> threat model is advertisers and data-miners
So many threat models I see are hackers and malware. Those are important, but much more widespread are the threats you identify.
> It is part of a set of new applications we are building at SpiderOak.
This has me much more intersted in SpiderOak. What else is in the pipeline, if you can share?
> Kloak is more or less a lab experiment in the UX of private systems
Great. Even if Kloak itself doesn't work out (and I hope it does) it could be a step forward for everyone. It seems like the path to building non-private system is very well-established, but those who want to give their users privacy have much more to invent on their own. So thanks for making it open source too.
We also released a password manager called Encryptr, but there is a larger project underway that I won;t say anything about yet as I am not in Marketing, etc:)
If we banned life insurance companies from considering age or medical status, rates would not go down for everyone--they would go down for the elderly and the very sick, and up for everyone else. In exactly the same way, insurance company "dossiers" would not "raise costs for all of us"--they would raise costs for the risky and decrease costs for the less risky.
That assumes their risk model is correct.
Regardless, I don't want all my behavior evaluated and judged. You may feel otherwise, but it should be my choice.
Well, I wouldn't want to be, to pick one example out of millions, a med student, in an age when looking up medical knowledge damages your credit rating. It's not a very distant age.
Don't get me wrong, it looks really, really interesting - but you still need money for it, where will it come from?
By seeing my location dozens of times, a company can figure out where I live. They might not know what bar I went to last night but they will be able to know that I visit Chipotele frequently.
It's better than nothing, but it seems like strong analytics could still access most of the important information.
I am personally curious why p384/ECDSA was chosen; vs. p521 or Curve25519+Ed25519. I assume this is because p384 is standardized and recommended in NSA Suite B.
Have you given any thought to making it compatible with federated social networks like Diaspora?
( ) Accurate location
( ) Fuzzy location (within 4 miles)
( ) Super-fuzzy location (state/country and time zone)
( ) No location
So something like
shown_pos(t) = mode(quantize(pos(t-j)),...,quantize(pos(t-j-k)))
For some delay j and hysteresis k.
When you 'friend' someone, are you sharing your decryption key with that person? That seems very vulnerable to mass data collection when you start emailing it around to friends. Does each friend get a different key that you can disable if you believe they've been mismanaging your key?
If a person wants to see your data, that person asks you for it, and you use their public key to encrypt your data, send it over, and then they can use their private key to decrypt said data.
I doubt they are actually doing it this way as I imagine the overhead would be very high, but it need not be as cumbersome as sharing a specific secret key for each person.
It wouldn't be very high, they could easily put the burden on the client to do the encryption and like all practical public key encryption they only thing you encrypt with the public key(s) is a symmetric encryption key that the content is encrypted with.
I found one other person on G+ and imported their card. I saw it said "adding to trusted contacts". I assume it means that they can read anything I post. I went to timeline and saw nothing new from the other contact. I expect that because I'm not one of their trusted contacts, I can't see what they have posted.
Then I went into contacts. I can view the new contact but not do anything I was expecting like adding to a group. The only thing I could do was delete the contact.
Next I went to write a new post. There was no options I could find to choose my audience. All posts you make will end up going to everyone in your contact list. Hopefully there is a feature in the works to create something like streams or target groups.
If I delete a contact, do they lose access to my posting key? Or do they continue to be able to access all future posts I make?
Funny note: "kloak" means "sewer" in Swedish. An apt name for most social feeds, to be honest.
That sounds about right. However this is a closed-source project, so I don't see why it would be picked up by privacy enthusiasts.
I figured it was likely in the app, but for an experiment like this, that appeals to many of the ideals of an open source philosophy, I'm less likely to bother installing it if I'm unaware that it's an open source project.
Obviously the appeal ultimately needs to be greater than just being open source, but that initial bump can't hurt the outcome of the experiment.
Possibilities for making it easier that are still privacy conscious include IMO: Adding friends of friends. Adding people that are in your local wifi.
As it happens, I don't have credential storage enabled on the spare device I tested it on, so this was a bit annoying.
I've dabbled with several messaging apps from Signal to Telegram and a bunch of others in between, and in fact this is the first time that an app tried to make actual use of Android credential storage. I wonder what the advantage is, and how other security-conscious apps like Signal are doing without it.
Will play around with it some more but it does look promising.