Would you use a cryptographically secure social network?

4 points by lukev ↗ HN
All data (including fact-of data) would be encrypted. The only parties able to decrypt it would be those individuals or groups explicitly targeted by the author. The company/service itself wouldn't even have access to the data in its unencrypted form: you could expose the entire database with no privacy concerns sine. There'd be no need to trust any person or entity you didn't explicily choose to.

Obviously, this wouldn't be your "find an old friend" or "find people with similar interests" type of network. It would have one purpose and one purpose only: to allow you to communicate easily and securely with those you trust.

Assuming this sounds good, would you prefer to: 1. Use the service via a web-app (less secure, since it requires that you entrust your password/private key to a third party) 2. Use an open-source thick client or browser plugin (you maintain complete security).

The technology is definitely tricky, and it'd be difficult or impossible to monetize. But do you think it's worth researching/prototyping? It actually seems like one of the few remaining innovations in the social network space.

13 comments

[ 2.9 ms ] story [ 40.2 ms ] thread
Well, (1) would be pointless: that means you're still decrypting server-side!

The way I see it, social networks are mostly just a reworked version of (email + mailing lists + usenet) in a form that appeals to non-techies. Now, adding encryption requires quite a deep understanding of how the system works in order for it to be useful (eg. how many non-techies would realise that (1) defeats the purpose?), so it's really only for techies. But techies already have GPG-encrypted email...

It would be pointless from an ultimate trust perspective, yes. But somehow I'd still feel more comfortable with a company that (at least claims) to use my key only to decrypt data immediately before sending it to me, than a company that stores all my data in clear text and mines it and distributes it internally as they see fit.
I get the feeling, but rationally, that would be equivalent to a company that simply promises (say, in the Terms of Service) not to mess with your data.

I may actually trust a company on such promises, but the real risk is in this scenario: the company goes bust and some weirdos seize control of the server. In that situation, it doesn't matter much that the data is encrypted, if the keys are available too.

This could be alleviated if the server kept the user's key only on a per-session basis and never actually stored it. I'm curious... how would you feel about that?

Also, there might be a way to make a server transparent so people are more likely to trust it... open-source the server code, of course, and expose the entire file system as read-only could people could run a checksum on the server executable to verify it's the same one? Of course there'd ultimately be no guarantee that there wasn't networking trickery going on...

yes. definitely. You can use javascript for decryption on th client side btw
How do I gain access to my private key in Javascript (without having the user paste it in every time)? How do I store it between page loads without exposing it to the server?
HTML5 storage.
The whole affair is pointless since "privacy is over" or whatever, but for the sake of argument...

Rather than putting encrypted data in a centralized service ("Hi, I don't trust you at all but please host these encrypted blobs for me for free.") I think a P2P social network (DiSo) makes a lot more sense.

The whole point would be to try to ensure that privacy is NOT over. Our privacy is nearly gone, but that doesn't mean we can't fight to get it back. And laws preventing companies from releasing data are NOT going to help - the only ultimate solution is encryption.

And yes, it would be possible to implement it as a P2P social network, but there's a few problems with that:

1. P2P ties you to a particular machine. The whole point of having social networks is that they work on all your devices.

2. I've never been impressed with the performance of P2P applications and I've never seen anything leading me towards a different opinion. I don't want to use a social network where it takes me 30 seconds to bring up someone's profile.

3. P2P is technologically more challenging. I want the average user to benefit from this, not just geeks.

These are perhaps surmountable if one could design the next generation of P2P tools, but that drastically increases the scope of the project.

2) complete security.

But its being impossible to monetize would prohibit there being a network at all, wouldn't it?

You can do this already with email and pgp, or encrypted attachments and pgp. You might get closer to the goal by making THAT easy for non-techs, rather than adding the difficulty of creating a whole new social network as such.

Not at all. The network would exist - it would just be all encrypted and you couldn't navigate it unless you held the key to each successive node. To the end user, it could be more or less just like Facebook, and they could forget that it was encrypted while using it.

It'd be hard to monetize because social network money (what there is of it) is all based on contextual and targeted advertising, or on gathering user statistics. Both would be impossible if all the data were encrypted.