Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cryptographic Tools To Keep You Hidden On Facebook

timothy posted more than 5 years ago | from the unless-they-don't dept.

Data Storage 148

Al writes "Many people reveal way too much personal information on social networking sites — something that can easily lead to identity theft or unwanted attention from employers etc. Technology Review has a story about several cryptographic tools that can be used to hide your activity on Facebook, from both untrusted users and from Facebook itself. Urs Hengartner, an assistant professor of computer science at the University of Waterloo, developed a Firefox plugin that obfuscates anything marked with '@@' on Facebook and only reveals the correct information to trusted users who have the right keys. The sensitive data itself is even stored on an outside server so that even Facebook cannot access it. The piece mentions two other projects, NOYB and flybynight, that also aim to make personal information more secure on Facebook."

Sorry! There are no comments related to the filter you selected.

Crytographic? (0)

Anonymous Coward | more than 5 years ago | (#29370711)

sounds chilly. fix headline, pls.

Re:Crytographic? (-1, Flamebait)

BitZtream (692029) | more than 5 years ago | (#29370955)

Slashdot editors don't do that, the post incorrect stories without edits for journalistic integrity. Its more important to present the information as it was found than to possibly bias it by posting correct information.

I mean, how do they know the headline is incorrect, its not like they read the article or god forbid, read the post to slashdot even!

nigger dongs (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29370725)

its whats for breakfast

Excellent Example! (5, Insightful)

swanzilla (1458281) | more than 5 years ago | (#29370765)

From the article:
Dubbed FaceCloak, the tool assures its users that sensitive data stays private, Hengartner says. "If you have a particular illness, you might want to allow only your friends to see that," he says.
or alternatively, you might keep that shit off Facebook

Re:Excellent Example! (4, Funny)

MrNaz (730548) | more than 5 years ago | (#29370959)

This is Web 2.0. Common sense has no business here.

Re:Excellent Example! (4, Insightful)

FooAtWFU (699187) | more than 5 years ago | (#29371133)

Their solution to keeping private data off Facebook: Put it somewhere off of Facebook! ... wow, wish I thought of that. Now if only we could trust the off-of-Facebook people...

Re:Excellent Example! (4, Insightful)

palegray.net (1195047) | more than 5 years ago | (#29371187)

I don't use Facebook. People don't have to solve problems they don't create in the first place.

Re:Excellent Example! (5, Insightful)

ArhcAngel (247594) | more than 5 years ago | (#29371549)

I had no need for FACEBOOK either until a few months ago. A very dear friends lost her husband to a car accident. they had moved years ago but we tried to keep in touch. To disseminate information about the accident and subsequent hospital updates (he lived for about a week after the accident) etc. she decided it would be easier to post the info on FACEBOOK where all her friends could see it at once rather than fielding umpteen calls an hour. I created an account and was able to follow the status as well as provide long distance support via posts to her wall. What I also found was that there were lots more friends I had lost touch with long ago I was able to reconnect with. Several of which have renewed friendships and communicate via FACEBOOK daily even though there is little chance we will get to see each other any time in the near future.

Re:Excellent Example! (5, Funny)

interkin3tic (1469267) | more than 5 years ago | (#29371653)

This is slashdot, which runs on pure elitism. You say there are real reasons to use facebook?

HERETIC! BURN HIM!

Re:Excellent Example! (1, Interesting)

palegray.net (1195047) | more than 5 years ago | (#29371731)

Sure, there are real reasons to use Facebook. None of them happen to apply to me, and I certainly wouldn't put private information into hands of a third party service like theirs.

Re:Excellent Example! (3, Informative)

blackraven14250 (902843) | more than 5 years ago | (#29372369)

Do you use any webmail? I think that construes putting information onto a third party service.

Re:Excellent Example! (2, Interesting)

palegray.net (1195047) | more than 5 years ago | (#29372855)

I rarely use third party webmail. I run my own mail servers for the majority of my communications. Installing Citadel on a cheap VPS takes about two minutes.

Re:Excellent Example! (0)

Anonymous Coward | more than 5 years ago | (#29372905)

or /.

ooops

Re:Excellent Example! (0, Troll)

twitchingbug (701187) | more than 5 years ago | (#29372355)

Dude. Someone _died_ here. Where's your compassion?

GP, I'm sorry for you and your friend's loss. I hope you and your friend are doing alright. I'm glad that some good (you reconnecting with old friends) came out of all this.

my best,
-don

Re:Excellent Example! (1)

interkin3tic (1469267) | more than 5 years ago | (#29372911)

Dude. Someone _died_ here. Where's your compassion?

Wait, I'm being insensitive to the one guy on /. that was -not- the butt of my joke? How so?

Re:Excellent Example! (1)

ukyoCE (106879) | more than 5 years ago | (#29372259)

Why are you YELLING at us every time you say FACEBOOK? ;)

Re:Excellent Example! (3, Funny)

lavardo (683333) | more than 5 years ago | (#29372365)

He is so excited about FACEBOOK that he can't control it.

Re:Excellent Example! (0)

Anonymous Coward | more than 5 years ago | (#29372943)

Why do you keep yelling "FACEBOOK"? they don't even capitalise the f, so you look like a complete douche with it in all caps. It looks like you're YELLING

Re:Excellent Example! (5, Insightful)

DarkOx (621550) | more than 5 years ago | (#29371303)

I really don't know why this concept is so hard for people. My mother told me once when I was very young something very simple. "If you don't want someone to read it don't write it down." was what she said.

You know she was right. Its completely fool prof, nobody can find your not so well hidden diary, nobody can guess your cipher key that is weaker than you imagined, nobody can crack you later found to be flawed cipher, nobody can reproduce it in the clear accidentally or otherwise.

If its truly private it does not belong on the Network at all Facebook or anyplace else encrypted or not.

Re:Excellent Example! (0)

Anonymous Coward | more than 5 years ago | (#29371883)

No, that wouldn't work. If I didn't put down that I had herpes in my Facebook page, I would forget I had it.

Re:Excellent Example! (2, Insightful)

lavardo (683333) | more than 5 years ago | (#29372085)

And also, people need to remember that the government has / will have access to that information very easily!!

Re:Excellent Example! (2, Insightful)

Anonymous Coward | more than 5 years ago | (#29373179)

John says: @@hfuwiefu43hhf83h
Dave says: Oh no! How did you get Herpes ?

I'm sorry, but maybe I'm missing the point... (5, Insightful)

natehoy (1608657) | more than 5 years ago | (#29370779)

If I don't want something on Facebook, I don't put it on Facebook. There! Problem solved!

Why do I need a tool to encrypt data so only selected people on Facebook can see it? Isn't that what PGP email is for? So I can send out information to specific people and (in theory) only those people can see it?

And, additionally, if I don't trust Facebook with a bit of information, what in the hell makes you think that I'd trust a completely unknown third party who is building specific plugins so they can collect things I don't want on Facebook on THEIR SERVERS?

Sounds to me like someone is saying "post all your blackmail-worthy thoughts here. I'll keep 'em safe! Trust me!" in their best used car salesman voice.

Re:I'm sorry, but maybe I'm missing the point... (2, Interesting)

elrous0 (869638) | more than 5 years ago | (#29371125)

I was struck by the same thing. Asking for crytographic tools on Facebook is kind of like asking "Does anyone make billboard covers?"

Re:I'm sorry, but maybe I'm missing the point... (3, Funny)

natehoy (1608657) | more than 5 years ago | (#29371435)

Or "encrypting" a billboard using those 60's-looking inkblot things that can only be seen using special polarized/colored "decoder glasses".

People know there's a message there, they know you're trying to hide it, so why bother all your "semi"-friends with tons of postings like:

@@rA3wrAw#FraW3rar3awra3WFaW#fFRAw3WF3Aw#F#:aw#:Rfa

Which, before decoding, can be read as

@@NANNER NANNER NANNER YOU CAN'T READ THIS BECAUSE YOU'RE ONLY A DEMI-FRIEND NOT A REAL FRIEND. TRY TO DECODE THIS ASSHAT! OR FIND THE SERVER IT'S COMING FROM AND HACK THEM FOR SERIOUS BLACKMAIL FUN AND PROFIT! :)

Re:I'm sorry, but maybe I'm missing the point... (1)

Runaway1956 (1322357) | more than 5 years ago | (#29371885)

"Does anyone make billboard covers?"

YES! And, for a limited time only, for $19.95 plus S&H, we will ship you, not one, BUT TWO! billboard covers! Act now, pick up the phone and call 1-800-SUC-KERS! Credit card customers get this ADDED PREMIUM OFFER - - - yada yada yada.

Actually, I think you can get anything you can imagine if you watch enough late-night television.

Re:I'm sorry, but maybe I'm missing the point... (1, Interesting)

Anonymous Coward | more than 5 years ago | (#29371149)

I actually liked most of the summary but the last bit. I think it would be quite cool to post encrypted messages on facebook. Prepend them with some kind of header. Write a Firefox Extension that recognizes this header, runs that through pgp and presents you the clear text.

Actually it would be even more cool if HTML had a tag to mark encrypted text. Either you have the correct key and see the text, or you don't and see some placeholder.

No third parties involved at all. I think that would be really awesome. Sure if you post something on the internet you can't expect it to be totally secret. Someone could crack your encryption. But I think it would be a neat feature combined with all this social networking. Additionally it could spread the use of PGP.

Re:I'm sorry, but maybe I'm missing the point... (3, Interesting)

natehoy (1608657) | more than 5 years ago | (#29371317)

I have a hammer. It's a nice hammer. I use it to bash things. Nails, sheet metal, inanimate objects that make me angry, etc.
I have a screwdriver, it's a nice screwdriver. I use it to loosen or tighten screws. It also makes a decent primitive prybar for light jobs.

I have PGP email. It's nice PGP email. I use it to send secure encrypted communications to a list of recipients that I control.
I have Facebook. It's a nice Facebook. I use it to say anything that I think my friends and the general public might want to know about my pathetic existence.
I also have Pidgin. It's a nice Pidgin and has the Encryption module. I use it if I need to say something "off the record" quickly to a trusted pal.

I would no more use my Facebook to send secure messages to my friends than I would use my hammer to loosen a screw, or my screwdriver to pound sheet metal into shape.

My point: Right tool for the right job.

Maybe I'm being pedantic or unimaginative, but I can't see a single reason why I'd want to post stuff to Facebook and have it only visible to certain people. Other people are just going to see I'm hiding something and either be honked off they are not included or try to hack it. And if I'm going be (IMHO) stupid enough to post it, there's no way in hell it's ending up as cleartext on ANY server run by ANYONE I don't personally know so I can personally go down and personally yell at them if the data ever got out.

Re:I'm sorry, but maybe I'm missing the point... (0)

Anonymous Coward | more than 5 years ago | (#29372749)

Can you send a mail and add someone to the list of receivers a year after you sent it?

Re:I'm sorry, but maybe I'm missing the point... (0)

Anonymous Coward | more than 5 years ago | (#29372903)

The difference is that a website is persistent and an email is transient.

If you want to present information in a persistent way a website is the right tool for the job.
If you want to present information in a transient way an IM or email is the right tool for the job.

Security is orthogonal to that.
If you want a secure channel then encryption is the right tool for the job.

To come back to your tools analogy:
You use a hammer for nails and a screwdriver for screws. Additionally you can use gloves to protect your hands. For some reason you are trying to argue that gloves shouldn't be used with hammers.

Re:I'm sorry, but maybe I'm missing the point... (2, Interesting)

Darkness404 (1287218) | more than 5 years ago | (#29371341)

Yeah, I'm sure all your friends want to see "Bob Smith to Joe User DFKSDJFKSDJFKDSJFDSuupoi23423po4i32423op4JLKEJFEFIJEIJFEIOFJEJFEI" all through their newsfeed....

Re:I'm sorry, but maybe I'm missing the point... (2, Insightful)

warrior_s (881715) | more than 5 years ago | (#29371479)

If I don't want something on Facebook, I don't put it on Facebook. There! Problem solved!

No, you can not predict what information may put you in trouble in the future. Something that looks harmless at present may bite you in the ass in the future (e.g. during job search etc.). So, if you have encrypted your posts right from the beginning, then you don't have to worry about the future.

Re:I'm sorry, but maybe I'm missing the point... (4, Insightful)

natehoy (1608657) | more than 5 years ago | (#29371925)

OK, fair enough. But that means I'd have had to think ahead enough to know what might possibly be incriminating down the road. Because if I encrypt EVERYHING, then I have to give EVERYONE I want to be able to read it a decryption key, which means those decryption keys are going to be about as secure as a "don't steal this" sticker on a bicycle.

Facebook already has a "hide information" where you can select who sees what. If you don't trust Facebook, you're probably better off putting nothing at all there. Putting encrypted data there only means it's obvious you are hiding something.

Plus, you're still posting the data unencrypted to a central server, just not one owned by Facebook. Do you trust THEM?

Someone, other than you, is in control of that data. If you think it could be incriminating, perhaps you should think twice about posting it.

Re:I'm sorry, but maybe I'm missing the point... (4, Informative)

natehoy (1608657) | more than 5 years ago | (#29371947)

"A false sense of security is far more dangerous than a real sense of vulnerability."

Re:I'm sorry, but maybe I'm missing the point... (1)

jdgeorge (18767) | more than 5 years ago | (#29372601)

"A false sense of security is far more dangerous than a real sense of vulnerability."

True, perhaps, for the person in question, but maybe not so true for everyone else.

People tend to be better behaved and more predictable when they feel secure, but when they feel threatened, they don't just go cower in a corner; they lash out. Some more dramatically than others.

From a societal perspective, it may be better that people have that false sense of security.

Re:I'm sorry, but maybe I'm missing the point... (1)

insertwackynamehere (891357) | more than 5 years ago | (#29372647)

"A false sense of intelligence is far more dangerous than a real sense of what actually fucking matters and know anything you put on facebook if you are smart does not matter so stop using far removed, inapplicable, ivory tower-IT department quotes to get your point across about how a social networking site is going to lead to your downfall"

Re:I'm sorry, but maybe I'm missing the point... (1)

Austin Schuh (1174389) | more than 5 years ago | (#29371837)

I have friends who only communicate reliably by facebook. I tried communicating by email, but they don't check their email often enough for that to work. Monthly is a fair description.

I personally view this as a way that after I have set it up on both ends (because they won't be able to), I can communicate to people I currently can't without giving my information to Facebook. I don't have a facebook account right now because I don't trust facebook.

Re:I'm sorry, but maybe I'm missing the point... (1)

natehoy (1608657) | more than 5 years ago | (#29371887)

You have friends who only communicate by Facebook, but you don't use Facebook because you can't trust it.

With respect, the solution is not to take that same information and throw it on yet another server run by yet another unknown third party.

"Give your information, or give it not, there is no 'trust'."

Re:I'm sorry, but maybe I'm missing the point... (0)

Anonymous Coward | more than 5 years ago | (#29371993)

OP and you are missing the point. This is academic research. He's not saying "use this product," he's saying "if YOU insist on using THEIR product, here's an interesting way you could keep yourself SORT OF safe, and this way may have applications elsewhere, but I haven't written anything there yet."

Re:I'm sorry, but maybe I'm missing the point... (2, Interesting)

lavardo (683333) | more than 5 years ago | (#29372225)

This is hilarious -----

""The sensitive data itself is even stored on an outside server so that even Facebook cannot access it.""

Well, then where is it stored? Another social networking data center?

Or... (2, Insightful)

TTURabble (1164837) | more than 5 years ago | (#29370781)

Maybe you shouldn't post every detail of your life on a website.

FTA:

the tool assures its users that sensitive data stays private, Hengartner says. "If you have a particular illness, you might want to allow only your friends to see that

What ever happened to calling people?

Re:Or... (1)

ground.zero.612 (1563557) | more than 5 years ago | (#29370957)

What ever happened to calling people?

But but but, then how can these evil service providers justify rate hikes to coincide with their CEO's pay raises? You think that CEO makes money off your phone call? Sure he might make a few fractions of a penny, but anything that gets you texting more increases that fraction to a whole. Anything that increases texting volume justifies further rate hikes!

It's almost as if the CEO's of these companies have discovered a business model based off a highly proliferated internet meme involving gnomes and underpants... Boggles the mind it does.

Re:Or... (1)

Darkness404 (1287218) | more than 5 years ago | (#29371043)

Exactly, or texting, or IMing, etc. The point of Facebook is for you to share to -the world- your thoughts. If you want to share your thoughts with one or two other people, there are better ways.

Re:Or... (1)

pimpimpim (811140) | more than 5 years ago | (#29371075)

I originate from the northern part of Amsterdam, where it is common behaviour to shout these things over the mobile phone or loudly discuss it with your friends, especially while in public transport. Seriously, some time ago the whole bus was informed about whether or not one of the girls should have an abortion or not. Privacy, who gives a shit anymore.

Re:Or... (0)

Anonymous Coward | more than 5 years ago | (#29371469)

The problem isn't necessarily what you post, but what's posted about you. I'd say most people here are very careful about what they post on Facebook and have their privacy settings configured so that only friends can see their data. However, most people don't upload embarrassing photos of themselves -- their friends upload embarrassing photos of them and tag them instead. Whilst your Facebook settings are set to private, your friends' may not be. And Facebook won't delete photos simply because you find them unflattering.

Something like this has happened to me recently. One of my friends has created a group dedicated to my drunken capers, visible to all on Facebook. I've asked him to delete it but he won't because he thinks it's hilarious. Facebook won't delete it. I wonder if I'll still be friends with him when I'm passed on for a potential job because of his "hilarious" group?

Re:Or... (1)

bmetzler (12546) | more than 5 years ago | (#29373375)

I wonder why you're friends with him now. Why wait until something bad happens? Regardless, that is the problem with social networking sites. It's not you that's the problem. It's that you have real-life friends that affect your life.

Re:Or... (1)

insertwackynamehere (891357) | more than 5 years ago | (#29372669)

Calling people is dangerous because a) the CIA b) wire tap and c) ECHELON geez people dont you understand that no form of communication is safe because the method of communication has too many weaknesses (regardless of method) and you can't even trust the person you are trying to communicate to begin with? even if you manage to get a clean connection through the phone systems to your friend (IMPOSSIBLE) hes probably going to sell you out to advertisers anyway.

what if ... (1)

Drasham (1626825) | more than 5 years ago | (#29370789)

I wonder if, should said 3rd party go down, does that leave facebook with nothing but gibberish?

Re:what if ... (0)

Anonymous Coward | more than 5 years ago | (#29370911)

Facebook is nothing but gibberish anyway.
--Ethanol-fueled

Re:what if ... (2, Funny)

NotBornYesterday (1093817) | more than 5 years ago | (#29370919)

Which would be different how?

Crytographic Tools.. (1, Interesting)

Anonymous Coward | more than 5 years ago | (#29370791)

The best tool: Don't use facbook?

Not on Facebook, but on an obscure website? (4, Insightful)

piltdownman84 (853358) | more than 5 years ago | (#29370867)

So I should feel safe using this tool because it allows 'sensitive data' to be stored on some third party website and not on the 'evil facebook servers'? I would rather facebook had it, as at least I know who they are and that I know its insecure.

I think I'll just stick with having my facebook profile as only a mask of myself, and not my entire life. Thanx

Re:Not on Facebook, but on an obscure website? (1)

FlyingBishop (1293238) | more than 5 years ago | (#29371127)

If it's implemented as a Facebook extension, I imagine the server can easily be run on a server of your choice, so instead of $EVIL_CORPORATION you can run it on your own server, or at the very least the hosting provider you are paying to take care of your data.

And most of this is concept stuff anyway. Implementation for pictures would be really nice, though the program currently pulls random text off the internet to obfuscate the fact that it's not showing you the real text. That sort of scheme would be more difficult for images, assuming they have some common-sense profanity filters in place, image filters are naturally harder...

Re:Not on Facebook, but on an obscure website? (0)

Anonymous Coward | more than 5 years ago | (#29372329)

What are people so afraid about anyways with respect to privacy? There seems to be sooo much fear and baseless paranoia around the idea of privacy. What information are people trying to protect and why?

I'm pretty open on facebook and I find it to be of great benefit. My openness fosters the openness of others and we all benefit. What's the problem?

Facebook is insecure - scary insecure (0)

Anonymous Coward | more than 5 years ago | (#29373787)

As long as you know and accept that Facebook-anything is insecure, then you're good. Don't expect **anything** you place on a facebook account to be secure - ever.

All this hiding (2)

Joe Snipe (224958) | more than 5 years ago | (#29370881)

can't I just not use facebook?

Re:All this hiding (1)

Mishotaki (957104) | more than 5 years ago | (#29373161)

but but but.... that's cheating!

missing a p (1)

jlebrech (810586) | more than 5 years ago | (#29370893)

What's a crytographic??

Re:missing a p (0)

Anonymous Coward | more than 5 years ago | (#29371763)

Its a cryptographic way of saying its cryptographic. Gets past content scanners at least.

Like this? (1, Funny)

Anonymous Coward | more than 5 years ago | (#29370933)

Name: £Ã[ÃÅ'ÃÂÅMýQÂÂÂâéâ(TM)Ãoe8h
Sex: â"ÃZÃÅ"Ãoeâ"f
Relationship: ÂVŽüâÃâÂYÂf
Status: â"?Ã`ÃâéÂÂYÃŽÃN©Ã"ÃÂ2ÂÃ...$ÃÂqX£â¦ÃOE¾¦1f
Interests: Ë'Ã]ÃÅ"æâ,ÃoeÂÂÅ'Ã¥QÂÂÂué^ã, ÃÂkCÂÂwÅtIÅ"±y, #ÂÃY0A¼&ÃÃ, EeQ61!ÃÃfâ"Ã'=Ãzâ(TM)e

Story (0)

Anonymous Coward | more than 5 years ago | (#29370937)

I think every single article gets tagged story. What's the point of tagging them story if they are all that. Seems like wasted space.

Re:Story (2, Informative)

Red Flayer (890720) | more than 5 years ago | (#29370979)

Create an account and log in.

Items that make the front page from the firehose are tagged 'story' so that when viewing from the firehose, you can see that the item has posted to the front page.

It's a functionality kludge (surely there's a better way to indicate item status) but then again, so is much of the slashcode.

Oh ya? Facebook can fix this (5, Insightful)

ironicsky (569792) | more than 5 years ago | (#29370939)

How long until Facebook simply removes any item with a @@ in it? Or builds in a regex to strip any non-alpha numeric characters from info boxes or posts? Or strips any erroneous or "spam" looking stuff from their site?

I agree with everyone else. If you don't want Facebook knowing all your dirty little secrets don't post your dirty laundry online. Once its online it will NEVER go away... Google Cache, The Wayback Machine [archive.org] and other caching services will leave a digital trail of your stink for ever. Long after that nasty rash goes away.

Cryptography is unneeded in this case ... (1, Insightful)

Anonymous Coward | more than 5 years ago | (#29370941)

If you don't want to be seen in public ... DON'T POST YOURSELF OR YOUR LIFE ON A WEBSITE DESIGNED TO SHOW YOURSELF OR YOUR LIFE TO THE PUBLIC!

You don't need cryptography, you need to close your web browser.

As Bruce Schneier says, you can't use cryptography to fix stupidity, sorry.

Idiots.

Re:Cryptography is unneeded in this case ... (1)

megamerican (1073936) | more than 5 years ago | (#29371809)

I agree. This tool is completely redundant. The only people who would want to keep their data private on Facebook are the ones who didn't put their information on it in the first place.

Re:Cryptography is unneeded in this case ... (2, Insightful)

insertwackynamehere (891357) | more than 5 years ago | (#29372731)

Everyone on Slashdot who has a hardon to prove how big their not-having-a-facebook-penis is and finally needs to get one for some normal reason has to use this tool though! Then when some girl inquires about it they can be all like "I like keeping my information private so I'm encrypting my Facebook isn't it cool? Here's my public key and some documentation on how to use the decryption software, along with some light reading on the encryption methods you might find interesting by the way I'm sure you'll be happy to find that when you are done decoding my info page, i am in fact single and interested in women :smug:"

But think of the drama opportunities! (1)

JoshuaZ (1134087) | more than 5 years ago | (#29370947)

Social networking sites are all about the drama. Imagine the drama levels when some friends get access to some information and others don't. If the makers of this really want to combine technologies effectively they should somehow connect it to livejournal. Maybe some sort of updating feed about how many people on livejournal are complaining that you put something encrypted up on your facebook page that they can't see? More seriously, it isn't clear to me from this technology that it is completely reliable. TFA doesn't give a lot of details, but I'd like to know what encryption scheme they are using. Are your friends provided a key or what? And what prevents the makers of this technology from accessing the information? We need a lot more details about this technology to decide if it even safely does what it is advertised as doing. Or of course, there is the simple solution of just not posting sensitive information. But in this age it seems like many people have such ingrained habits of posting everything to facebook and other sites that that might not be an option.

Re:But think of the drama opportunities! (1)

Anachragnome (1008495) | more than 5 years ago | (#29371455)

"Social networking sites are all about the drama."

Yes, imagine the pure torture someone would go through...

Post Header: "That Skanky Ho, Wendy, is at it again!"

Only Wendy finds out that SHE can't read the rest of the post...In fact, nobody but the poster can.

Teen Girls(between the ages of 10 and 12) around the world now have a new weapon with which to inflict great emotional distress on their anti-peers. I expect the carnage to be widespread and most gruesome (left, left, right, left, left...)

Secretly to save Facebook (1)

ZekoMal (1404259) | more than 5 years ago | (#29371025)

While /.ers tend to have the knowledge not to post everything about themselves on Facebook. Sadly, /.ers do not make up the majority of Facebookers. In fact, the typical Facebooker plasters fifty different photos of them, some of which are incriminating (people getting expelled from school for pictures of them with booze, naughty pics, etc) for either the whole world or their friends to see.

Some Facebookers accept any friend requests they get, no matter who it is or if they know them.

Some Facebookers talk about smoking pot, about stealing something, about patrolling for chicks to screw, anything and everything from petty crime to just plain idiocy is announced on Facebook.

So, these casual Facebookers see a way to 'protect' themselves and use it, feeling falsely secure. One of their "friends" who is really just someone digging dirt outs it to people offline. Casual Facebooker sees this and turns on Facebook, suing them for their stupidity. What can Facebook do? Society would easily blame Facebook, and they'd pay out some gratuitous fee to the little moron, and then Facebook would lose its popularity.

But wait! Facebooker had signed up for this protection service! It was Facebooker's fault for befriending the wrong person! Facebook is without sin, Facebooker gets screwed, everybody knows the secret Facebooker couldn't shut up about, and we're all happy (except for Facebooker, but Facebooker was so stupid that it was bound to happen eventually anyway).

Re:Secretly to save Facebook (5, Interesting)

Spad (470073) | more than 5 years ago | (#29371337)

Some Facebookers accept any friend requests they get, no matter who it is or if they know them.

Amazingly so, in fact. A friend of mine had his shop broken into last week. He offered a reward for anyone who could ID the guy caught on CCTV, found out the guy's Facebook ID through it and successfully got himself added as the burglar's friend. He's now passed the name, photographs and location on to the police.

Fake datas. (3, Interesting)

antdude (79039) | more than 5 years ago | (#29371055)

Hmm, I used fake datas like names on FaceBook. Then, a few weeks later, my account got disabled. I e-mailed to ask what's up and the customer support told me that I was using a fake name/datas. They wanted proof like a driver license to get back on. Frak that. MySpace, Friendster, etc. had no problems!

Re:Fake datas. (1)

hey (83763) | more than 5 years ago | (#29371325)

You have to be more subtle with your fake info.
I used all fake info and they didn't complain.
Instead of saying you name is "Fuck Facebook" try "Joe Smith", etc.

Re:Fake datas. (1)

davidisonslashdot (1634537) | more than 5 years ago | (#29371421)

People usually realize names like "Joe" or "John Smith" are fake. Try for example Rob Steeves. It's subtle, no?

Re:Fake datas. (2, Funny)

Anonymous Coward | more than 5 years ago | (#29371547)

Rusty Shackleford.

Re:Fake datas. (0, Troll)

hey (83763) | more than 5 years ago | (#29371561)

Good point.
Or non-Caucasian names like, say, "Barack Obama".

Re:Fake datas. (1)

mobby_6kl (668092) | more than 5 years ago | (#29371575)

It's subtle, but it's not very funny. I usually try to use something like Mike Litoris, if "real" name is required.

Re:Fake datas. (1)

antdude (79039) | more than 5 years ago | (#29371567)

I did! It wasn't John Doe, John Smith, etc. Lame. Whatever, don't need it and tired of moving to new social networks!

Re:Fake datas. (0)

Anonymous Coward | more than 5 years ago | (#29372507)

I use fake data and a fake name on Facebook. They haven't blammed my account yet, but they are recommending that I friend the accounts of my real-life family and coworkers who have no connection to any of my Facebook Friends.

http://tangaroa.livejournal.com/350161.html
http://tangaroa.livejournal.com/353971.html

Re:Fake datas. (1)

maratumba (1409075) | more than 5 years ago | (#29372639)

Someone I know used his/her real name and got the account disabled. Then we found out that happens a lot. Facebook disabled many accounts with same reason and didn't open it back. All the articles and comments are lost forever.

Re:Fake datas. (0)

Anonymous Coward | more than 5 years ago | (#29373725)

I have a few Facebook friends that just use their first name and last initial instead of their full last name. That may be sufficient privacy for you.

Another useless application that will never fly (2, Insightful)

Monkeedude1212 (1560403) | more than 5 years ago | (#29371061)

There are 3 Major flaws in this:

Those concerned with what strangers see on Facebook don't put information they don't want strangers to see on Facebook.

Those who use Facebook in such a manner aren't the type who have the time to install tools, run them, send the key to their friends, and then append @@ to everything they want hidden.

Facebook already provides the means to keep your stuff secret to just your friends, and its easier to close off your profile to the public then it is to Encrypt random Data.

Re:Another useless application that will never fly (1)

gtbritishskull (1435843) | more than 5 years ago | (#29372137)

Yeah... secret to just your friends or anyone who will pay for it. A lot of big companies these days weed out employees by getting a profile of them from facebook.

Re:Another useless application that will never fly (1, Insightful)

Anonymous Coward | more than 5 years ago | (#29373703)

[citation needed]

Huh ... (0)

Anonymous Coward | more than 5 years ago | (#29371137)

... what is facebook?

Doesn't even concern Facebook? (1)

Captain Spam (66120) | more than 5 years ago | (#29371155)

The sensitive data itself is even stored on an outside server so that even Facebook cannot access it.

(emphasis mine)

So... um... if the data's not stored on Facebook, why is Facebook a part of this equation? Why not just advertise a generic centralized cryptographic system they're running and apply it generally? Or do they really need the publicity that badly that they're just whoring on Facebook's privacy issues?

Come to think of it, if Facebook isn't even involved, why even bother with a central server? I'd think it'd be far more effective to make an interface to some sort of distributed network of encryption keys or whatnot. I mean, it probably wouldn't be perfect, but I'm sure you could get some pretty good privacy out of the deal.

ROFL (1)

SilverJets (131916) | more than 5 years ago | (#29371211)

The sensitive data itself is even stored on an outside server so that even Facebook cannot access it.

So, Facebook doesn't have access to it but someone else does. Oh yes this is SOOOOO much better.

Re:ROFL (1)

edraven (45764) | more than 5 years ago | (#29371321)

Obviously, all you have to do is put data in the outside server that's encrypted in some other way. Then Facebook just has a link to data that's really just a link to somewhere else. See? Problem solved.

FirstR po5t (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29371247)

TCP/IP stack 4as [goat.cx]

Hides the info from Facebook and their partners (1)

hey (83763) | more than 5 years ago | (#29371349)

Many people are saying... if you don't want it seen then don't post it. I don't mind my friends seeing my status (or whatever) but I don't want the Facebook Company or their partners (ie Microsoft) seeing my profile. Sounds like this plugin might solve that problem.

Re:Hides the info from Facebook and their partners (1)

Overzeetop (214511) | more than 5 years ago | (#29373277)

So don't fill it out. There's no Facebook law saying you have to give them that information - you fill in as little or as much as you want. This is for the diminishingly rare case where you want to post "sensitive" information you want your select friends (with whom you share your crypto key outside of facebook) but which you don't want facebook to know about and you don't want searchable in their database by other users (i.e. where you went to high school so your old buddies can find you).

I can't really find a useful reason for this - something I want to post on facebook that I want kept a secret except amongst people with whom I would share a private key. That's not really what facebook is for.

Target audience.. (1)

Seth Kriticos (1227934) | more than 5 years ago | (#29371383)

I'm sure this is a nice thing for some selected folks (mostly geeks) who know:

1, What security is.
2, How to use it.

For the rest (99.9+%) of the facebook / twitter crowd this will mean nothing, because they can't even understand the first concept, let alone the second..

Filter @ characters (1)

Ohio Calvinist (895750) | more than 5 years ago | (#29371407)

I would be happy if someone would write something to filter the @ and # characters twitter users have some fascination with that have no relevance on non-twitter interfaces. While they are at it, may I go ahead and recommend something to filter, Mafia Wars and Farmville why they are at it. Facebook already has a pretty low signal-to-noise ratio thats only getting worse without people encrypting what little text is still there. </rant> That being said, it sounds very interesting as a practical use of crypto-in-plain-sight, and might raise awareness about cryptography and privacy.

Re:Filter @ characters (1)

Cryogenic Specter (702059) | more than 5 years ago | (#29371585)

if you have problems with facebook apps like Mafia Wars and Farmville all you have to do is block the app and then it goes away. Not too hard...

I don't use facebook (0)

Anonymous Coward | more than 5 years ago | (#29371459)

I put all my personal information on *chan and Encyclopedia Dramatica [wikipedia.org] .

Similar social site that NEVER shares your info (1)

noidentity (188756) | more than 5 years ago | (#29371871)

isolatr.com [isolatr.com] absolutely never shares your personal information with anyone. I've used it for years, never had any annoying online friends, and never even had to enter any of personal information on the site. One time I stumbled on it, saw that it was perfect, and was done.

Re:Similar social site that NEVER shares your info (1)

gtbritishskull (1435843) | more than 5 years ago | (#29372175)

They can filter out annoying people! Can I get one of those for real life?

Re:Similar social site that NEVER shares your info (0)

Anonymous Coward | more than 5 years ago | (#29372327)

> They can filter out annoying people!
> Can I get one of those for real life?

Sure, just stay home all the time. Not recommended, though (speaking from experience, sadly).

Re:Similar social site that NEVER shares your info (2, Funny)

Velex (120469) | more than 5 years ago | (#29373753)

They can filter out annoying people! Can I get one of those for real life?

NO.

you fail iT? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29372599)

influence, the aas until I hit my

Good to know (1)

AnAdventurer (1548515) | more than 5 years ago | (#29373167)

I did some training with some special forces operators (who don't like the world to see their faces) but I wanted to show "some" friends what I was up to. I posted the photos (even being careful to not show name tapes of full face shots or blured them out in Photoshop) , choose "Friends ONLY" in privacy settings and then 3 days later I deleted it. If you didn't see it, you didn't see. Come over, I can show you over coffee, just can't post on FB or on my website- faces/badges,/unit numbers/Identifying stuff, what I know if the up coming mission I am training them for [profession...nturer.com] etc. Just like this post. You have no idea where I was or who I was with: that's the point. Don't want the world to know about it, don't post it!

Bugger using some high tech stuff for a low tech option - just don't post it.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?