I routinely get suggested to connect with people I've never even emailed or who used email account I closed a decade ago.
It's reasons like this I wish someone would do a Public/Private key based p2p social network. Essentially you digitally sign a key that you know someone and that's how you derive connections. Seems like you could implement browsable profiles as well.
Its a great idea, but I think everyone who has had it is stopped when they look at just how unwilling people are to exchange keys (or understand them) and how unwilling browser companies are to put effort into interfaces for managing keys (both of these obviously feed into each other).
The type of user who uses public keys usually knows better than to use server-side key management on a social networking site (however pretty the interface may be.)
Oh definitely, that's why I highlighted the lack of innovation in browsers for handling keys and encryption/decryption. This all needs to happen locally (not the trendy thing these days) and the current tools aren't at the level where that's going to happen at a large scale.
There would still be the key-exchange problem (I can't imagine a system that would make it easy for non-technical people to exchange keys out of band, even if you could explain why that was necessary and what it means), but with good browser tools I bet the number of zero-knowledge type sites/p2p networks would explode.
I think if you take away the need to it to be really truly secure it's workable. Social profiles aren't nuclear secrets, they are just posts about topics and pictures. I think if you embed the private key with a symmetric key password that would be good enough. I do wonder why that hasn't been done especially in the era of native mobile apps.
It's reasons like this I wish someone would do a Public/Private key based p2p social network. Essentially you digitally sign a key that you know someone and that's how you derive connections. Seems like you could implement browsable profiles as well.