Wonder if Zoosk in light of this article will check their audit logs and see who accessed Roya's profile internally then cross reference with employee onboarding dates then fire the employee.
While that is correct, and I would also personally prefer that we continued to use e-mail based authentication for other reasons, Facebook does have measures in place now that make it more difficult to create loads of fake accounts.
Specifically, they now require a phone number to create an account. Getting a new phone number is more difficult than creating an e-mail address, so this will prevent at least some of the fakes.
Privacy practices of "Swipe Left: Privacy Practices of Online Dating Apps":
After clicking on this article, Google, Facebook and LinkedIn will know that you are interested in the privacy practices of online dating apps.
Privacy Policy and Terms of Use:
Facebook collects user data to create profiles that...
Google...
LinkedIn...
Data Retention:
Facebook...
.
.
--Sending HTTP requests to Facebook, Google, and LinkedIn results in the collection of this metadata and possibly data by your national and possibly foreign government surveillance organizations...
---Data retention by your national surveillance organization...:
I'm sure this is true, but what if you leverage something like PiHole and browser extensions like Privacy badger or uBlock? Surely, these offer some tangible protection against this kind of sharing?
> "Screw [dating app] lets meet with this cryptographically anonymous app instead" seems like a tough sell for most women tho.
"Sure, but please prepare a cryptographically signed recent lab report showing you've tested negative for all STDs. It would be best if the report was on blockchain."
Our app has a somewhat Tinder-like feel, though it's paid (escorts). I don't want to go overboard plugging, so see my profile for details. For fun, here's how we score on the article's items:
1. No scammers. We require providers to be vetted in some way (references). Clients are going to need to provide screening to see providers.
2-A. We use our custom login system. Verifying your social media account is just a read-once thing we do; we don't ever have access to post. In fact, it is unlikely we'd even get approved for an API key on most platforms.
2-B. For launch we're pretty exclusionary :(. Focusing on cishet couplings, female provider. We're going to address that as soon as possible. Queer sex workers face additional challenges for sure.
3. Data safety. Due to our company's legal status (extrajurisdictional), we have to deeply hide all data. Our servers don't have persistent storage, RAM only. (At boot, it's a manual restore from something like Tarsnap.) Only a few people have root or raw DB access. This does not include most devops people - they go through a change approval process. Real access is limited to core members heavily vested in the company with a need-to-know. More at [1], please ignore the clickbait title.
Another key point: connectivity is heavily restricted. App servers only have inbound socket from their hidden service, plus outbound to the DB layer hidden service. DB layer only has that inbound socket. DB requests are rate limited globally plus per user.
4. We'll wipe your data shortly after deactivation if there are no abuse reports on your account. In which case we keep a photo ID and birthdate so you can't sign up again and get a clean record. This is needed to protect user's safety. But at least a photo is not so readily searchable. Maybe Facebook can do it, but if we were to somehow
We may write up more when we have things stably working after a while. But we are very cautious mentioning any specific tools, as that gives attackers a head-start. We won't mention OS, stack, DB, etc.
But think something like secure boot, serve up a basic image, download full image from provisioning servers, turn on DB, restore from backups.
Escorting might not be viewed as fundamental a right as driving, but yes, same idea. We put morality over legality.
Extrajurisdictional does not just mean criminal. It means that we operate in a way that no specific jurisdiction can apply itself to us. It isn't a wild card to just do whatever we want. We fully intend to pay taxes where possible. We want to be as transparent as possible to avoid money laundering. We have a strict no drugs policy. Strict age requirements, and, as far as possible, no coercion/trafficking/pimping. (If we see one device managing multiple accounts, we'll investigate/ban.)
Only a few people have access to the keys, plus a set of third parties (think lawyers) that have a shard of an SSS setup. Changing the boot key can be done now and then.
But we think it is feasible to drop the disks entirely for the main servers. So the disk encryption is an issue for the systems holding our CI and imaging platforms.
I have to admit, combining prostitution, securities fraud, and blockchain technology in one single project is impressively ambitious even by normal startup standards.
Calling it securities fraud is rather unfair if you ask me. Why do you say fraud? Sure, we do not follow the SEC rules. In fact, the SEC opinion on ICOs is what galvanized us to go all out and insist on offering real equity to investors. It's far better than the nonsense ICOs come up with to tokenize themselves.
People like the Tezos group, asking for donations... it is disgusting that investors go for that. Demand equity. We always choose morality over legality. Following SEC rules technically, while ripping off investors ... I'd rather be in the clear ethically.
The blockchain part is for payments, so not that big of a deal. Though to raise money, we'd be better off finding a blockchain angle to the platform! Truthfully though, our app is not breaking new tech ground, apart from privacy and security (see the link in my original post).
We are ambitious though! I think we'll be the first blockchain-funded unicorn. Escorting is fragmented and high friction, and we're going to fix it. Our VP of Product is an active sex worker and very tuned in to the real issues facing workers and clients.
I've actually implemented this paper in a hackathon, but we never launched it. It's basically like tinder, but no central server has access to anyone's likes. Yet, by using homomorphic encryption and a calculation performed on the server (through which no information is revealed), you can know if someone you liked likes you back. It's pretty cool!
35 comments
[ 3.4 ms ] story [ 86.6 ms ] threadRoya Pakzad, the article's author. Her name is right at the top of the article we are discussing.
Or at least they claim to
Author is fooled into false sense of security around facebook profiles. A facebook account can be just as fake as an email address.
[1] https://www.huffingtonpost.com/2014/02/25/facebook-email_n_4...
Specifically, they now require a phone number to create an account. Getting a new phone number is more difficult than creating an e-mail address, so this will prevent at least some of the fakes.
After clicking on this article, Google, Facebook and LinkedIn will know that you are interested in the privacy practices of online dating apps.
Privacy Policy and Terms of Use:
Data Retention: --Sending HTTP requests to Facebook, Google, and LinkedIn results in the collection of this metadata and possibly data by your national and possibly foreign government surveillance organizations...---Data retention by your national surveillance organization...:
As a rough estimate, maybe 90% of the top 10,000 websites will send out (multiple) HTTP(S) requests to Google and Facebook from your browser.
"Screw [dating app] lets meet with this cryptographically anonymous app instead" seems like a tough sell for most women tho.
"Sure, but please prepare a cryptographically signed recent lab report showing you've tested negative for all STDs. It would be best if the report was on blockchain."
1. No scammers. We require providers to be vetted in some way (references). Clients are going to need to provide screening to see providers.
2-A. We use our custom login system. Verifying your social media account is just a read-once thing we do; we don't ever have access to post. In fact, it is unlikely we'd even get approved for an API key on most platforms.
2-B. For launch we're pretty exclusionary :(. Focusing on cishet couplings, female provider. We're going to address that as soon as possible. Queer sex workers face additional challenges for sure.
3. Data safety. Due to our company's legal status (extrajurisdictional), we have to deeply hide all data. Our servers don't have persistent storage, RAM only. (At boot, it's a manual restore from something like Tarsnap.) Only a few people have root or raw DB access. This does not include most devops people - they go through a change approval process. Real access is limited to core members heavily vested in the company with a need-to-know. More at [1], please ignore the clickbait title.
Another key point: connectivity is heavily restricted. App servers only have inbound socket from their hidden service, plus outbound to the DB layer hidden service. DB layer only has that inbound socket. DB requests are rate limited globally plus per user.
4. We'll wipe your data shortly after deactivation if there are no abuse reports on your account. In which case we keep a photo ID and birthdate so you can't sign up again and get a clean record. This is needed to protect user's safety. But at least a photo is not so readily searchable. Maybe Facebook can do it, but if we were to somehow
1: https://medium.com/@PinkApp/pink-app-trading-latency-for-ano...
Would love to read a write up on:
> Our servers don't have persistent storage, RAM only. (At boot, it's a manual restore from something like Tarsnap.)
But think something like secure boot, serve up a basic image, download full image from provisioning servers, turn on DB, restore from backups.
Extrajurisdictional does not just mean criminal. It means that we operate in a way that no specific jurisdiction can apply itself to us. It isn't a wild card to just do whatever we want. We fully intend to pay taxes where possible. We want to be as transparent as possible to avoid money laundering. We have a strict no drugs policy. Strict age requirements, and, as far as possible, no coercion/trafficking/pimping. (If we see one device managing multiple accounts, we'll investigate/ban.)
>"Servers use full disk encryption and the key must be manually entered at boot."
I am curious how do you handle key rotation and storage of encryption keys?
But we think it is feasible to drop the disks entirely for the main servers. So the disk encryption is an issue for the systems holding our CI and imaging platforms.
People like the Tezos group, asking for donations... it is disgusting that investors go for that. Demand equity. We always choose morality over legality. Following SEC rules technically, while ripping off investors ... I'd rather be in the clear ethically.
The blockchain part is for payments, so not that big of a deal. Though to raise money, we'd be better off finding a blockchain angle to the platform! Truthfully though, our app is not breaking new tech ground, apart from privacy and security (see the link in my original post).
We are ambitious though! I think we'll be the first blockchain-funded unicorn. Escorting is fragmented and high friction, and we're going to fix it. Our VP of Product is an active sex worker and very tuned in to the real issues facing workers and clients.
https://blog.rackspace.com/tinder-swipes-right-for-rackspace...
it opens suggesting an insider's view, and then just list obvious trivia.
https://courses.csail.mit.edu/6.857/2016/files/13.pdf
I've actually implemented this paper in a hackathon, but we never launched it. It's basically like tinder, but no central server has access to anyone's likes. Yet, by using homomorphic encryption and a calculation performed on the server (through which no information is revealed), you can know if someone you liked likes you back. It's pretty cool!