

Ask HN: Social Nets - Can I have my data back please? - hypest

Hey HNers,<p>Social networks have proved that people can and will communicate online, sharing bits of their lives with their friends. Facebook with its millions of users is the modern and most successful example!<p>I would like to propose a possible improvement of the privacy-related issues that arise from the central design of such networks:<p>Use something along the lines of public key (PK) cryptography to hide the messages exchanged by users. Friends would somehow exchange public keys and a Javascript client would automatically encrypt/decrypt messages that are stored in the network. For example: a status update would be a long string containing instances of the actual "status message", each encrypted with the (public) key of the friend that is allowed to see it. The client at the friend's side, will decrypt the instance (and discard the rest, non-decryptable string) and show it as normal status update message.<p>That would create a sub-network, and yes, loosing the private key will be a very bad event!<p>Anyway, what do you think?
======
brk
What problem are you solving with this? It seems like you are adding a lot of
overhead and needless data to a simple system.

~~~
hypest
Well, many people raise privacy concerns about FB and (ofcourse) Google, as to
what these corporate bodies actually do with the data they collect. See for
example here
[http://www.schneier.com/blog/archives/2009/12/my_reaction_to...](http://www.schneier.com/blog/archives/2009/12/my_reaction_to.html)

There are not many good examples of privacy violation up to now, but as more
individuals participate and share info, the "problem" may rise.

You know, when "talking" with your friends, you actually want to do just that:
talk with your friends. It is rather unsettling to know that most probably
there are "eyes" that may watch over your info. These eyes are not FB's or
Google's (they just want to sell things).

My examples may not be the best...but I do know that day by day, I feel that I
lose hold of my data :(

~~~
brk
_I feel that I lose hold of my data_

OK, I understand what you are driving at. I still am a little confused by the
concept where you willingly post "your data" into the essentially open ether,
then lament that action.

How about not posting it to Facebook in the first place? It seems that the
implied contract with posting data into public places is that the data is in
fact public.

What you propose is interesting, but I'm not sure it provides even basic
security-by-obscurity. The keys would either have to be so overly distributed
to your friends that they essentially become public. Or the data stream has
the same message encrypted over and over again, which makes the size of the
data grow exponentially (and also most likely makes it easier to crack).

~~~
hypest
I'm referring to the "friend-space", where info is public but only among these
friends. I want to share stuff with my friends, and FB seems a rather good
technology for that!

The public key is used for encryption, not decryption, so anybody can have
it...To read a message I send you, you use your private key. The message will
be encrypted by me using your public key. So, any friend can send me a message
but only I can read it. If more friends are to be able to read the same
message, the string must actually include an instance of the message,
encrypted with the "other" friend's key.

------
aj
That is actually a cool idea. As an extension or a greasemonkey script, it
might actually work quite well

~~~
hypest
hm, you're right! I didn't think about greasemonkey ;) Perhaps a dedicated FF
extension would be perfect!

