user online. In this case, the idea that "cooperations should only care about the bottom line" actually creates the insane situation that people like you argue that companies shouldn't do something simply because it _also_ happens to help people.
That's an old debate, are businesses more effective than governments at taking people out of poverty? I don't think people will ever agree on that, I believe businesses are more effective for the simple reason that they create things of value that people want to buy and work for, unlike governments.
It could also be said that although businesses primary motive is making money and not helping the poor, a politician's primary motive is getting elected and helping himself, his party, his cronies, his electors and than at the bottom of the list comes the poor. So don't be naive either in believing politicians have better motives and are more efficient at pulling the poor out of misery.
I agree that (some) people will probably never agree on the government vs private enterprise debate, but I will point out that prior to the welfare state and world war 2 wealth inequality was either high or growing rapidly: these are the historical facts.
So from history we learn that private enterprise reduces relative poverty primarily by destroying the capital of the wealthiest, not by distributing or generating wealth in the poorest part of the population.
Also to claim that governments that produces such things as the law, education systems, and national defence have no valuable products is a bit odd.
I don't think inequality is a problem, when people are completely free to exploit their full potential to succeed in life, this means some people will do way better than others. I'm very bad at playing the piano, basketball, painting of creating huge corporations, some people are very good at those things and a free economy allows them to do so. Good for them.
As for inequalities being a problem, as long as the quality of life improves for all, I don't see where's the problem. The poorest in America live longer and are more educated than the richest men in the world less than a century ago. Not bad.
> Also to claim that governments that produces such things as the law, education systems, and national defence have no valuable products is a bit odd.
If it's so valuable then why force people to pay for it? Nobody was ever forced to buy an iphone or a volkswagen. Anyway, my point is that government is not synonymous with goodness and corporations evil, which was parent's point. Both are made up of people who usually are not evil.
You're right, government does create value, sorry if what I said wasn't very clear. What I meant was the last part of the sentence, private enterprise creates things people want to buy, willingly so, government create things people are forced to buy by law, by the power of guns.
As for what you listed, many of these services could be provided by private enterprise and are in many country, successfully so, in fact more so than in the US.
They are not obligated to do so. They are obligated to do what the majority of the shares want to do, even giving all their money away in charity. If the CEO doesn't comply, the board elects a new CEO. Anyway the shareholders usually care about profit, even short term one, so companies as entities usually "care about getting money".
"[...] we frequently make product decisions that may reduce our short-term revenue or profitability if we believe that the decisions are consistent with our mission and benefit the aggregate user experience and will thereby improve our financial performance over the long term. These decisions may not produce the long-term benefits that we expect, in which case our user growth and engagement, our relationships with developers and advertisers, and our business and results of operations could be harmed."
It was easy to write that at the time of the IPO but as shareholder become more institutional I believe that the pressure for short term gains increases. I wonder where Facebook is now.
I was denied a .net in the mid-90s because I didn't even claim to operate internet infrastructure. Was too honest to add "and local infrastructure" to the usage statement and re-apply.
Since they are a business and are not obligated to do anything for the poor is precisely the reason why internet.org will harm future Zuckerbergs. Internet.org will become a gatekeeper of sorts. This eventual appstorification of the internet should be opposed in my opinion.
It's certainly not net neutrality but it might be more accurate to think of this as a heavily firewalled LAN; given what I know in general about the ingenuity of people in the areas that they're aiming this service at, they should expect a huge amount of tunneling, in various forms, if they attempt to restrict access in any way.
I think despite all our criticisms (especially noting that we as a community are far more aware of the consequences of net neutrality), we are missing the big picture. There is no net neutrality without the net. The idea of bringing internet access worldwide is a noble one, and though there certainly might be problems that arise in the attempt to get there, the entire Internet.org project, in my opinion, is a step forward in some fashion. Consider additionally the intentions of the project. While corporations do need to be profitable, ultimately I have the impression that Mark Zuckerberg is one of the less soulless CEOs, and I like that of all the ways he could've attempted to make more money, he chose one that has great benefits for people.
If it's a choice between Wikipedia and Facebook, or nothing at all, telling poor Indians they should only be allowed to have the latter seems quite cruel.
Yes, it's unfortunate they can't be given the whole Internet, but the fact they can get anything at all should be celebrated.
As an Indian, believe me when I say this: "We already have good internet". Our data rates are extremely cheap. I paid less than 1 INR per day (it costs more to get a cup of coffee, which costs around 5-10 bucks) while using Opera Mini on a Nokia dumbphone.
India has progressed beyond the point where rich corporations need to help our country. We have amongst the world's largest telecom industry and usage statistics. Everyone owns a cellphone, and more and more people are realizing the benefits of a smartphone (Whatsapp primarily, which is way cheaper than SMS).
A basic android smartphone costs 100 USD in India. If a person can purchase a smartphone that costly to "access the internet", they are rich enough to afford a data plan (which costs around 3 USD/month).
No, we should not be celebrating this.
(I hope this did not come across as a rant, slightly furious now).
>As an Indian, believe me when I say this: "We already have good internet". Our data rates are extremely cheap. I paid less than 1 INR per day (it costs more to get a cup of coffee, which costs around 5-10 bucks) while using Opera Mini on a Nokia dumbphone.
I don't know which part of the country you live in but most of rural India can't even pay Rs. 1 per day for the internet. Also they can't even afford smartphones.
I personally wouldn't care, and I think a lot of others would agree, that if they'd just called it something other than "Internet.org" - FacebookNet, FBnet, FaceLAN, Kwangmyong, whatever other name that does not suggest this is actually the real Internet; there wouldn't be so much opposition.
Instead they chose to acquire the internet.org domain (wouldn't the IETF be a better owner of that name?) and are calling it "Internet"; it's like a bait-and-switch. Maybe there should be regulations on what the phrase "Internet access" can be used to advertise, or the word "Internet" itself?
Saying that the choice is between partial access or nothing at all implies there can be no other option. Also something is not necessarily better than nothing; especially when that "something" influences societal norms or establishes powerful relationships.
Let's say everyone in a small country has to travel 10 miles every day for work. They can walk the 10 miles or sign up for a free car. You might say it would be cruel to deny people the option of a free car, especially if they see nothing wrong with the terms and conditions. But what if the cars can only tune to radio stations that peddle the same message? So what, it's free, right? Well, what if there are no seat belts, air bags, or turn signals? At some point it's conceivable what began as an obviously good deal can actually bring a lot of harm. Given that this particular deal requires no SSL, I don't think this car analogy is that far off.
We train them that way the internet is scarce, closed and walled.
The Internet used to be scarce, closed and walled in the US and Europe. People adjust to the new conditions as they develop.
A DSL line and a wifi router could cover a whole village and give the real deal.
You write "a DSL line" as if India wasn't a 3M km² country and with huge areas without even central electricity supply. What would be the cost of installing "a DSL line" for the 600k+ villages in India?
2g Internet in India already has high penetration, with most urban areas (any place with >10000 population) having 3g access.
I am not sure about DSL lines, but BSNL (Indian public telecom operator) has faced this exact issue 10 years back when telephones (landlines) were becoming commonplace in India. We got a personal phone somewhere in '98 I believe. It only took a few more years before the telephone lines had reached Dangoli (which is my remote native village).
Today, the very same village boasts of multiple telecom operators (cellular). We have done this in the past, and we are doing exceedingly well even today.
I wasn't criticizing India's development, just the plan of installing a DSL line for each village.
I am not sure about DSL lines, but BSNL (Indian public telecom operator) has faced this exact issue 10 years back when telephones (landlines) were becoming commonplace in India. We got a personal phone somewhere in '98 I believe. It only took a few more years before the telephone lines had reached Dangoli (which is my remote native village).
No doubt, yet there's a reason why your country has less than 28M landline subscribers, while it has 930M+ cellphones. Passing cable is expensive and inflexible (e.g. harder to upgrade). Mobile Internet access is a much more sensible solution for the current situation, in my opinion.
If you have electricity for a base station and charging phones, you also have for pbx and copper wire.
I pointed that out not because there wouldn't be electricity to run the DSL system, but to show how difficult it has been to run electricity supply cables. DSL would have the same problems. And it would be obsolete the day it got installed.
I just don't see ADSL being anything than a more expensive and less flexible alternative to mobile Internet for their current situation.
Why not disable encryption selectively for sites where caching makes the most difference like Wikipedia and leave encryption enabled in more sensitive areas like personal communication where caching makes much less difference anyway?
> We’re building an open platform and anyone who meets these guidelines will be able to participate,
They are anything but open.
They have already proven that they only care about "open" to get some traction about their new platform; once they have many people using it, they will lock down the garden.
This makes it seem more like a Internet.org is just a technical decision rather than Facebook trying to become the "new Internet" in emerging countries. However, I don't think this alleviates the net neutrality problems at all.
Too many types of Internet services are being excluded, which means it will inevitably create a "two-tier" Internet. There will be the 80-percenters in India who will only have access to "info sites" and then the 20-percenters who will be able do everything else. Maybe this wouldn't be so bad if it was a temporary 10-year solution. But what if this becomes permanent?
There is also the issue that internet.org is exclusively available to Reliance customers. You want free internet? Well, you will get it, but you have to accept the shitty telecom policies (non-internet) that reliance brings with it.
Reliance is also known to be trigger-happy ISP, with lots of censorship issues. (Reliance also owns a media company, and often bans torrent websites right after a release of their own films).
They want it unencrypted so they can snarf all of the data. You can tunnel SSL over HTTP though. App developers have no real worries, but regular content delivery via http isn't going to fly.
A step in the right direction, but it seems a bit half hearted. I'm not really sure what services HTTP-only, no JavaScript and few images gets you, but it's going to be a tiny subset of what's possible for most people in countries where Internet.org is targeted. The best solution as far as I'm concerned would be to give x gigabytes of data a month away for free, regardless of the protocol or type of data being transmitted.
Well finding a sustainable affable way to make money to sustain operations is essential. Offcourse privacy is important however providing access to the non biased internet should be a priority.
We should think about an innovative business model or employ traditional non-profit funding methods. You can e-mail me at phil@philippnagel.com if you wish.
I think you'll find "please donate to give free internet access to poor people in India" will be met with harsh, harsh feedback from the general public.
Unless you've got a rabbit in your hat, I don't see any way you're going to give people complete privacy while still providing free internet access. If there were a solution, don't you think we'd already have it in one of the western nations as an alternative to paid internet access?
You are probably right. Simply throwing money at the problem and obtaining money to throw in the first place might not be working.
One has to come up with a business model that is sustainable while providing free internet access. Sort of like Zenefits (http://www.zenefits.com) gives away their SaaS HR platform for free and makes money through insurance brokering.
No HTTPS? Really??