this post was submitted on 04 Jul 2023
35 points (92.7% liked)

Selfhosted

40133 readers
1006 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Heyo! I'm Afi, I have been working on Bespoke for the past 8 months. I have a good feeling about Bespoke and I think it can only reach it's true potential if it's only open source. My thoughts are below. Bespok's ultimate goals are as follows: -To engage in personalized marketing -To be trusted, because we do personlization

When we mention personalization, it involves gathering extensive user data, such as their behavior, purchase history, and browsing preferences. We understand that handling such sensitive information might lead to concerns about intrusion into users' privacy.

To establish trust in our system and demonstrate our transparent data collection practices, we have no choice but to open-source our software. By adopting an open-source approach, we can gain a competitive advantage in terms of trustworthiness and reliability.

Another crucial aspect of our long-term goal is to become a platform that facilitates data collection for any software operating on the internet. We aim to challenge the narratives surrounding companies like Facebook, TikTok, Google, etc., which have been criticized for exploiting user data to benefit advertisers. We believe that our approach can bring about a positive change, providing advertisers with an alternative platform where everything is conducted openly, instilling greater trust in the system among users.

I think the path forward towards the stated goals above is to start with a Mailchimp alternative. And eventually become the open source personlization marketing platform.

Hope you guys self host it today or sign up to check it out!

Don't forget to give a star on github ⭐

all 14 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 1 year ago (1 children)

Hello Afi, it's great that you've decided to open source your software and want to drive transparency. If you're willing to share, I have a couple questions.

While it's great that the data collection can be transparently observed, it's not just the actual collection that's problematic. Data ownership, protection, storage, usage, associating with other data sources, creation of personas (accurate or misleading) is concerning.

  • Do you have plans to address those in a transparent manner as well?
  • How about user choice in opting-in to data collection?
  • Or an observable deletion of the data (once collected) upon user request? In all the places the data is shared to?

Lastly, and unrelated, what made you choose an MIT license instead of say AGPL that would better protect your product/company while still being open source? I like the MIT license a lot, just curious.

Wish you the best in your open source journey!

[–] [email protected] 2 points 1 year ago (2 children)

Heyo!

I think I'll start with the last point you mentioned about data deletion. We have thought about this, easiest thing to do is to show what all data the system has on the user, and a button to delete it individually, or wipe the whole thing.

I think this point I mentioned is enough for the user to understand, what personas they belon to, what all things are getting captured and how are they getting targetted. Making all this transparent, and the user know how they are getting targetted would make a whole lot of difference in the industry compared to whats happening today!

Lastly about MIT All the lib and software used in the app is MIT, what else am I suppose to do :)

[–] [email protected] 2 points 1 year ago

Responding separately to the license bit...

MIT licensed projects (like the libraries, etc.) you're using allows it to be packaged with products that are governed by other licenses. MIT is a very permissive license and while I'm not advocating for a more restrictive license, I wanted to point that out.

The other point that @[email protected] pointed out is also a bit confusing about the conditional licensing. Can a commercial entity use this software as a MIT licensed software as long as the flag is set properly? If so, it would be helpful to delineate what functionality is restricted. I haven't seen conditional licensing based on run time settings before so I can't speak to that but it would concern me to use it in any commercial endeavor even if I agreed to the business license.

I hope you're taking these comments in the spirit they're written, asking for clarification and providing feedback to help and not just a critique aimed at a takedown. Cheers!

[–] [email protected] 1 points 1 year ago

Thanks for the reply, being able to see the data collected and then click delete is great. Does Bespoke keep all the data on its server and allows the customer to get aggregated results or does the customer get to download the raw data? If it's the latter, the delete functionality becomes... less functional.

Unsolicited advice from internet nobody: I think it's great to allow any kind of transparency in a very opaque industry, thanks for doing that. Since you don't/can't control the data usage after collection, I think leaning too hard into transparency and alluding to data sovereignty/privacy (by presenting yourself as an alternative to exploiting user data) might create unrealistic expectations (like it did for me). This is inviting unnecessary critique and distracting from your main message.

[–] [email protected] 2 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (1 children)

I mean, you can do whatever unless you dont use our OPEN_SOURCE=false features etc..

[–] [email protected] 2 points 1 year ago (1 children)

But since it's MIT licensed, couldn't I simply remove all the checks for the flag without violating the license?

[–] [email protected] 3 points 1 year ago (1 children)

Given that they thought they needed to license the whole project as MIT instead of say AGPL just because they use MIT libraries I don’t think they really understand open source licenses…

[–] [email protected] 1 points 1 year ago (1 children)

Yes, you can patch it out and do whatever you want. We encourage you to do that. Thus the MIT licence.

If we had it using AGPL, you need to get permission from us etc.. this is not a good thing. Dont ask permission, just do it in good conscience.

[–] [email protected] 1 points 1 year ago (1 children)

Ohh, I just made everthing MIT! just posted it as a seperate post!

[–] [email protected] 2 points 1 year ago (1 children)

Talking to partners, they suggested AGPL so went with that now. lol i just want to create software.

[–] [email protected] 1 points 1 year ago (1 children)

Sorry I wasn’t trying to be a dick, I re-read my comment and realize I kind of was haha. Honestly I think for your use case, AGPL makes the most sense. You get the openness you’re looking for while also protecting your business more than MIT by preventing other companies from taking your code and hosting their own version without every contributing back their modifications.

[–] [email protected] 2 points 1 year ago

:) thanks tho, I changed it to AGPL, even ppl from Hackernews suggested it. I hope everyone is happy now. I'm kinda happy too.