
Spideroak Kloak: Zero-Knowlege Social Networking - kevinSuttle
https://spideroak.com/solutions/kloak
======
daviddahl
Kloak's threat model is advertisers and data-miners. It is an experiment in
private social networking. It is part of a set of new applications we are
building at SpiderOak. Kloak is more or less a lab experiment in the UX of
private systems.

~~~
Taek
How does Kloak handle metadata? If people can see who you communicate with,
they can get access to your social network, which contains a lot of
information.

By seeing my location dozens of times, a company can figure out where I live.
They might not know what bar I went to last night but they will be able to
know that I visit Chipotele frequently.

It's better than nothing, but it seems like strong analytics could still
access most of the important information.

~~~
adrtessier
I was about to ask a lot of these questions of how deep the metadata layer
really goes - including using SpiderOak as the threat. It seems this is built
on Crypton, linked below; however, the paper itself [1] goes into a lot of
detail on what metadata SpiderOak could see, and what they can infer from it.

I am personally curious why p384/ECDSA was chosen; vs. p521 or
Curve25519+Ed25519. I assume this is because p384 is standardized and
recommended in NSA Suite B.

[1] [https://crypton.io/crypton.pdf](https://crypton.io/crypton.pdf)

~~~
daviddahl
p384 is the standard, yes, however, any future implementation of Crypton will,
I hope, move to Curve25518

------
sp332
Either show my location or don't. Randomizing in a four-mile radius is both
compromising and useless.

~~~
daviddahl
Making the location fuzzy was a notion I had - it's still not great. One
problem here is doing location name without calling any external APIs. We
store all place names in the app. Not ideal.

~~~
hackuser
How about four options:

( ) Accurate location

( ) Fuzzy location (within 4 miles)

( ) Super-fuzzy location (state/country and time zone)

( ) No location

~~~
daviddahl
yes! that is a much better set of options. I will file an issue.

~~~
darkmighty
How are you doing fuzzy locations? You're probably not doing it this way, but
note that just adding a random 4 mile radius vector to the users location in
insecure (against multiple samplings), you need to quantize it to a fixed set
like a 4 mile grid or something like that. I remember tinder made this mistake
and you could locate users very precisely anonymously.

~~~
daviddahl
The dataset of all towns in the world with > 1000 inhabitants is bundled into
Kloak. The GPS location was originally highly accurate, but we rounded down to
2 decimal places. So if your GPS coordinates match the center of the city
(rounded down), a place name can be generated. It basically will place you
near the center of the closest town, again, its naively rounded to 2 decimal
places. I want to go back to make this code a bit more sophisticated, with
more choices for the user.

~~~
darkmighty
Yea just rounding the coordinates is problematic at high latitudes. Curiously,
the problem of finding a "nice" quantization set on the sphere is a well known
mathematical problem called Spherical Coding [1]. But you don't need anything
this fancy I guess, you can just round the coordinates if the latitude is less
than e.g. 60 degrees , and if above you chose another pole and round the
coordinates with respect to the second pole. It would probably be a good idea
to add some hysteresis as suggested below too (so you're not localizable when
you're at one of the edges). Then you can give it some fancy name like
"Advanced location privacy protection" :)

[http://mathworld.wolfram.com/SphericalCode.html](http://mathworld.wolfram.com/SphericalCode.html)

[https://en.wikipedia.org/wiki/Tammes_problem](https://en.wikipedia.org/wiki/Tammes_problem)

------
level
I'm not an encryption guy, so I'm probably totally off base, but how does this
work in terms of decryption?

When you 'friend' someone, are you sharing your decryption key with that
person? That seems very vulnerable to mass data collection when you start
emailing it around to friends. Does each friend get a different key that you
can disable if you believe they've been mismanaging your key?

~~~
rifung
I don't know how they are doing it, but one way this could be solved is with
assymetric encryption.

If a person wants to see your data, that person asks you for it, and you use
their public key to encrypt your data, send it over, and then they can use
their private key to decrypt said data.

I doubt they are actually doing it this way as I imagine the overhead would be
very high, but it need not be as cumbersome as sharing a specific secret key
for each person.

~~~
tetrep
> I doubt they are actually doing it this way as I imagine the overhead would
> be very high

It wouldn't be very high, they could easily put the burden on the client to do
the encryption and like all practical public key encryption they only thing
you encrypt with the public key(s) is a symmetric encryption key that the
content is encrypted with.

------
ytjohn
I tested this out. I don't know anyone else to try with, so here is my contact
card:
[https://goo.gl/photos/yhVvYGfy9Vepcp1h9](https://goo.gl/photos/yhVvYGfy9Vepcp1h9)

I found one other person on G+ and imported their card. I saw it said "adding
to trusted contacts". I assume it means that they can read anything I post. I
went to timeline and saw nothing new from the other contact. I expect that
because I'm not one of their trusted contacts, I can't see what they have
posted.

Then I went into contacts. I can view the new contact but not do anything I
was expecting like adding to a group. The only thing I could do was delete the
contact.

Next I went to write a new post. There was no options I could find to choose
my audience. All posts you make will end up going to everyone in your contact
list. Hopefully there is a feature in the works to create something like
streams or target groups.

If I delete a contact, do they lose access to my posting key? Or do they
continue to be able to access all future posts I make?

~~~
daviddahl
My contact card is here:
[https://twitter.com/deezthugs/status/654457605650255872](https://twitter.com/deezthugs/status/654457605650255872)
I'll add you to my contacts now

~~~
ytjohn
I added you as well. I am deltafoxzed on Kloak

------
mstade
I've been wanting something like this for a long time: a private network for
those you trust and truly care about, offering actual privacy but without
requiring my less-than-technically-inclined friends and family an easy way to
opt in. I have hundreds of "friends" on Facebook, many I don't really know but
think of as potentially useful contacts to have. It's like a more casual
LinkedIn to me, you could say.

Funny note: "kloak" means "sewer" in Swedish. An apt name for most social
feeds, to be honest.

~~~
kseistrup
— and in danish ⌘
[https://twitter.com/kseistrup/status/675775244565655556](https://twitter.com/kseistrup/status/675775244565655556)

------
plesner
Really like the idea. Unfortunately name might work against them in
Scandinavia and other places where kloak means sewer (it has the same origin
as "cloaca" in English).

~~~
daviddahl
That is an unfortunate naming problem. Kind of ironic as social media can be
such a sewer!

------
andyburke
Is this just a loss-leader for their backup/storage service? I am a big fan of
not being the product, but how does this make money?

~~~
andyburke
Not to mention: if everything is encrypted using your password as a key, how
do your friends see your posts? Are they encrypted for each friend with that
friend's public key?

~~~
darkstar999
> Are they encrypted for each friend with that friend's public key?

That sounds about right. However this is a closed-source project, so I don't
see why it would be picked up by privacy enthusiasts.

~~~
daviddahl
No, it is fully open source from day one:
[https://github.com/Crypton/statusapp](https://github.com/Crypton/statusapp)

~~~
falien
This seems buried. Is there a reason it's not mentioned or linked on the kloak
page? I actually went looking for the code and couldn't find that repository.

~~~
daviddahl
The link to the source code is in the about screen in the app. Hardly buried.
I will have it added to the site, I was unaware of this.

~~~
falien
Thanks.

I figured it was likely in the app, but for an experiment like this, that
appeals to many of the ideals of an open source philosophy, I'm less likely to
bother installing it if I'm unaware that it's an open source project.

Obviously the appeal ultimately needs to be greater than just being open
source, but that initial bump can't hurt the outcome of the experiment.

------
newscracker
@daviddahl, is there any reason why this is not available from a browser and
instead seems to be available only through Android and iOS apps? If it's not
available from a browser, is there a plan to introduce that (when)? It looks
like desktops, laptops and other mobile platforms that have standard compliant
browsers are completely ignored.

------
legulere
The greatest problem is adding friends. It's very important that this is very
easy, without friends you can't communicate with anyone.

Possibilities for making it easier that are still privacy conscious include
IMO: Adding friends of friends. Adding people that are in your local wifi.

~~~
daviddahl
This initial version is is very deliberate about who you share with. The idea
is that the user is always in control of who anything is shared with. One way
to help create your social network will be an "opt-in profile page" that
others can view and collect your card via. Its in the works.

------
kijin
Just tried the Android app. The automatically generated xkcd-style passphrase
is really cool, but the app insists on storing it in the operating system's
credential storage with seemingly no other option.

As it happens, I don't have credential storage enabled on the spare device I
tested it on, so this was a bit annoying.

I've dabbled with several messaging apps from Signal to Telegram and a bunch
of others in between, and in fact this is the first time that an app tried to
make actual use of Android credential storage. I wonder what the advantage is,
and how other security-conscious apps like Signal are doing without it.

~~~
daviddahl
Yeah, Android < 5 is a PITA as there is no secure storage. I almost wish I
could make this app require Android 5.

------
politician
I don't see how you can trust any of these sorts of privacy apps without
compiling and side-loading them yourself. Even then, it's risky on a device
you really don't control (f.e. Are we sure that the wi-fi radio that the FCC
requires manufacturers to isolate from apps can't itself backdoor the device?
Will we always be sure that the app developer won't ever update the software
in a nefarious way?)

~~~
daviddahl
This is easy to do in this case, as the source is on github:
[https://github.com/Crypton/statusapp](https://github.com/Crypton/statusapp).
Also, you can run your own server if you like.

------
dumaspere
How would I keep up with developments from Spideroak? Their blog
([https://spideroak.com/about/perspectives](https://spideroak.com/about/perspectives)
?) does not appear to have an RSS feed.

------
spiralpolitik
Played around with it for 10-15 minutes. Looks like there are some good ideas
in there but the UX on the iPhone version lacks polish. Not sure about the use
of fixed width fonts.

Will play around with it some more but it does look promising.

~~~
daviddahl
The source/tracker is here if you want to file issues, etc:
[https://github.com/Crypton/statusapp](https://github.com/Crypton/statusapp)

------
marcusestes
Hm, could this be a business application of zkSNARK proofs?
[https://github.com/scipr-lab/libsnark](https://github.com/scipr-lab/libsnark)

~~~
Ar-Curunir
This thing doesn't really have anything to do with zero knowledge proofs.

------
free2rhyme214
This is a cool idea but it'll be tough to get people to switch from FB and
Twitter.

~~~
daviddahl
That is not the premise. The premise is that this is a parallel network for
your trusted friends and family, off limits to the data-miners at FB and TWTR

~~~
eps
That's a good approach. And probably the only one. Just needs some form of
vitality to help with spreading it, e.g. one-item sharing links/emails that
double as invitations that auto-whitelist recipients as followers.

------
fweespeech
Its not a bad idea but its not better than existing products [e.g. TextSecure]
in terms of actual privacy.

~~~
sp332
Signal (formerly TextSecure and RedPhone, now merged) isn't a social
networking app.

~~~
daviddahl
Correct, it is a texting app, and is fantastic. I did not want to build
another texting app. As a twitter fiend I wanted a private twitter-like
experience. Still, there is much to do.

