Hacker News new | past | comments | ask | show | jobs | submit login
Spideroak Kloak: Zero-Knowlege Social Networking (spideroak.com)
156 points by kevinSuttle on Dec 11, 2015 | hide | past | favorite | 66 comments

Kloak's threat model is advertisers and data-miners. It is an experiment in private social networking. It is part of a set of new applications we are building at SpiderOak. Kloak is more or less a lab experiment in the UX of private systems.

I can't tell you how excited I am to see it. It seems to me that there is no good reason end users shouldn't control their social networking info, to use (e.g., via third party apps, to backup, to migrate) and share as they see fit.

> threat model is advertisers and data-miners

So many threat models I see are hackers and malware. Those are important, but much more widespread are the threats you identify.

> It is part of a set of new applications we are building at SpiderOak.

This has me much more intersted in SpiderOak. What else is in the pipeline, if you can share?

> Kloak is more or less a lab experiment in the UX of private systems

Great. Even if Kloak itself doesn't work out (and I hope it does) it could be a step forward for everyone. It seems like the path to building non-private system is very well-established, but those who want to give their users privacy have much more to invent on their own. So thanks for making it open source too.

I dont think the NSA is the 99% threat model. It is data miners who are building up dossiers on all of us to sell to the highest bidder which will raise costs for all of us in the long run. think Insurance companies raising rates on how often you visit the online whiskey store.

We also released a password manager called Encryptr, but there is a larger project underway that I won;t say anything about yet as I am not in Marketing, etc:)

> I dont think the NSA is the 99% threat model. It is data miners who are building up dossiers on all of us to sell to the highest bidder which will raise costs for all of us in the long run. think Insurance companies raising rates on how often you visit the online whiskey store.

If we banned life insurance companies from considering age or medical status, rates would not go down for everyone--they would go down for the elderly and the very sick, and up for everyone else. In exactly the same way, insurance company "dossiers" would not "raise costs for all of us"--they would raise costs for the risky and decrease costs for the less risky.

> they would raise costs for the risky and decrease costs for the less risky

That assumes their risk model is correct.

Regardless, I don't want all my behavior evaluated and judged. You may feel otherwise, but it should be my choice.

In theory? Sure.

In practice?

Well, I wouldn't want to be, to pick one example out of millions, a med student, in an age when looking up medical knowledge damages your credit rating. It's not a very distant age.

If I may be so blunt - how are you planning on paying the bills for Kloak?

Don't get me wrong, it looks really, really interesting - but you still need money for it, where will it come from?

How does Kloak handle metadata? If people can see who you communicate with, they can get access to your social network, which contains a lot of information.

By seeing my location dozens of times, a company can figure out where I live. They might not know what bar I went to last night but they will be able to know that I visit Chipotele frequently.

It's better than nothing, but it seems like strong analytics could still access most of the important information.

You must approve all contacts who get a copy of your feed. There is no way to just follow others. It is a white-listed system. Analytics can only be performed by those you trust

I was about to ask a lot of these questions of how deep the metadata layer really goes - including using SpiderOak as the threat. It seems this is built on Crypton, linked below; however, the paper itself [1] goes into a lot of detail on what metadata SpiderOak could see, and what they can infer from it.

I am personally curious why p384/ECDSA was chosen; vs. p521 or Curve25519+Ed25519. I assume this is because p384 is standardized and recommended in NSA Suite B.

[1] https://crypton.io/crypton.pdf

p384 is the standard, yes, however, any future implementation of Crypton will, I hope, move to Curve25518

This is a centralized service, not distributed or decentralized?

Have you given any thought to making it compatible with federated social networks like Diaspora?

Would love to, which will require a bit of engineering on Crypton's server

Either show my location or don't. Randomizing in a four-mile radius is both compromising and useless.

Making the location fuzzy was a notion I had - it's still not great. One problem here is doing location name without calling any external APIs. We store all place names in the app. Not ideal.

How about four options:

( ) Accurate location

( ) Fuzzy location (within 4 miles)

( ) Super-fuzzy location (state/country and time zone)

( ) No location

yes! that is a much better set of options. I will file an issue.

How are you doing fuzzy locations? You're probably not doing it this way, but note that just adding a random 4 mile radius vector to the users location in insecure (against multiple samplings), you need to quantize it to a fixed set like a 4 mile grid or something like that. I remember tinder made this mistake and you could locate users very precisely anonymously.

The dataset of all towns in the world with > 1000 inhabitants is bundled into Kloak. The GPS location was originally highly accurate, but we rounded down to 2 decimal places. So if your GPS coordinates match the center of the city (rounded down), a place name can be generated. It basically will place you near the center of the closest town, again, its naively rounded to 2 decimal places. I want to go back to make this code a bit more sophisticated, with more choices for the user.

Yea just rounding the coordinates is problematic at high latitudes. Curiously, the problem of finding a "nice" quantization set on the sphere is a well known mathematical problem called Spherical Coding [1]. But you don't need anything this fancy I guess, you can just round the coordinates if the latitude is less than e.g. 60 degrees , and if above you chose another pole and round the coordinates with respect to the second pole. It would probably be a good idea to add some hysteresis as suggested below too (so you're not localizable when you're at one of the edges). Then you can give it some fancy name like "Advanced location privacy protection" :)



Grids are problematic because one can observe you at the boundaries, moving from one cell to another, so there are moments when you are very accurately localizable.

Ah yes good point (you'd be briefly localizable to a line), you'd need to add some hysteresis and delay for dynamical targets.

So something like

shown_pos(t) = mode(quantize(pos(t-j)),...,quantize(pos(t-j-k)))

For some delay j and hysteresis k.

I'm not an encryption guy, so I'm probably totally off base, but how does this work in terms of decryption?

When you 'friend' someone, are you sharing your decryption key with that person? That seems very vulnerable to mass data collection when you start emailing it around to friends. Does each friend get a different key that you can disable if you believe they've been mismanaging your key?

I don't know how they are doing it, but one way this could be solved is with assymetric encryption.

If a person wants to see your data, that person asks you for it, and you use their public key to encrypt your data, send it over, and then they can use their private key to decrypt said data.

I doubt they are actually doing it this way as I imagine the overhead would be very high, but it need not be as cumbersome as sharing a specific secret key for each person.

> I doubt they are actually doing it this way as I imagine the overhead would be very high

It wouldn't be very high, they could easily put the burden on the client to do the encryption and like all practical public key encryption they only thing you encrypt with the public key(s) is a symmetric encryption key that the content is encrypted with.

The way people "follow" you requires you to add them as a contact. Your contact card is basically a public key, but in a more human-understandable form.

I tested this out. I don't know anyone else to try with, so here is my contact card: https://goo.gl/photos/yhVvYGfy9Vepcp1h9

I found one other person on G+ and imported their card. I saw it said "adding to trusted contacts". I assume it means that they can read anything I post. I went to timeline and saw nothing new from the other contact. I expect that because I'm not one of their trusted contacts, I can't see what they have posted.

Then I went into contacts. I can view the new contact but not do anything I was expecting like adding to a group. The only thing I could do was delete the contact.

Next I went to write a new post. There was no options I could find to choose my audience. All posts you make will end up going to everyone in your contact list. Hopefully there is a feature in the works to create something like streams or target groups.

If I delete a contact, do they lose access to my posting key? Or do they continue to be able to access all future posts I make?

My contact card is here: https://twitter.com/deezthugs/status/654457605650255872 I'll add you to my contacts now

I added you as well. I am deltafoxzed on Kloak

If you delete a contact they will not see anything you post after that point in time

I've been wanting something like this for a long time: a private network for those you trust and truly care about, offering actual privacy but without requiring my less-than-technically-inclined friends and family an easy way to opt in. I have hundreds of "friends" on Facebook, many I don't really know but think of as potentially useful contacts to have. It's like a more casual LinkedIn to me, you could say.

Funny note: "kloak" means "sewer" in Swedish. An apt name for most social feeds, to be honest.

Really like the idea. Unfortunately name might work against them in Scandinavia and other places where kloak means sewer (it has the same origin as "cloaca" in English).

That is an unfortunate naming problem. Kind of ironic as social media can be such a sewer!

Is this just a loss-leader for their backup/storage service? I am a big fan of not being the product, but how does this make money?

(disclaimer: i used to work at spideroak, but not on the crypton project) I would chalk this up to R&D. I don't think they'll make any money off of Kloak but they do want to bring crypton (the framework on which Kloak is built: https://crypton.io/) into maturity. Another project of note associated with crypton would be the password manager Encryptr (https://spideroak.com/solutions/encryptr). I'm not sure they want to replace their backup/storage service with crypton (although their backup service could use more collaborative features, so R&D into crypton could improve that), but they probably are looking into building other privacy focused products on top of which a better/mature/battle-tested crypton would be necessary.

Not to mention: if everything is encrypted using your password as a key, how do your friends see your posts? Are they encrypted for each friend with that friend's public key?

They could be encrypted with a random symmetric key that is then itself asymmetrically encrypted individually for everyone in your network and provided to them through some means. This is also how the OpenPGP works.

You share the (wrapped) post key with all contacts when you add them as contacts

> Are they encrypted for each friend with that friend's public key?

That sounds about right. However this is a closed-source project, so I don't see why it would be picked up by privacy enthusiasts.

No, it is fully open source from day one: https://github.com/Crypton/statusapp

This seems buried. Is there a reason it's not mentioned or linked on the kloak page? I actually went looking for the code and couldn't find that repository.

The link to the source code is in the about screen in the app. Hardly buried. I will have it added to the site, I was unaware of this.


I figured it was likely in the app, but for an experiment like this, that appeals to many of the ideals of an open source philosophy, I'm less likely to bother installing it if I'm unaware that it's an open source project.

Obviously the appeal ultimately needs to be greater than just being open source, but that initial bump can't hurt the outcome of the experiment.

Aside of the closed-source aspect, that is a great way to run a secure peer-to-peer messaging platform / social network. I believe this is how iMessage also encrypts communication.

Doesn't GPG work in a similar way?

I would really love an answer to these questions.

Earlier in the thread I mentioned that Kloak came about as a UX experiment in private social networking. We are building on these concepts in another project that is underway now.

@daviddahl, is there any reason why this is not available from a browser and instead seems to be available only through Android and iOS apps? If it's not available from a browser, is there a plan to introduce that (when)? It looks like desktops, laptops and other mobile platforms that have standard compliant browsers are completely ignored.

The greatest problem is adding friends. It's very important that this is very easy, without friends you can't communicate with anyone.

Possibilities for making it easier that are still privacy conscious include IMO: Adding friends of friends. Adding people that are in your local wifi.

This initial version is is very deliberate about who you share with. The idea is that the user is always in control of who anything is shared with. One way to help create your social network will be an "opt-in profile page" that others can view and collect your card via. Its in the works.

Just tried the Android app. The automatically generated xkcd-style passphrase is really cool, but the app insists on storing it in the operating system's credential storage with seemingly no other option.

As it happens, I don't have credential storage enabled on the spare device I tested it on, so this was a bit annoying.

I've dabbled with several messaging apps from Signal to Telegram and a bunch of others in between, and in fact this is the first time that an app tried to make actual use of Android credential storage. I wonder what the advantage is, and how other security-conscious apps like Signal are doing without it.

Yeah, Android < 5 is a PITA as there is no secure storage. I almost wish I could make this app require Android 5.

I don't see how you can trust any of these sorts of privacy apps without compiling and side-loading them yourself. Even then, it's risky on a device you really don't control (f.e. Are we sure that the wi-fi radio that the FCC requires manufacturers to isolate from apps can't itself backdoor the device? Will we always be sure that the app developer won't ever update the software in a nefarious way?)

This is easy to do in this case, as the source is on github: https://github.com/Crypton/statusapp. Also, you can run your own server if you like.

How would I keep up with developments from Spideroak? Their blog (https://spideroak.com/about/perspectives ?) does not appear to have an RSS feed.

Played around with it for 10-15 minutes. Looks like there are some good ideas in there but the UX on the iPhone version lacks polish. Not sure about the use of fixed width fonts.

Will play around with it some more but it does look promising.

The source/tracker is here if you want to file issues, etc: https://github.com/Crypton/statusapp

Hm, could this be a business application of zkSNARK proofs? https://github.com/scipr-lab/libsnark

This thing doesn't really have anything to do with zero knowledge proofs.

This is a cool idea but it'll be tough to get people to switch from FB and Twitter.

That is not the premise. The premise is that this is a parallel network for your trusted friends and family, off limits to the data-miners at FB and TWTR

That's a good approach. And probably the only one. Just needs some form of vitality to help with spreading it, e.g. one-item sharing links/emails that double as invitations that auto-whitelist recipients as followers.

Its not a bad idea but its not better than existing products [e.g. TextSecure] in terms of actual privacy.

Signal (formerly TextSecure and RedPhone, now merged) isn't a social networking app.

Correct, it is a texting app, and is fantastic. I did not want to build another texting app. As a twitter fiend I wanted a private twitter-like experience. Still, there is much to do.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact