OpenBook is a new initiative to set up an open source, privacy-friendly, fun and honest social network. The initiative started early 2018 and is currently raising funds via Kickstarter. We interviewed ethical hacker Vincent Ruijter, who is security engineer in the Open-book team about their new initiative. He shares his motivation to join the project, the product vision and manifesto, his security role and how people can help making OpenBook launch.
Honest and Privacy Friendly
First of all, what is Open Book?
OpenBook is a new social network site. It will have all the good things of a social platform, without the users being the product. Our aim is to be honest, privacy-friendly and secure by design. More information can be found in our manifesto on our website.
When and how did you get involved?
The OpenBook project was started by Joel Fernandez early 2018 (Joel is featured here on the swing, screenshot taken from the Kickstarter video) .
Joel, me and several other people in the team are colleagues at KPN at the security department. He had this idea of making the world a better place, by building a better social network. He started building it as open source on Github (now on Gitlab) and started talking to people about it. I have always been aware of the dangers of Facebook and have actually given lectures about this in the past via Bits of Freedom. Since 2014 I am no longer on Facebook. For me this is the perfect way to fix social media.
What exactly are the dangers or problems with Facebook?
The problem is that Facebook has too much data on anyone and that this data can be used for evil purposes. Since 2014 we know that Facebook has been running social experiments of people, without their consent. In 2017 it became clear that Facebook can influence elections. We should not place all our data in the hands of non-open social network companies.Has the GPDR been an influence on this project? Will it help?
GDPR is helpful in one respect: under GDPR regulations, people have the right to download all their personal data from Facebook and other networks. we are working on a feature that allows you to import this data to OpenBook, so that no data is lost when you switch from Facebook.
OpenBook Business Model
Is OpenBook just a project, or will it become a business?
A Dutch BV has been created and the idea is make an OpenBook company to make it sustainable. It will of course be a more than profit company: in our Kickstarter campaign we pledge to spend a large part of the profit on social causes. We use Kickstarter in order to get the initiative off the ground: we need some funds to make it right and it also helps in getting the word out.
For the business model, did you look at other open source initiatives like Github, WordPress, Linux?
I personally hope that we can have a business model similar to Fortnite, the popular shooter game. This game is free for anyone to play but one can pay for upgrades to your appearance in the game. In my view this is a fair and transparent business model where the service is paid for by users without forcing them to pay.
Since OpenBook is open source, anyone can take the source code, make a few changes and roll-out their own OpenBook2 network. Is this intentional?
No, OpenBook is not intended as a distributed network of networks. We made OpenBook open source in order to be transparent and so that other developers can contribute. Our focus is on building one good network. However we understand how open source works: If people want to use our source code in their product, they are free to do so.
Security by Design
Regarding security, what are you doing to make it secure?
As the term ‘Security by design’ suggests, we are taking security seriously from the beginning. As a security specialist we are making sure everything is set up securely, security guidelines are followed and the platform will be tested for security.
What is your experience with bug bounty platforms like HackerOne? Are these being used for OpenBook?
I like bug bounty platforms, but they should be an addition to a secure development life cycle, not a replacement. I have been active as an ethical hacker won such platforms. In the future we might start using such platforms, but for now we do not have the funds yet to pay rewards.
We noticed that Edwin van Andel, CEO of bug-bounty platform Zerocopter, is ambassador for the project and so is Ruben van Vreeland from Bitsensor. Does that mean that you will use their products?
Edwin, and other people on the team, joined OpenBook on a personal basis, because they are personally excited about our effort. Many people see the need for a new social network, and it is great to have so many people involved. We are also very proud that Phil Zimmerman, the found of PGP, is on board. He is currently in the Netherlands at KPN and Delft University.
You and several founders work at KPN. If and how is KPN involved in OpenBook?
KPN is not directly involved. We indeed work thee but are contributing to OpenBook in our own time. We did not ask KPN to sponsor us, since having corporate sponsors is not our vision for a OpenBook.
You are currently raising funds via a second Kickstarter campaign, after a first campaign earlier this month failed. What did you learn from the first campaign?
We made several changes. First of all, we are now focusing on a mobile version, rather than a website. Secondly we lowered the target amount to a more realistic amount. Thirdly we noticed that we were too late in generating publicity. We hope are expect that the second campaign will be successful. We made several improvements and we could use the publicity and contacts from our first campaign. In fact we have already reached the goal, so the second Kickstarter campaign is successful.
At StartupJuncture we notice that many people set their Kickstarter goals lower than the amount they actually need to deliver on their promises. Do you have a funding strategy? What will you do if you only raise a fraction more than the goal? Will you be able to build the network?
First of all, Joel is running this as a business and is investigating the business models. We have already started software development, so it is realistic to launch the network soon. Many people in the team are donating their time anyway, regardless of funding: I am happy to contribute part of my time to OpenBook. Of course, if the product becomes a huge success and many people will use the network, infrastructure costs will explode and we will need investment to keep it all running. But this is probably a good problem to have and we will find a solution.
If our readers are excited about OpenBook, how can they help?
First of all, be critical of what you share on which platform. Secondly, please help us make OPenBook a success by contributing to our Kickstarter campaign. We can use any donation to kickstart OpenBook. Thirdly, if people have development skills they can contribute directly via Github.
Finally, we need users. Spreading the news is important. Share our updates, retweet our tweets (https://twitter.com/Openbook_org) and put May 2019 in your agenda. We should be launching our mobile Openbook App around that time.