If it is exactly 1 km you could triangulate to find someone's location.
A program to do that would do a bisection search along a line (faking coordinates for the location of the device) to find the point on the line where you transition to seeing the person's messages. Then, repeat along other two lines in different directions. Each transition point gives a circle of 1 km radius on which the person is present, and the one point shared by all three circles is their location.
This could be mitigated by rounding off coordinates to be coarse enough that it doesn't give their precise location before calculating the distance.
Grindr as well, which due to the nature of that app could have had bad effects should someone with ill-intent take advantage. There were even a few apps in the Google Play store that would pinpoint other grindr users.
Yep, this is a big problem in the human rights space these days. When we train on apps with LGBT communities in the Middle East and Africa, we have to spend a lot of time on this issue.
Could this be defeated by a "snap to grid" technique? The installed client takes the actual location of the user and locates the nearest grid point (the resolution of which is up for debate) and reports as at that location?
Due to the fact that distance matching is done server side the application doesn't have any knowledge with regard to distance. The only knowledge one has is whether or not one receives messages from an other user.
Using triangulation to pinpoint an other users location would therefore require to move in and out of range (while the targeted user is continuously sending messages). Thus significantly more difficult than if the actual distance measure was depicted in the UI or leaked elsewhere.
Finally closing the API to outside requests limits the ease with which the above could be automated. Any idea's for further improving these security measures are most welcome!
> Using triangulation to pinpoint an other users location would therefore require to move in and out of range (while the targeted user is continuously sending messages).
> would therefore require to move in and out of range (while the targeted user is continuously sending messages).
That, or a number of co-operating clients located at various locations in and out of the range.
A simple fix would be to have every sender generate a random vector of random length 0-100 meters (and re-generate every time you've moved at least 100 meters, you don't want to regenerate if the sender doesn't move as you'd be able to zero-in on a prolific sender), and have the message "originate" from the end of that vector.
How exactly do you close the API to outside requests? It's not hard to reverse engineer most APIs, either by decompiling the app or just watching the wire.
I can't tell how it works from the site, but a good approach is to randomize the distance threshold a bit each time. For example: if users are within 1km, always connect; if more than 2km apart, never connect; 1.xkm apart, connect with probability x.
That kind of thing combined with some rate limits (how often one can attempt to connect to a user) should be effective.
(edit) Actually, I think I like mseebach's suggestion even more: For each user, pick a random location about 100m away from them, then pretend they're there until they've moved far enough away, then repeat.
I am not sure if your original solution will actually work.
For example an attacker can just spoof enough accounts to sample from your distribution to figure out the true center. Imagine spoofing a grid of users with let's say K fake accounts per dot, then if you plot the histogram of who managed to connect you will see a very clear bump in the 2d histogram in the shape of circle.
There are many solutions to this, some already listed. For best effect apply all of them together: Rate limiting api requests and movement, hysteresis on distance, randomness on distance, snap to grid, increasing randomness the more you seem to be trilaterating, etc.
Some of thrm will also solve the problem of just discovering a user, starting a chat and then instantly loosing them, even though you were both siting still, as you were on the border.
I don't understand the anonymous angle. Why does everything have to be anonymous now? Like, you know if it uses the internet or touches a switch/router/server etc outside of your own home at any point that it's certainly, most definitely NOT anonymous at this point.
Anonymous has become a pointless buzzword in this NSA-era we be living in. Just say it's a hyper-local instant messaging app, because any half woke individual will know that nothing on the internet is anonymous really anymore. A percentage of all our internet activity is sitting on a rack somewhere in the Utah desert.
There is a difference between the NSA being able to trace your identity vs. a profit-driven corporation being able to connect your identity to your online speech, location, and contacts. The first is governed by due process and need-to-know, the second is essentially public knowledge if the ad-tech revenue is sufficiently tempting.
Even in a pseudonymous environment where the venue operator presumably knows who you are (like HN), the assumption that other users cannot easily trace your words to your IRL identity reduces friction in communication. Environments where everyone publicly posts under their real identity, with those posts retained forever, tend towards low-information social signaling.
Doesn't look like the application shows the distance in the UI. As long as they don't leak it in the packets (hopefully they don't given how they claim anonymity) triangulation would require the target to be sending messages continuously on a consistent interval for you to detect whether or not they are at the 1 kilometre 'border.'
I founded an anonymous social media platform in the past. It can be a real pain because once identity/accountability is removed, people tend to act very poorly. On paper, I like your idea of helping people to form risk-free connections, but it is very possible for your platform to spin out of your control. The small radius location nature of your app will likely mean a lot of negative press and/or police inquiries about stalking, harassment, threats, bulling, maybe even rape or murder in the extreme.
Not trying to be negative; I know your intentions are good, but be please be prepared. When the police call you in the middle of the night, and they will, make sure you can provide whatever information you can to identify the users. I am actually surprised you would be able to get into the Apple store without being able to do so.
Authorities of all sorts love the bully narrative because it legitimizes their demands for compliance. Social media is undermining to them because people don't want to be supervised.
The real reason social media sites die without moderation is not because it alienates people who take bullying, it is that when there is no way to become a moderator, people seek status and power elsewhere. Reddit survives because it is a status pyramid scheme. HN survives because of similar aspiration to be seen as that smart person in front of a VC audience, a kind of Enders Game fantasy.
Facebook and Twitter are waning not because of trolls, but because they have signaled a nannying supervisory role that reduces overall user optionality, and takes away the thing that drew people in in the first place: Hope.
I regret to say I might have some bad news for you.
However, not everyone is ambitious and competitive, but not everyone uses social media. They do seek a sense of approval (or attention), even if it is defracted via a pseudonym. Most social studies are irreproducible bunk anyway.
Our 'real' identities are but a hash away, where you give me a place to contact you and tell you the contents of this sha1 sum: b967696ff8376ccd0feb6170b469e23588d702bd . If you wanted to get fancy, we could start by agreeing on a modulus and a base....
I don't really see Facebook waning, but it did effectively disprove that removing anonymity reduces bullying. I maintain a minimal presence there and most of the time report mobbing and harassment and I've never had anything removed. If you want your post removed, say something minimally racist. If you want impunity, post the address of somebody that shot an animal, inviting people to "get them."
read reports of rate of user growth slowing down, teenagers switching to other platforms, and my own view that it is a millennial demographic phenomenon, like a pop genre.
They can make more money, but imho it will be through value added services on their graph and service diversification, not on user growth against todays advertising model.
Basically, if you use this near a school, then the school will be the main topic of conversation. And in that case (assuming students using this), half the conversations may be "So-and-so is a ____"
Inasmuch as there is actual research, it seems to show that requiring real names or real world identities does not reduce trolling, and can even make it worse[0][1]. My experience as a page admin on Facebook seems to confirm this -- the comment sections there are at least as nasty as anywhere I've been with anonymous comments.
Thanks for the heads up. I was hoping this would be an ideal system to have the community moderate/flag messages/users.
Being a little paranoid about privacy myself I tried to build the platform with as little logging etc. as possible. This of course also makes it harder to avoid misuse of the platform.
Let me know what you guys think. The app was made to get people talking again to the people around them. I threw in automatically generated anonymous nicknames to lower the initial barrier a bit.
Any advise on how to market/keep people engaged are most welcome.
I've had an idea like this in my head for awhile now.
One use case, you're at home and something just happened, large car accident, loud noise, etc and you want to be able to chat with the people around you while sitting on your couch.
When stuff happens around me when I'm sitting at home I find twitter to be too slow to update and it has a lack of information anyways.
But then you're just dealing with the same network effects that twitter is having trouble with.
Ham radio works for me. The power went out a few weeks ago. In the time it took me to walk across the room and turn on the radio they were already talking about it. I didn't bother to transmit, I didn't need to ask. In the next few minutes I heard reports from across the area, who had power, who didn't. It was way faster than waiting for news on facebook. I had a similar experience when there was a large amount of smoke blowing through. Was it something close or from a neighboring state?
Ham radio is pretty simple and you can get started for $50 (radio and test). What does it take? Check out http://hamstudy.org (no affiliation, just a happy user).
If one wishes to continue a conversation one-on-one I believe other applications are better suited for that. I therefore build only one private function:
The exchange of contact details if both parties agree. If one wishes to participate in an exchange of details. It is also for this function only required to fill in some form of details. The idea being you can than continue your conversation in private elsewhere.
Does it really work on a train as in the example? Having the GPS work reliably on high speed trains seems like a challenge, more so if you need to rely on cell data connection and everyone having their GPS synchronized properly.
How does this work if a person that is 500m away from me is currently chatting with someone 1.2km away… will it seem to me like that person is talking to himself (because his chat partner is out of my reach)?
Random fun fact of the day: this is also called the hidden node problem [1] when applied to wireless networks, and it can cause problems with certain collision avoidance algorithms! Just learned about this the other day :D
I played a game that had communication like this, and the conversations were often quite odd because of it, hearing half-conversations a fair bit of the time.
And relaying messages to people further away... Though it wasn't anonymous, and people knew where to tell people to send the messages towards.
Looks like it is from a rpg book, not a computer game. My first guess was GURPS by Steve Jackson Games (General Universal Roleplaying System) - but I'm leaning towards one of the oldest roleplaying games (which AFAIK has been "computerized" several times): Traveller.
I put a decent amount of work into something similar and had a fairly polished mobile app with a good number users in a few concentrated communities using it. And it was a disaster.
Anonymity plus a shared reference point of being near each other (mine was 400ft) produced either random attempts at discussion that never matured into a conversation, or focused vitriol at real people.
We ended up discontinuing the app as it was hard to overcome the double network effect (needing people you actually want to chat with, and needing them to be nearby), and the only times where it did was because of a pretty reprehensible use case.
How anonymous can a service be that sends messages through a central server and uses your phone's GPS to know where you are at all times? You're only anonymous to each other, but the server in the middle knows all.
When I saw the headline, I thought this used some sort of ad-hoc Wifi network with MAC spoofing and couldn't figure out how they got 1km of range.
The metadata is the problem for true anonymity, not the amount of information that individual users can see, or that the server stores in its database.
The "privacy" (http://www.zonemessenger.com/privacy) and "terms" (http://www.zonemessenger.com/terms) should give you two static pdf's. On my side it's only the "about" link that is dead (will be my personal website). If "privacy"/"terms" really don't work on your side let me know!
As of now there is no commercial backing what so ever. It's mealy a side-project that finally got finished. And for now there is also monetizing scheme implemented.
Fyi, i ran a facebook group with 15 k. people for Belgium. The #2. A little bit late to the party of location based messaging concering Pokémon though ;)
Funny that you mention this, as I've literally just submitted this exact app to Apple and should hopefully be launching in the next few days.
The app is called hoody (https://hoody.im) and I can't wait to post it to HN. I was actually a bit bummed to see this as I figured they had _just_ beaten me to the post, but in fact our apps are slightly different.
It's anonymous, with auto-generated nicknames as well, but the chat areas are dynamic based on activity in your area. So if no one is using it, it goes worldwide, and shrinks down as people around you are active (country level, city level, suburb), down to a minimum of around 700 metres.
Looks sweet! I've used today's traffic to play around a little with the range on zone messenger. And do believe a dynamic range is the way to go, at least while it's gaining traction.
All the best! and looking forward to your launch on HN
That is great to hear. Your app resolves what I was going to leave as feedback.
1) Not everyone is in a city. I'm in an area where a 1km in any direction might not get you anyone. Some areas 2km circle might get a handful of neighbors, but none of them are likely to have the app too.
2) When the app is new, what are they chances that anyone nearby has it?
By increasing the range until there is activity, it gives it a way to get off the ground and a way for it to work for people who aren't packed in a city.
This is one of the biggest decisions I've had to make based. The current implementation requires a huge critical mass before there are enough local users.
Because as of now I'm not perusing making any money from the app, I opted to test the feasibility of the core idea. Talking to local people. One could of course argue that I could deviate from this slightly (variable range) to reach this critical mass.
I'm in San Francisco right now, a dense, large city with a huge tech-savvy population. There seems to be one other person online at the moment. I guess there are probably more online elsewhere in SF, just not within 1km of me.
Adapting the radius to match the number of people available seems like a great idea. If there's only one person within 1km, step up to 2km, 3km, etc. until some number X of people are available. If there are too many people, step back down.
What's so weird about wanting to share your coffee with someone? The screenshot shows someone riding a train -- presumably they are in a distant city where they don't know anyone.
It seems like it would be less problematic to approach a person and ask if they could show you around or, offer to buy someone in a coffee shop another drink rather than using a technical means that allows the other party to select themselves?
I believe YikYak is based on threads/comments right? The main difference is that my app is more like one big local chatbox.
The initial idea was to achieve the atmosphere we used to have in (Dutch) public transport. Everyone could participate/listen to a couple of public conversations being held.
If you are within the range of one user, who is having a conversation with someone in their range but not in yours, will you only see one side of their conversation?
I wonder how this compares to an app like YikYak. I checked out YikYak for a few days (really a weird feeling with a bunch of random anonymous people posting messages). This seems similar except maybe only one-to-one rather than message thread based? Also YikYak seems to have about 5 mile radius zones (8km) rather than 1km.
I haven't used Zone but I know YikYak caught on pretty hard with college aged folk and college campuses, so the discussions and posts tend to be a bit different. I worked at a University in tech and due to the harassment issues with YikYak was told to keep an eye on it and determine if we need to request a Geo-Block from the YikYak team.
I would imagine Zone can probably break free of the age association and maybe grab people with the same sort of "town bulletin board" feel, but it's going to have a lot of conflicting user bases, and probably lots of trouble with harassment in local areas. YikYak had tons of issues with the harassment [0] problem until the user base took on a much more serious approach to moderating. The few times I was told by a student that there was something bad on YikYak, it had already been moderated out of visibility.
I don't know how Zone's posting works or if it has moderation or not, but hopefully the user base takes a similar approach.
[0] To expand on the harassment, it wasn't just nasty messages being written, it was stalker-ish comments tracking individual's activities, threats against persons, calls for vandalism, and so on. On a smaller University campus, it's taken a lot more seriously. We also had issues with student workers abusing access privileges and leaking private information to YikYak, which was dealt with appropriately by the administration.
This is indeed very similar to how initial sorting of the database is done. To improve accuracy (over performance) further sorting is done.
Like mentioned the non-linearity with regard to latitude makes standard trigonometry useless. In my case I opted for the haversine formula (https://en.wikipedia.org/wiki/Haversine_formula) this is pretty accurate on the small range of 1km
That the app is both geofenced and anonymous reminds me of Yik Yak, which was a huge success on my college campus before the company decided to move away from anonymity.
Did you develop this as a side project, or is this something you want to turn into a business?
Does it need to? Did YikYak need to? The death of anonymity was pretty much the death of YikYak.
Letting people talk, harassment and all seems to be the way to go. It's an opt in thing, so if you don't like it just uninstall or ignore a few users. Maybe I'm just a sucker for a good cesspool sometimes.
I have it on good sources that they dropped anonymity not because of harassment, but because of the history of anonymous apps fizzling out. Anonymous apps generally fail to generate sustainable, long-term growth.
It's indeed a side project that I've been working on for a while. It was mainly the development that interested me. Running/marketing a social messaging app is something others would probably enjoy more.
Currently I'm working on a different that, although also a software project, is more closely linked to applications/technologies that I love. It is this project I indeed aim to turn into a viable business.
As described I'm most likely not going to take this project much further on my own. I'll definitely reach out to you if I decide on growing it with a team or maybe as an open-source project.
Interesting. I built a website a few years back called LampNote, which was based around the idea of "virtual noticeboards" approx every 100m apart from each other. In an earlier incarnation of that project I had considered solving the same problems using anonymous geo targeted messages, either using an app or email. I quickly discounted that approach, as it seemed like it could become a magnet for all sorts of dodgy characters, and a potential headache legally. The end product I arrived at was something quite different, so I'll be interested to see how you get on with zonemessenger. Good luck!
I think it would be more interesting if the radius was variable and dependent upon the population density of your area. This way, your neighborhood in the city (SF) is roughly a kilometer out, but in Wyoming, you're going to talk to a relatively similar number of people. I think anyways it would be more useful for the kinds of tasks I would see myself using this app for.
I would be careful about this. Could definitely be used for bullying by kids - would suggest you come up with a strong mechanism/policy for banning users!
You could say the same for a lamppost (that I can attach a photo with a message to) and just about every other means of communication where the sender is not known (regular mail, for instance).
Technology can be used for good and for bad, this tech is no different in that respect.
The lamp post is part of a wider local 'ecosystem' that includes ways of dealing with abusive messages attached to publicly-visible objects.
Communication apps like this, not so much.
This is why service and software makers are considered to have more of a responsibility to be concerned with misuse of their platforms. (ETA:I mean platforms, as in publicly-accessible stuff on the net, that's under their control.)
"Block the user"--that requires the app to have a block feature. Would you say that's something to be taken for granted? Something we can rightfully expect in communication software? Something the service-provider has an obligation to provide?
If 'bullying' in a social app/service continues, then yes, there is option to stop using it.
But if that service has value, users are going to want to keep using it, but they're going to ask for a better service.
For anyone interested I built something similar (anonymous chat within a radius) as part of a pokemon go app A few months ago. It's an iOS app built, written in swift with a firebase backend
Usually on similar apps the messages go to their servers (over 3/4G) along with your location info, and then they re-route it back to all the users whose reported location is close to yours.
An exception was FireChat, which built a mesh network using the Bluetooh & Wifi-based connectivity API provided by iOS called "Multipeer Connectivity Framework", so you could talk to someone far away as long as there were other users between you, which served as routers.
You could just grab user location and populate it in a db. Use a proximity search to see which users you see and see you.
You could also break things down by geofence, but that would work better for a city chat since there would need to be overlapping fences otherwise you could be next to someone and not see their messages.
There are other ways to do it, but if you are going to use Internet connectivity, that's the simplest I believe.
When you click on the logo the "slide down" animation feels very web-y. The rest of app is really nice though. Everything feels really slick for a HTML/JS app. The keyboard show animation could a little work, but I know that's not easy to do.
The date in a Copyright notice is the date of first Copyright for the works. You do not update it to the current year. However, some sites do suffix the current year as well (e.g. 2012-2016), although that's not required as it's already implied (by dint of displaying the notice in the first place).
Because not everybody knows even if they should. Because it makes things easier for others. Because it facilitates contacting you for licensing deals and you want this money. Because it makes infringements easier to prove since you haven't officially registered your copyright. Because you want to sign your work.
A program to do that would do a bisection search along a line (faking coordinates for the location of the device) to find the point on the line where you transition to seeing the person's messages. Then, repeat along other two lines in different directions. Each transition point gives a circle of 1 km radius on which the person is present, and the one point shared by all three circles is their location.
This could be mitigated by rounding off coordinates to be coarse enough that it doesn't give their precise location before calculating the distance.