Diaspora is a federated social network designed to replace Facebook.

Side note: Diaspora performs better on Ruby "enterprise edition."

1 DIASPORA*

Diaspora was once designed to be a free personal web server that implements a decentralized (not distributed!) social networking service, providing a decentralized alternative to social network services like Facebook.

1.1 Limited scalability and privacy

Diaspora originally planned for a P2P architecture in a GNUnet like style as discussed on the GNU Social list, but apparently gave up on it later, opting for a TLS federation instead.

The federation is both a hindrance to metadata privacy and scalability, as has been discussed in the respective pages.

1.2 No end-to-end privacy?

Concerning end-to-end encryption their opinion seems to be as follows:

On Sep 25, 12:30 am, Raphael Sofaer <raph...@joindiaspora.com> wrote:
> Our view on this is that end-to-end encryption, while it would be cool,
> isn't practical, and isn't possible as a result.

> In order for such a system to work, every user would have to have a private
> key that they kept with them at all times.  If they keep it on a computer of
> their own, it is susceptible to loss and only usable from home.  The tools
> that might make it practical for non-technical users just don't exist yet,
> and nobody knows how to build them.

> That said, every Diaspora user created right now has his own encryption key.
>  We'd like for it to be possible for that rare technical user to hold his
> private key himself, and render his data unreadable by his server, without
> creating inconvenience for those he communicates with.

> Open to suggestions as always,
> Raphael Sofaer

This was the answer to following question from shadowfirebird:

> > So, end-to-end encryption.  By which I mean: the idea that the pods
> > only pass encrypted data and the only thing that encrypts or decrypts
> > is the web browser.

> > 1) Do we want this?  If not, why not?

> > 2) If we do, do we want it bad enough to compromise on other parts of
> > the design?  For example, if it turns out to be too difficult to do in
> > a browser, would we be willing to think about another client?

In fact attempts to entrust the browser with full end-to-end encryption have been made, with mixed results (see the controversy about Hushmail). Unfortunately the browser is the main client for Diaspora, making it impractical to use Diaspora in an E2E way. Also the complicated ruby-on-rails based server backend is unsuitable for being run on actual end-user computers, let alone mobile phones or router boxes, thus the TLS federation is a natural choice over a complicated P2P or pseudonymous routing protocol.

As it stands a few people can have their private keys to themselves, but since they are expected to be a minority each person they talk to exposes their privacy to a server. Maybe in the long run this can be improved, but for now, this is as far as Diaspora got.