Search Mailing List Archives
[liberationtech] The missing component: Mobile to Web interoperability (in Internet Freedom Technologies)
michael at briarproject.org
Tue Sep 17 13:46:27 PDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 16/09/13 06:57, Jonathan Wilkes wrote:
> On 09/15/2013 02:32 PM, Michael Rogers wrote:
>> Friend suggestions can be based on a partial view of the social
>> graph - - for example, each user may be able to see their friends
>> and their friends' friends, which would enable an algorithm
>> running on their own device to suggest friends' friends who they
>> may know, without anyone (including the service providers) having
>> a complete view of the social graph.
> If the network scales, and the average user has about 250 friends,
> how many users would it take to share their data with a third party
> to provide that third party a complete view of the social graph?
If the answer's greater than one, you still get more privacy than in a
I'm not sure we can expect any system to protect people's privacy if a
significant fraction of those people are willing to share everything
they know with a third party. But we can protect against more moderate
threats, like centralised providers that have an economic incentive to
spy on their users, and a legal duty to share the results of their
spying with the government.
>> Limited searching would also be possible using a partial view,
>> and would support the 'best' use cases for the feature (reconnect
>> with old friends, find that person you were talking to at that
>> party) without allowing people to look up complete strangers.
> How does the network tell the difference between my search for an
> old friend and my search for a total stranger?
Your partial view of the network probably includes your old friend
(through mutual acquaintances), but by definition it doesn't include
any total strangers.
> Please push me back on the right track if I have a blind spot
> here-- I'm having a difficult time seeing a technical difference
> between a social network that allows partial views of the graph in
> order to maintain a semblance of privacy, and a system of
> distributing digital copies of music that tries to limit the number
> of times a file may be copied.
The difference is goodwill. It may be reasonable to give a piece of
information (such as a list of your friends) to each of your friends,
and ask them not to share it any further. It probably isn't reasonable
to try the same thing with 10,000 strangers, while simultaneously
trying to convince everyone who doesn't have the information that it's
the latest cool thing to have, which is what the music industry would
like to do.
> In fact, it seems worse in the case of partial graph views-- at
> least with music copying there's an icon representing "the music"
> and keystrokes or mouse clicks representing "the act of piracy";
> from the music industry's point of view (i.e., their concept of
> "privacy") they can drill down on the alleged immorality or
> negative consequences of a user _doing_ those actions and persuade
> _some_ amount of people with such an argument. With social
> networks as I know them, the variables that control which pieces of
> users' data get sent to what location, at what time, and how often,
> are hidden away from the day-to-day UX. And even if they are put
> front and center, how does the user measure the moral hazard
> associated with allowing certain parts of their data to be accessed
> from one hop away, vs. two hops, etc.?
I wouldn't expect a P2P social networking app to provide a button
marked "share my friend's list of friends against her will". However,
even if it did, I think the immorality of pressing that button would
be pretty clear.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the liberationtech