

Would you use a cryptographically secure social network? - lukev

All data (including fact-of data) would be encrypted. The <i>only</i> parties able to decrypt it would be those individuals or groups explicitly targeted by the author. The company/service itself wouldn't even have access to the data in its unencrypted form: you could expose the entire database with no privacy concerns sine. There'd be no need to trust any person or entity you didn't explicily choose to.<p>Obviously, this wouldn't be your "find an old friend" or "find people with similar interests" type of network. It would have one purpose and one purpose only: to allow you to communicate easily and securely with those you trust.<p>Assuming this sounds good, would you prefer to:
1. Use the service via a web-app (less secure, since it requires that you entrust your password/private key to a third party)
2. Use an open-source thick client or browser plugin (you maintain complete security).<p>The technology is definitely tricky, and it'd be difficult or impossible to monetize. But do you think it's worth researching/prototyping? It actually seems like one of the few remaining innovations in the social network space.
======
pelle
You might want to look at Tahoe LAFS as a basis for it:

<http://allmydata.org/trac/tahoe-lafs>

------
nfnaaron
2) complete security.

But its being impossible to monetize would prohibit there being a network at
all, wouldn't it?

You can do this already with email and pgp, or encrypted attachments and pgp.
You might get closer to the goal by making THAT easy for non-techs, rather
than adding the difficulty of creating a whole new social network as such.

~~~
lukev
Not at all. The network would exist - it would just be all encrypted and you
couldn't navigate it unless you held the key to each successive node. To the
end user, it could be more or less just like Facebook, and they could forget
that it was encrypted while using it.

It'd be hard to monetize because social network money (what there is of it) is
all based on contextual and targeted advertising, or on gathering user
statistics. Both would be impossible if all the data were encrypted.

------
yungchin
Well, (1) would be pointless: that means you're still decrypting server-side!

The way I see it, social networks are mostly just a reworked version of (email
+ mailing lists + usenet) in a form that appeals to non-techies. Now, adding
encryption requires quite a deep understanding of how the system works in
order for it to be useful (eg. how many non-techies would realise that (1)
defeats the purpose?), so it's really only for techies. But techies already
have GPG-encrypted email...

~~~
lukev
It would be pointless from an ultimate trust perspective, yes. But somehow I'd
still feel more comfortable with a company that (at least claims) to use my
key only to decrypt data immediately before sending it to me, than a company
that stores all my data in clear text and mines it and distributes it
internally as they see fit.

~~~
yungchin
I get the feeling, but rationally, that would be equivalent to a company that
simply promises (say, in the Terms of Service) not to mess with your data.

I may actually trust a company on such promises, but the real risk is in this
scenario: the company goes bust and some weirdos seize control of the server.
In that situation, it doesn't matter much that the data is encrypted, if the
keys are available too.

~~~
lukev
This could be alleviated if the server kept the user's key only on a per-
session basis and never actually stored it. I'm curious... how would you feel
about that?

Also, there might be a way to make a server transparent so people are more
likely to trust it... open-source the server code, of course, and expose the
entire file system as read-only could people could run a checksum on the
server executable to verify it's the same one? Of course there'd ultimately be
no guarantee that there wasn't networking trickery going on...

------
wmf
The whole affair is pointless since "privacy is over" or whatever, but for the
sake of argument...

Rather than putting encrypted data in a centralized service ("Hi, I don't
trust you at all but please host these encrypted blobs for me for free.") I
think a P2P social network (DiSo) makes a lot more sense.

~~~
lukev
The whole point would be to try to ensure that privacy is NOT over. Our
privacy is nearly gone, but that doesn't mean we can't fight to get it back.
And laws preventing companies from releasing data are NOT going to help - the
only ultimate solution is encryption.

And yes, it would be possible to implement it as a P2P social network, but
there's a few problems with that:

1\. P2P ties you to a particular machine. The whole point of having social
networks is that they work on all your devices.

2\. I've never been impressed with the performance of P2P applications and
I've never seen anything leading me towards a different opinion. I don't want
to use a social network where it takes me 30 seconds to bring up someone's
profile.

3\. P2P is technologically more challenging. I want the average user to
benefit from this, not just geeks.

These are perhaps surmountable if one could design the next generation of P2P
tools, but that drastically increases the scope of the project.

------
pelle
I would be interested.

I've worked on encrypted private blogs and document sharing before:
<https://wideblog.net/> and <http://wideword.net> (sorry certs are expired)

------
ilkhd2
yes. definitely. You can use javascript for decryption on th client side btw

~~~
lukev
How do I gain access to my private key in Javascript (without having the user
paste it in every time)? How do I store it between page loads without exposing
it to the server?

~~~
wmf
HTML5 storage.

