Cryptographic Tools To Keep You Hidden On Facebook 148
Posted
by
timothy
from the unless-they-don't dept.
from the unless-they-don't dept.
Al writes "Many people reveal way too much personal information on social networking sites — something that can easily lead to identity theft or unwanted attention from employers etc. Technology Review has a story about several cryptographic tools that can be used to hide your activity on Facebook, from both untrusted users and from Facebook itself. Urs Hengartner, an assistant professor of computer science at the University of Waterloo, developed a Firefox plugin that obfuscates anything marked with '@@' on Facebook and only reveals the correct information to trusted users who have the right keys. The sensitive data itself is even stored on an outside server so that even Facebook cannot access it. The piece mentions two other projects, NOYB and flybynight, that also aim to make personal information more secure on Facebook."
Excellent Example! (Score:5, Insightful)
Dubbed FaceCloak, the tool assures its users that sensitive data stays private, Hengartner says. "If you have a particular illness, you might want to allow only your friends to see that," he says.
or alternatively, you might keep that shit off Facebook
I'm sorry, but maybe I'm missing the point... (Score:5, Insightful)
If I don't want something on Facebook, I don't put it on Facebook. There! Problem solved!
Why do I need a tool to encrypt data so only selected people on Facebook can see it? Isn't that what PGP email is for? So I can send out information to specific people and (in theory) only those people can see it?
And, additionally, if I don't trust Facebook with a bit of information, what in the hell makes you think that I'd trust a completely unknown third party who is building specific plugins so they can collect things I don't want on Facebook on THEIR SERVERS?
Sounds to me like someone is saying "post all your blackmail-worthy thoughts here. I'll keep 'em safe! Trust me!" in their best used car salesman voice.
Or... (Score:2, Insightful)
FTA:
the tool assures its users that sensitive data stays private, Hengartner says. "If you have a particular illness, you might want to allow only your friends to see that
What ever happened to calling people?
Not on Facebook, but on an obscure website? (Score:5, Insightful)
I think I'll just stick with having my facebook profile as only a mask of myself, and not my entire life. Thanx
Oh ya? Facebook can fix this (Score:5, Insightful)
I agree with everyone else. If you don't want Facebook knowing all your dirty little secrets don't post your dirty laundry online. Once its online it will NEVER go away... Google Cache, The Wayback Machine [archive.org] and other caching services will leave a digital trail of your stink for ever. Long after that nasty rash goes away.
Cryptography is unneeded in this case ... (Score:1, Insightful)
If you don't want to be seen in public ... DON'T POST YOURSELF OR YOUR LIFE ON A WEBSITE DESIGNED TO SHOW YOURSELF OR YOUR LIFE TO THE PUBLIC!
You don't need cryptography, you need to close your web browser.
As Bruce Schneier says, you can't use cryptography to fix stupidity, sorry.
Idiots.
Another useless application that will never fly (Score:3, Insightful)
There are 3 Major flaws in this:
Those concerned with what strangers see on Facebook don't put information they don't want strangers to see on Facebook.
Those who use Facebook in such a manner aren't the type who have the time to install tools, run them, send the key to their friends, and then append @@ to everything they want hidden.
Facebook already provides the means to keep your stuff secret to just your friends, and its easier to close off your profile to the public then it is to Encrypt random Data.
Re:Excellent Example! (Score:5, Insightful)
Re:Excellent Example! (Score:5, Insightful)
Re:Excellent Example! (Score:5, Insightful)
I really don't know why this concept is so hard for people. My mother told me once when I was very young something very simple. "If you don't want someone to read it don't write it down." was what she said.
You know she was right. Its completely fool prof, nobody can find your not so well hidden diary, nobody can guess your cipher key that is weaker than you imagined, nobody can crack you later found to be flawed cipher, nobody can reproduce it in the clear accidentally or otherwise.
If its truly private it does not belong on the Network at all Facebook or anyplace else encrypted or not.
Re:I'm sorry, but maybe I'm missing the point... (Score:3, Insightful)
If I don't want something on Facebook, I don't put it on Facebook. There! Problem solved!
No, you can not predict what information may put you in trouble in the future. Something that looks harmless at present may bite you in the ass in the future (e.g. during job search etc.). So, if you have encrypted your posts right from the beginning, then you don't have to worry about the future.
Re:Excellent Example! (Score:5, Insightful)
I had no need for FACEBOOK either until a few months ago. A very dear friends lost her husband to a car accident. they had moved years ago but we tried to keep in touch. To disseminate information about the accident and subsequent hospital updates (he lived for about a week after the accident) etc. she decided it would be easier to post the info on FACEBOOK where all her friends could see it at once rather than fielding umpteen calls an hour. I created an account and was able to follow the status as well as provide long distance support via posts to her wall. What I also found was that there were lots more friends I had lost touch with long ago I was able to reconnect with. Several of which have renewed friendships and communicate via FACEBOOK daily even though there is little chance we will get to see each other any time in the near future.
Re:I'm sorry, but maybe I'm missing the point... (Score:5, Insightful)
OK, fair enough. But that means I'd have had to think ahead enough to know what might possibly be incriminating down the road. Because if I encrypt EVERYHING, then I have to give EVERYONE I want to be able to read it a decryption key, which means those decryption keys are going to be about as secure as a "don't steal this" sticker on a bicycle.
Facebook already has a "hide information" where you can select who sees what. If you don't trust Facebook, you're probably better off putting nothing at all there. Putting encrypted data there only means it's obvious you are hiding something.
Plus, you're still posting the data unencrypted to a central server, just not one owned by Facebook. Do you trust THEM?
Someone, other than you, is in control of that data. If you think it could be incriminating, perhaps you should think twice about posting it.
Re:Excellent Example! (Score:1, Insightful)
And also, people need to remember that the government has / will have access to that information very easily!!
Re:Cryptography is unneeded in this case ... (Score:3, Insightful)
Re:Excellent Example! (Score:2, Insightful)
Dave says: Oh no! How did you get Herpes ?
Re:Another useless application that will never fly (Score:1, Insightful)