(Page 2 of 2)
Private updates: A user (John Doe, in this case) can specify that his name and birth date should be hidden by tagging the data with ”@@.” FaceCloak then populates drop-down menus with private versions of the information.
Hengartner et al.
FaceCloak, implemented as a plug-in for Mozilla's Firefox browser, allows a user to designate--using two "at" signs ("@@"), by default--what information should be encrypted and only made available to friends. A FaceCloak user holds a secret access key but also sends two other keys to her friends. Those keys are then used to access the real information, which is held on a separate server. While the same concept could be used on other social networks--such as Twitter and MySpace--Hengartner and his colleagues focused on the largest provider.
Similar tools are being developed by other academic teams to address the privacy issues plaguing social networks. A group of researchers from Cornell University created another Firefox plug-in, called None of Your Business (NOYB), that encrypts profile information so that it can only be read by a small group of friends. And two researchers from the University of Illinois at Urbana-Champaign have developed a Facebook application called flyByNight that encrypts users' data.
Unlike those projects, however, FaceCloak works with any number of contacts and does not rely on the cooperation of the social-network provider. The University of Waterloo researchers attempt to hide which users are encrypting their data with FaceCloak by replacing the hidden data with arbitrary text taken from sources on the Internet. "Users who submit encrypted information stand out, both to Facebook and to other users who can see the profiles, and therefore might raise suspicion," Hengartner says. "By using fake information, we can avoid this problem."
There are still some major issues, however. Images are not yet supported by FaceCloak and the third-party hosting server used could potentially be compromised. Moreover, a FaceCloak user still has to be careful, Hengartner says. "The same problem arises in real life," he says. "When you tell a friend some personal information about you, you need to trust your friend to deal with this information responsibly. If she misbehaves, you can't erase the information from her brain."
Making more user information public has both privacy and security dangers, experts warn.
Economics may explain why it's so hard to find and configure privacy settings on many social networks.
Researchers find a way to identify individuals in supposedly anonymous social-network data.
Bob,
Are you aware of anyone working on a hierarchical, compartmented security scheme that could be applied to social networks? This would be much like the USG system which narrows access as information becomes increasingly sensitive.
Differentiated, encrypted data is nice but it's still basically a one size fits all solution.
Philosophically it is probably antithetical to the idea of social networking; but, yes, I am interested in being able to rank my "friends".
I am looking forward to the design of Google Wave vis-a-vis this issue.
Rip
Re: Social Networking Security
People are free to use it or not, so it's alright like this.
I agree in PART with the person who said 'don't publish to start with'. The main issue seems to be that people do not engage their brains before hitting 'publish' or 'send'. People need to think about who might be seeing their comments/pictures and whether they really want them in the public domain. Not only do they need to consider their own privacy but the privacy of others - every time they post a photo of a friend or comments about a friend without checking they are taking aways someone elses right to privacy. It's quite frightening what some people will share without second though about themselves and/or others online.
The other issue is employers and businesses now seem to think they have a right to dictate an employees behaviour outside of the work place - even where that behavior has no relationship or link to their job - it's a total violation of their employees right to privacy and the act of firing staff based on a photo seems to rely strongly on "what if" scenarios rather than any actual threat or loss of reputation. It may even be the employer that starts the public outcry and witch hunt in the first place.
I recommend Daniel J Solove's papers as interesting reads when it comes to identity, reputation and privacy online.
It irks me when social networks and websites demand our 'real names' and have a lot of mandatory fields (not that they are always given the truth) - and where people are penalised for using online identities instead of their real name and information - when often, it's the smart thing to do. Businesses wish to identify their users - either to market to them or to ensure they are an age appropriate group (often both) but the users of the same services, by sharing details, at at risk (identity theft, violation of their right to privacy, damage to reputation). There is a gap between what might be helpful from a legal/business sense and what might be smart from a personal point of view.
I have no answers - but I certainly have lots of questions on these matters. There's a wealth of articles on issues of privacy; reputation and identity out there and I think the gap between the issues and the answers is getting wider. The topics are interesting ones that need to be considered in a little more depth by the general population.
I have searched for the plug-in, yet every citation of this returns me back to this article. While it is a good idea and maybe not practical in usage - a thought occurred. Possibly the use could be as a retraction, if one accidentally posted gibberish or something factually incorrect. Of course, this type of technology would be nice for other social networking websites like Twitter or Ping.fm
Best Regards,
--Morris
Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.
Our list of the 50 most innovative companies, including the following:
On Twitter
Become a Fan on Facebook
Subscribe to the Feed
lasertekk
146 Comments
Better idea
Better idea: Don't post it in the first place. Problem solved.
Reply