Stranger things have happened but could MaidSafe’s plan for an alternative internet actually float – or sink without trace?

Two years ago a little-known software company from Troon rather unexpectedly announced that it had raised $6m in the space of five hours by crowd-selling access to a new product they had not even yet created.

Through its own community forum, a developer mailing list and Google Hangouts, the firm in question, MaidSafe, had managed to excite enough people to invest in what was – and still is as I write – an idea. If it was a pitching effort on Dragon’s Den, you might expect to be told ‘you don’t have a business’, but that hasn’t stopped a dedicated team of developers run by a part-time lifeboat helmsman in a seaside town otherwise known for its golf course and its ice creams.

But for those who have supported MaidSafe over the last 10 years – friends, families and a grassroots on- line community (company COO Nick Lambert jokes that they are “one of the world’s oldest startups”) it is because of a deeply-held belief in their cause. That cause, not to put too fine a point on it, is to create a new internet.

As jaw-dropping as that sounds – it’s “bonkers” according to one of their advisers, Michael Jackson, the former COO of Skype, who has taken an active interest in the tiny firm which operates out of a ramshackle hut-like office – the idea is grounded in some pretty sound principles, as I am increasingly persuaded during conversations with both Lambert and Jackson.

To grasp why MaidSafe could potentially have a huge impact on the digital world, it helps to look back at the history of the internet, which was originally designed to be a means of communicating information across a decentralised network.

This idea came about in the mid-1960s and the first workable internet was ARPANET – a US Department
of Defense research project. It has been claimed that the intention of this project was to create a pool of critical government and military information spread across a network that could survive a nuclear attack, although those design goals are still debated.

Nevertheless, Lambert’s argument is that the internet has paradoxically evolved to become very centralised, with vast corporations holding much of our private information in remotely located data centres located around the world.

We trade much of our information – sometimes reticently, sometimes willingly – for access to many of the ‘free’ web services we enjoy: Facebook and Google to name perhaps the two most powerful. There is a tacit understanding – tied up in many, many pages of ‘privacy’ agreements that we accede to – that our information may be sold on to advertisers, hence why we don’t actually pay for any of these services.

It is that trade-off, a necessary one for the current free models to work, that has partly inspired MaidSafe – through the idea of its founder David Irvine – to establish an alternative internet, where the network is returned back to its original decentralised state, and where we can all exercise our fundamental human rights of privacy, security and freedom.

That is all very well, and more than a bit theoretical, but who can claim these days that they feel safe when browsing online that the many usernames and passwords they enter into websites
to access their banks, social media accounts and emails are immune from loss or theft by increasingly sophisticated hacking attempts?

You only have to think of the attacks on Sony and Talk Talk to realise that our data can be very vulnerable. And it’s not just a feeling.

According to the Breach Level Index – a survey by the world-leading digital security firm Gemalto – more than 3.6 billion data records have been exposed worldwide since 2013 when the index began benchmarking publicly-disclosed data breaches.

The report found that in 2015, ‘malicious outsiders’ were the leading source of these breaches, accounting for 964, or 58%, of breaches and 38% of compromised records, while identity theft remained the primary type of breach, accounting for 53% of data breaches and 40% of all compromised records.

These breaches increasingly leave people with the unnerving sense that they might be next, a sentiment echoed in last year’s Eurobarometer – an EU-wide survey of 28,000 people on the subject of data protection. The central finding of the survey shows that trust in digital environments remained low. Two-thirds of respondents said that they were worried about having no control over the information they provided online, while only 15% felt they had complete control.

So, if an alternative way of data storage and communications could be created, it would it would surely command a great deal of popular support.

And this is where companies like MaidSafe could potentially come in, with its SAFE (Secure Access for Everyone) network. Originally using the software language C++ (this has now been supplanted by Rust, a simpler, more efficient code) the company is about to launch its MVP (Minimum Viable Product) to the world, where it will hopefully demonstrate that SAFE not only works, but is much better than what we currently have.

“The SAFE network is a crowd-sourced internet replacing data centres and servers with users’ spare computing resources,” explains Lambert. “What we are creating here is an infrastructure and what we will be trying to do is engage with application developers like Dropbox, like social networks, who can then build applications on top of the network knowing that all the privacy and security considerations are taken care of.”

Although The concept is difficult to grasp – for me at least – the basic theory behind it is that the network is the users themselves. So rather than uploading our files to data centres and servers that are prone to theft (and surveillance, as the Edward Snowden revelations demonstrated), when we join SAFE we become part of a direct peer-to-peer data storage and communications network. There is no need for a middle man. This is revolutionary stuff, if it works.

There is also no fee for joining but a payment in kind: users donate their computing power and spare resources (the unused part of our hard drives) and in return they earn a cryptocurrency called Safecoin, which can be exchanged for access to services; those app developers are in turn rewarded in Safecoins which are earned according to the number of people using their applications; they can also be traded in for hard cash.

If MaidSafe became the alternative internet of tomorrow, Facebook’s business model might well collapse if it lost the advertising revenue from people’s data it potentially wouldn’t be able to see.

But it would have a new revenue stream through the amount of Safe-coins it was able to earn, creating a subscription model instead. Lambert believes companies might choose to hedge their bets by offering their applications on the old internet and MaidSafe’s new one; but what it does do is offer a competitive advantage to services which might struggle to break into the top tier of its market.

In cloud storage terms, Lambert says, that would help the 40 or so providers who sit beneath the likes of Dropbox, Google Drive and Microsoft OneDrive. The really clever part, in security terms, is that any data we may eventually store in the SAFE network is encrypted, broken into chunks and randomly distributed across all the users.

“The cool thing about that is those locations where that data is stored is constantly changing so if you turn your computer off, people still need to access it, so the network copies it across to another node that it knows is online,” says Lambert.

“So it’s making it even more secure, where in the centralised web it’s insecure because a lot of the time it’s not encrypted but it’s also not secure because the location stays the same and people generally know where to look.”

The retrieval process is also more secure because the password needed to access data is locally stored: all you need is a PIN, a keyword and a password. The pin and the keyword locate your data on the network and then the keyword delivers it backs to your machine, where the password decrypts it.

“The password never leaves your machine,” adds Lambert. “You never send your password to the network in the same way that you would with other services.”

I ask whether MaidSafe will protect locally stored passwords, and Lambert accepts there is still an issue with key-stroke logging software and ‘end-point security’; there are USB-type plug-in devices like Trezor, Lambert adds, but it is an issue they are alive to.

Another potential problem with the software, which is similar to blockchain technology (in that it is a distributed network), but crucially different because it offers complete anonymity, is that it could be used for nefarious purposes, which makes it harder for the security services to stop criminality.

While ideal for ordinary private citizens who want their digital footprint to remain private, it is not so great if you are GCHQ or the NSA. “I think this will present problems for security services,” adds Lambert. “But mass surveillance of data doesn’t actually get them anything. It’s been proven time and again that being able to read my emails and your emails doesn’t actually catch more terrorists. These events are so freak that nothing can predict them, so having this information is useless.”

Lambert adds: “The other thing is that it also presents opportunities for government, which has its own difficulties trying to hide information.”

Another interesting debate will be on the issue of rewards. The centralisation of Bitcoin through the growth in size of mining firms is at times detrimental to that network, Lambert argues. “It’s something we are acutely aware of,” he adds. “There’s no point having a decentralised network only for it to become centralised again, so we’ve put a mechanism into the farming (end users are ‘farmers’ and developers are ‘builders’) algorithm whereby you earn a certain rate until you get to about 20% above the average.

So let’s say the average amount of data stored on each node on the network is about 40GB; you will continue to earn up to about 50GB and then 20% above the average rate the earning algorithm will flatten out, so you won’t earn any more.” It sounds like a neat solution to stop power accumulating at the top but again you can also argue that hard-coding a rule into the network is interference in the concept of the free market.

MaidSafe is a company that has generated an awful lot of interest among its user community; to raise the amount of money it did through a grassroots crowd-sale is quite staggering. But without the product being rolled out, it’s very hard to quantify what its impact on the market will be.

We have all heard about attempts to disrupt existing business models, but to disrupt the entire internet seems like an impossible dream. When I catch up with Michael Jackson, who has moved on from Skype (he is now a partner of Luxembourg-based venture capitalist Mangrove Capital Partners), I’m keen to know whether MaidSafe is a horse worth backing.

“It’s a crazy thought,” he says. “That’s why I like it. But Skype itself was a pretty crazy project for a lot of people. I was involved with that right from the beginning. We had all of these people saying, ‘You can’t do it’, ‘You won’t do it’, ‘Nobody will let you do it’. But in the end the proof was there; we did manage to pull it off. And of course Skype had very few resources but it went on to make a pretty big impact.”

On the practical side, Jackson, who stresses he is a friendly adviser (he has visited the company in Troon, describing their office as a bit like a “Nissen hut”), says the promise and philosophy of MaidSafe is great, but the onus is now on them to deliver.

“For all the ideas, the proof is in the customers, or users, if you want to call them that.”

“It’s a massive project; the idea of turning the privacy concept of the internet on its head is really quite ambitious. And it’ll take a very long time to be meaningful. So I think what MaidSafe has to do is to push itself quite quickly into a position where people begin to see the value of it. Then they can get themselves behind the project.”

According to Lambert the MVP will be a quiet launch within the next few weeks. An excited developer forum is currently preparing for the open source network to arrive. Safecoin will take a while longer, but finally people will be able to understand what 18 staff – 10 in Troon and eight located around the world in countries like Australia, Slovakia and Brazil – have been doing, behind closed doors, for so long.