Re: [liberationtech] a privacy preserving and resilient social network

[Jonathan Wilkes]

On 06/28/2013 03:01 PM, Alireza Mahdian wrote:

[...]

To answer John: As I mentioned in an earlier post I have done this 
protect myself from any liability if someone modifies the code 
rendering it a malware. I may publish the service layer code 
independently under a different license where anyone can modify it as 
they want to. However I do understand your point.


Hi Alireza,
 If you get a free moment, I'd highly recommend emailing your 
concern to either or both of the FSF (Free Software Foundation) and the 
SFLC (Software Freedom Law Center).  I've found they are both very quick 
to advise on licensing issues, very knowledgeable, and can give you 
detailed information that you can use to hopefully find a better 
solution than adding your own terms to the Apache license. They are both 
very friendly organizations and can probably also recommend other 
resources for you on this issue:


i...@fsf.org 

h...@softwarefreedom.org 

I advise doing this because a license that does not look standard is a 
non-starter for building a community around your software (or even for 
people building something else using your ideas).  I'm convinced that if 
you take a modicum of time to communicate your concerns to these 
organizations they can help you arrive at a licensing scheme that does 
exactly what you want without hindering a potential development community.


-Jonathan
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Karl Fogel]

Alireza Mahdian  writes:
>this is to prevent modifications that would render it as a malware. I
>haven't signed the code yet so I am just protecting myself from such
>liabilities. 

Hi, Alireza Mahdian.  Please don't call the code "open source" nor "free
software" when it's not.

In this case, it's not: the requirement to get your permission before
changing the code violates the Free Software Defintion and the Open
Source Definition in clear & unambiguous ways.  If you place these
additional restrictions on people's freedom, then the software is simply
not open source.

You can distribute it under any terms you want, but don't call those
terms something they are not -- that's just misleading.

Thank you,
-Karl
 (with my opensource.org hat on, which it usually isn't when I post here)


>On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:
>
>I like the idea, so I was checking it out. I was confused by this
>statement in the download terms:
>
>Since MyZone Client Application is open source, you will not
>change any
>part of MyZone’s code without the written approval of MyZone’s
>copyright
>owner Alireza Mahdian reached at (alireza.mahdian at colorado
>dot edu). 
>
>Can you explain what you mean? Usually, something called "open
>source"
>can be modified without any additional written approval.
>
>-john
>
>-- 
>John Sullivan | Executive Director, Free Software Foundation
>GPG Key: 61A0963B | http://status.fsf.org/johns |
>http://fsf.org/blogs/RSS
>
>Do you use free software? Donate to join the FSF and support
>freedom at
>.
>--
>Too many emails? Unsubscribe, change to digest, or change password
>by emailing moderator at compa...@stanford.edu or changing your
>settings at
>https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>--
>Alireza Mahdian
>Department of Computer Science
>University of Colorado at Boulder
>Email: alireza.mahd...@gmail.com
>
>
>--
>Too many emails? Unsubscribe, change to digest, or change password by emailing 
>moderator at compa...@stanford.edu or changing your settings at 
>https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Alireza Mahdian]

Hi Stephen,
> 
> 
> 1.  Where can a copy of your dissertation be procured?  Is it available in an 
> appropriate Open Access repository or would other steps need to be taken to 
> secure a copy?
> 
a copy of my dissertation can be found here: http://joinmyzone.com/Thesis.pdf
> 2.  As designer of a social network, what is your view of the Internet as a 
> transport layer today?  How will it fare against various degrees of social 
> and political instability found currently across this planet?
> 

I am not sure how to answer the first part of your question. Are you referring 
to the transport layer as the one in the OSI model or something else. if you 
are referring to the layer in the OSI model based on what I have heard in the 
news and what I have experienced in my home country a controlling entity (which 
usually belongs to the government or is controlled by the government or has to 
answer to the government) can pretty much do anything to its customers. I 
remember that the Iranian government used to re-route all the traffics destined 
for google servers to some server inside Iran and by forging certificate from 
comodo they managed to obtain a lot of username and password pairs from the 
Iranian users. highly sophisticated traffic monitoring and analysis techniques 
can also be used to trace contents and connections to users as well. Social 
engineering is maybe the most effective and least expensive way of getting 
results these days I suppose. In my opinion a secure layer on top of the 
transport layer that provides privacy in its complete form would be the 
ultimate solution (something that would only seize functioning if the IP 
infrastructure is brought down) but with the current technology I am not really 
sure if it is possible. 

> 3.  Distilling it down to perhaps a couple sentences that do not repeat the 
> thread subject line, how would you pitch usage of this social network to an 
> average US consumer in contrast to mass market tools like Facebook or Twitter?
> 

MyZone can be thought of as Facebook (without the apps) but as a peer 2 peer 
system. It is not intended to be used as twitter. If a user is concerned about 
the privacy and by privacy I am not talking about unlinkability (anonymity) but 
the fact that the provider might sell or provide the content of your profile to 
third parties (as I mentioned the case of NSA) then MyZone is perhaps a viable 
alternative. However I need to mention that Facebook and twitter are providing 
more than 99% availability and a peer to peer system (at least MyZone) can not 
compete with that level of availability. I am hoping that with almost constant 
availability of high speed internet on handheld devices that are very capable 
of hosting such services there would be a movement in social networks towards 
distributed architectures and I hope MyZone can contribute to that movement. 

> Stephen Michael Kellat
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech


--
Alireza Mahdian
Department of Computer Science
University of Colorado at Boulder
Email: alireza.mahd...@gmail.com

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

tl;dr-summary:
Surveillance is not a scale-free property, and the notion of
privacy is a notion that refers primarily to surveillance at scale.
Targeted exploitation attempts are expensive and that expense
represents the existing social contract (flawed as though it may be)
between populations and intelligence agencies.  Until we can by
technical means return to that contract, we are not in a position to
otherwise change it by legal or social means.



On 2013.06.29 12.28, David Golumbia wrote:
> Further, the snoops use HUMINT to get technical access. it only
> takes one compromised friend on Facebook to allow downloading a
> huge amount of data, for example.

Because this is not a privacy-preserving system; it is designed to
encourage people to spread information by any means necessary.  Privacy
preservation is not purely a matter of comms protocols, but also user
behaviour shaping and the tools you give users to control where their
data is sent by default.

 I don't even think it's clear that HUMINT is more
> expensive than technical intelligence, and the budgets of snoop 
> agencies are not so constrained that cost is something we can take
>  comfort in.

HUMINT is more expensive than SIGINT if you want to target an entire
population.  If you want to target a specific individual, then yes,
that's an open question.  If we can make spying on people as expensive
as doing it via SIGINT, we have won the largest victory probable over
intelligence forces within the current scope of their operations, and
now the questions become centered around oversight and budget reduction.

>> Privacy-preserving, as a property, doesn't mean "if you don't
>> think about what you're doing in the world you can run black ops
>> on this platform".  It means "you can keep what you're doing here
>> private against mass observation by the motivated and targeted
>> observation by the non-resourced".  Or, at least, I think that's
>> a bar that's actually meaningful and can be achieved; what you're
>> talking about can't.
> 
> I'm having trouble parsing the two properties you lay out here;
> they are both much more complicated than I'd want to make them. I
> find privacy to be a simple property: "I'm not going to be snooped
> on by the govt without a warrant; companies are not going to
> collect my data and do inappropriate things with it." These are
> matters of law and governance.

It is not possible given what we have available to us as general purpose
capabilities in this moment to technically guarantee that "you won't get
snooped on without a warrant" at the fullest level of that statement,
which you seem to be insisting on taking.

> I believe that the world in which law and governance ensure these 
> principles is not only achievable, but the only meaningful kind of
>  privacy we can hope for. Our political sphere is governed by laws,
>  not human beings.

The notion that rule of law can effectively constrain US intelligence
forces is not borne out by 20th or 21st century history.

> Back to the original proposition, which did not appear to be yours:
>  building a social network and proclaiming it to be 
> "privacy-preserving" suggests to users that they will not be spied
>  on. While there may be some truth to the difficulty such networks
>  would pose for commercial data collection, any sense of security 
> from government spying such a network creates will be false.

Incorrect.  No, we cannot and should not suggest to users that "by using
such and such network they will not be spied on"; what we can do is
provide them with a deeper understanding of how such a network can and
cannot protect their privacy and against which kinds of actions from
which kinds of adversaries.

However, we can in fact build technical systems that make mass
surveillance infeasible expensive.  Until such point as we do so, we
have little or no functional ability to bargain with the black state
that is completely out of control.

> That will be true until and unless we have a legal structure built 
> to prevent that spying, in which case the technical methods aren't
>  necessary to begin with.

Technical capabilities for surveillance will always be abused if they
exist.  The law does not have a track record to claim otherwise.  Unless
we have a technical structure to prevent mass spying, it will happen, in
which case the legal methods are of secondary import.

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHPGE0ACgkQQwkE2RkM0wqb3gD+LdWHETIs1CFI5XOfFwfi9ZBg
47GMjznHnf0ZjsKfbJ0A/jkAFaoB+TEfuGUvlG43hoFdOfngszjV6+DAlNGcALct
=zob2
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[David Golumbia]

On Sat, Jun 29, 2013 at 12:05 PM, Eleanor Saitta  wrote:

>
> I'm not.  I'm trying to solve specific technical problems which
> support larger social ends.
>

I don't think "privacy preservation" is a technical problem, or at the
least, not largely a technical problem. I think it's (mostly) a legal and
social problem.

>
> This is fine.  I'm not saying that using a network like this will make
> you invulnerable to HUMINT.  What I am saying is that networks can a)
> force your adversary to use HUMINT (which is a lot more expensive),
> and possibly even give you some tools to help maintain your social
> graph integrity, etc.
>

I don't think "forcing your adversary to use HUMINT" is what most people
understand by "privacy preservation."

Further, the snoops use HUMINT to get technical access. it only takes one
compromised friend on Facebook to allow downloading a huge amount of data,
for example. I don't even think it's clear that HUMINT is more expensive
than technical intelligence, and the budgets of snoop agencies are not so
constrained that cost is something we can take comfort in.


> If we build tools that force spooks to use HUMINT to get in, we've won.
>

I really disagree with this, and I don't think it's what most people
understand by "privacy preservation." I don't think members of WikiLeaks or
LulzSec feel their privacy has been preserved because the penetration
involved (but was not limited to) HUMINT.

>
> Privacy-preserving, as a property, doesn't mean "if you don't think
> about what you're doing in the world you can run black ops on this
> platform".  It means "you can keep what you're doing here private
> against mass observation by the motivated and targeted observation by
> the non-resourced".  Or, at least, I think that's a bar that's
> actually meaningful and can be achieved; what you're talking about can't.
>
>
I'm having trouble parsing the two properties you lay out here; they are
both much more complicated than I'd want to make them. I find privacy to be
a simple property: "I'm not going to be snooped on by the govt without a
warrant; companies are not going to collect my data and do inappropriate
things with it." These are matters of law and governance. I believe that
the world in which law and governance ensure these principles is not only
achievable, but the only meaningful kind of privacy we can hope for. Our
political sphere is governed by laws, not human beings.

Back to the original proposition, which did not appear to be yours:
building a social network and proclaiming it to be "privacy-preserving"
suggests to users that they will not be spied on. While there may be some
truth to the difficulty such networks would pose for commercial data
collection, any sense of security from government spying such a network
creates will be false. That will be true until and unless we have a legal
structure built to prevent that spying, in which case the technical methods
aren't necessary to begin with.

-- 
David Golumbia
dgolum...@gmail.com
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Randolph D.]

http://retroshare.sf.net

2013/6/28 Alireza Mahdian :
> Hi,
>
> With all the recent news on NSA spying on social network users the concern
> over the user privacy has increased even more. I am not arguing whether it
> is ethical or not and whether it is needed for the safety of citizens and
> how effective it would be. even before this, social network providers like
> Facebook and Google were violating user privacy in so many ways and only a
> small fraction of it was revealed.
>
> A need for a more secure and private social network has always been there
> and was never adequately addressed. I have been working on this issue for a
> long time and I have been able to design and implement a social network that
> is inherently user privacy preserving. it uses military grade encryption and
> no authority can have any control over it. one design goal behind it was
> actually to make it resilient towards government imposed censorship and
> filtering. This is specially useful as it provides a very effective tool for
> democracy movement advocacy groups. I have implemented a prototype and you
> can check it out at http://joinmyzone.com . It is a complex piece of
> software but to summarize how it works you can think of it as implementing a
> social network over bittorrent. it supports all the common features of
> Facebook and Google+. Feel free to send me your feedbacks. thanks.
>
> Ali
>
> --
> Alireza Mahdian
> Department of Computer Science
> University of Colorado at Boulder
> Email: alireza.mahd...@gmail.com
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.29 11.49, David Golumbia wrote:
> I really think that is wrong, because it looks at the problem from 
> a purely technical level.

I'm not.  I'm trying to solve specific technical problems which
support larger social ends.

> This is documented spy operations 101, all over any history of
> CIA, NSA, etc., you care to read. In fact, it's old-fashioned
> spying, and the fetish for pursuing technological intelligence
> makes it easy to overlook the more pedestrian kind.

This is fine.  I'm not saying that using a network like this will make
you invulnerable to HUMINT.  What I am saying is that networks can a)
force your adversary to use HUMINT (which is a lot more expensive),
and possibly even give you some tools to help maintain your social
graph integrity, etc.

People want social network like things.  Not everyone in the world is
running a terrorist cell, and it makes no sense to expect them to
restructure their social lives as though they were, any more than it
makes sense to ask them to restructure their digital lives similarly.
 People want to share what they're doing with people they know and
like, and they want to do so in ways which have social currency, i.e.
which while they don't have to be at all centralized, are an
identifiable medium with identifiable social affordances.

This is going to happen and even if we could get rid of it, it would
mean a massive and terrifying distortion of the social lives of
everyone in the world, to the point where "the [state security
services] would have won".

If we build tools that force spooks to use HUMINT to get in, we've won.

Folks running intelligence operations of any kind will need to learn
better tradecraft, which has always been true.

Privacy-preserving, as a property, doesn't mean "if you don't think
about what you're doing in the world you can run black ops on this
platform".  It means "you can keep what you're doing here private
against mass observation by the motivated and targeted observation by
the non-resourced".  Or, at least, I think that's a bar that's
actually meaningful and can be achieved; what you're talking about can't.

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHPBckACgkQQwkE2RkM0wriPAD/fRfv8dsBPeBvjXGeXt6QPiWR
k6kDlU5Uy40mF9bNhB4BAJw23ZbDxfdOd+Wc/U8L8nelLC2xhApiSdYUkZ58s7n2
=dOeD
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[David Golumbia]

I really think that is wrong, because it looks at the problem from a purely
technical level.

We already know that in any given network, if the snoops cannot penetrate
it technically, they will penetrate it socially.

They do this either through setting up puppet accounts (very visible all
over Facebook, if you know what to look for), and if that fails, they
simply pay the most vulnerable member of the network, and/or blackmail
them.

This is documented spy operations 101, all over any history of CIA, NSA,
etc., you care to read. In fact, it's old-fashioned spying, and the fetish
for pursuing technological intelligence makes it easy to overlook the more
pedestrian kind.

if you put your personal information out there in any kind of centralized
shared environment (I mean: an environment which others know about, has a
name, etc., not necessarily technically centralized), and the snoops want
to know about the network, they will find out about it.

Look at how easily they penetrated very small networks of what one would
have expected to be extremely like-minded, security-conscious and very
small networks: WikiLeaks, LulzSec, using just these methods. There is
nothing paranoid or conspiratorial about this observation. the danger is
inherent in the network itself, and the solution is to craft laws and
oversight that prevent organizations like NSA and CIA from thinking they
have the authority to snoop. Otherwise, the snooping will occur, full stop.

On Sat, Jun 29, 2013 at 11:18 AM, Eleanor Saitta  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On 2013.06.29 11.09, David Golumbia wrote:
> > put more simply: the notion of a "privacy-preserving social
> > network" is an inherent contradiction in terms.
>
> No, it's totally not.  You can definitely build systems that allow
> people to have meaningful levels of privacy toward anyone not in the
> set of people with whom they choose to share data, while still letting
> them reasonably efficiently speak with those they want to speak with.
>  I don't see why there's anything inherently contradictory in this.
>
> E.
>
> - --
> Ideas are my favorite toys.
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.17 (MingW32)
>
> iF4EAREIAAYFAlHO+sQACgkQQwkE2RkM0wqCtQD/biQwnDGjxlqW6Ea/yZkYpbz2
> 6zTBdBW/zloHGzvZNAwA/1xbE7g2fXIa5EVLMoCR8t7q6MK7sXMeBpLaoY9rmgYF
> =aa3t
> -END PGP SIGNATURE-
>



-- 
David Golumbia
dgolum...@gmail.com
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.29 11.09, David Golumbia wrote:
> put more simply: the notion of a "privacy-preserving social
> network" is an inherent contradiction in terms.

No, it's totally not.  You can definitely build systems that allow
people to have meaningful levels of privacy toward anyone not in the
set of people with whom they choose to share data, while still letting
them reasonably efficiently speak with those they want to speak with.
 I don't see why there's anything inherently contradictory in this.

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHO+sQACgkQQwkE2RkM0wqCtQD/biQwnDGjxlqW6Ea/yZkYpbz2
6zTBdBW/zloHGzvZNAwA/1xbE7g2fXIa5EVLMoCR8t7q6MK7sXMeBpLaoY9rmgYF
=aa3t
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.29 11.15, Jonathan Wilkes wrote:
> It simply doesn't make sense to claim that someone didn't do 
> "meaningful work" when describing part of the research they've
> done as "awesome".

Wat?

I never said this work wasn't meaningful -- please don't attribute
things to me I never said.  We need more research into things like
social sharing for decentralized systems.  That part's awesome.
However, a research proposal is not a field-appropriate system, and
the architecture for one is (generally) unlikely to turn into one
without nontrivial evolution or a lot of luck.

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHO+moACgkQQwkE2RkM0wp9/gEAj6r1TRi3CLTKeFW0ICAEglYq
J4Vtspiuz84NhJcADhMA/3P8oZeLuOufKDeuoFOayJJcox+a26mhwdUHsG1PPEkO
=0f9e
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[David Golumbia]

put more simply: the notion of a "privacy-preserving social network" is an
inherent contradiction in terms.


On Sat, Jun 29, 2013 at 10:19 AM, Stephen Michael Kellat  wrote:

> On Thu, 27 Jun 2013 23:21:37 -0600
> Alireza Mahdian  wrote:
>
> > Hi,
> >
> > With all the recent news on NSA spying on social network users the
> concern over the user privacy has increased even more. I am not arguing
> whether it is ethical or not and whether it is needed for the safety of
> citizens and how effective it would be. even before this, social network
> providers like Facebook and Google were violating user privacy in so many
> ways and only a small fraction of it was revealed.
> >
> > A need for a more secure and private social network has always been
> there and was never adequately addressed. I have been working on this issue
> for a long time and I have been able to design and implement a social
> network that is inherently user privacy preserving. it uses military grade
> encryption and no authority can have any control over it. one design goal
> behind it was actually to make it resilient towards government imposed
> censorship and filtering. This is specially useful as it provides a very
> effective tool for democracy movement advocacy groups. I have implemented a
> prototype and you can check it out at http://joinmyzone.com . It is a
> complex piece of software but to summarize how it works you can think of it
> as implementing a social network over bittorrent. it supports all the
> common features of Facebook and Google+. Feel free to send me your
> feedbacks. thanks.
> >
> > Ali
> >
> > --
> > Alireza Mahdian
> > Department of Computer Science
> > University of Colorado at Boulder
> > Email: alireza.mahd...@gmail.com
> >
>
> Hello Ali!
>
> A couple quick questions after reading through most of the thread:
>
> 1.  Where can a copy of your dissertation be procured?  Is it available in
> an appropriate Open Access repository or would other steps need to be taken
> to secure a copy?
>
> 2.  As designer of a social network, what is your view of the Internet as
> a transport layer today?  How will it fare against various degrees of
> social and political instability found currently across this planet?
>
> 3.  Distilling it down to perhaps a couple sentences that do not repeat
> the thread subject line, how would you pitch usage of this social network
> to an average US consumer in contrast to mass market tools like Facebook or
> Twitter?
>
> Stephen Michael Kellat
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>



-- 
David Golumbia
dgolum...@gmail.com
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Jonathan Wilkes]

On 06/29/2013 01:13 AM, Eleanor Saitta wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.28 13.14, Jonathan Wilkes wrote:

Just curious, Eleanor-- once you implement your "bullet-proof"
privacy- preserving network, how do you plan to make the user
experience at all tolerable without automated mirroring like what
this developer has written and tested?

That's going to depend on the system and the situation.  With Briar,
we do things that are fairly similar, but we also make a point of
taking unlinkability seriously.  Research code into social mirroring?
  Awesome.


It simply doesn't make sense to claim that someone didn't do "meaningful
work" when describing part of the research they've done as "awesome".

-Jonathan
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Stephen Michael Kellat]

On Thu, 27 Jun 2013 23:21:37 -0600
Alireza Mahdian  wrote:

> Hi,
> 
> With all the recent news on NSA spying on social network users the concern 
> over the user privacy has increased even more. I am not arguing whether it is 
> ethical or not and whether it is needed for the safety of citizens and how 
> effective it would be. even before this, social network providers like 
> Facebook and Google were violating user privacy in so many ways and only a 
> small fraction of it was revealed. 
> 
> A need for a more secure and private social network has always been there and 
> was never adequately addressed. I have been working on this issue for a long 
> time and I have been able to design and implement a social network that is 
> inherently user privacy preserving. it uses military grade encryption and no 
> authority can have any control over it. one design goal behind it was 
> actually to make it resilient towards government imposed censorship and 
> filtering. This is specially useful as it provides a very effective tool for 
> democracy movement advocacy groups. I have implemented a prototype and you 
> can check it out at http://joinmyzone.com . It is a complex piece of software 
> but to summarize how it works you can think of it as implementing a social 
> network over bittorrent. it supports all the common features of Facebook and 
> Google+. Feel free to send me your feedbacks. thanks.
> 
> Ali
> 
> --
> Alireza Mahdian
> Department of Computer Science
> University of Colorado at Boulder
> Email: alireza.mahd...@gmail.com
> 

Hello Ali!

A couple quick questions after reading through most of the thread:

1.  Where can a copy of your dissertation be procured?  Is it available in an 
appropriate Open Access repository or would other steps need to be taken to 
secure a copy?

2.  As designer of a social network, what is your view of the Internet as a 
transport layer today?  How will it fare against various degrees of social and 
political instability found currently across this planet?

3.  Distilling it down to perhaps a couple sentences that do not repeat the 
thread subject line, how would you pitch usage of this social network to an 
average US consumer in contrast to mass market tools like Facebook or Twitter?

Stephen Michael Kellat
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network)

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.29 01.52, Alireza Mahdian wrote:
> I really hope all your other facts are not based on this link you 
> sent. as Matt rightfully put it we don't know the kind of cipher 
> that was used it could have been a  very primitive one. you are 
> making a very bold statement based on a very incomplete data.

Of course not.  Frankly, I'm not worried about cryptanalysis.  If the
easiest way into a system is by breaking crypto, we've succeeded beyond
our wildest expectations.  Snowden said, in passing, that strong
crypto does in fact work; he also said that the terrible state of host
security means that this is almost never a problem for NSA.

> As for your recommended approach of not releasing research
> softwares to regular users you have to know that MANY of the
> current technologies that are being used have their roots in
> research projects. You mention Tor and so many other applications
> and ALL of them have started as a research project in academia.

Yes, they have.  The accepted standard of care in this community is that
software should not be recommended to real users for use with real data
if it is targeting high-risk use cases (which an intentionally
privacy-preserving social network designed for the Iranian context
necessarily is) until it has undergone community review and focused
security analysis from professional analysts.  Not everything in the
community is at that point yet, but we're working on getting there.

Releasing code that's clearly marked as alpha and likely dangerous is
fine, as long as you make it clear to users that this code may not, in
fact, provide any of the properties it claims to provide until such
point as it's had an appropriate degree of review.

While we can't do anything about projects coming from outside academia,
I'd love to see IRBs start to enforce this for academic projects.  It'd
likely save lives.

> My claim is that MyZone is privacy preserving and I stand by it. I
>  never claimed that it is providing anonymity and in fact I have 
> pointed out that it does not even aim for it. As the creator of 
> MyZone I did not felt the need for unlinkability as deniability is
>  provided to a needed degree.

And what I'm telling you is that on the basis of what we've seen coming
back from the field, not to mention the documents we've seen confirming
things in the past few weeks, THERE IS NO SUCH THING AS PRIVACY WITHOUT
UNLINKABILITY.

The game is in traffic analysis.  Most of what's interesting about a
conversation comes from traffic analysis.  Post-hoc deniability of
specific messages is not a useful property in evading negative security
outcomes, because the suspicion of being part of the set of people who
could have sent a message is more than sufficient to justify picking
someone up in high-risk scenarios, and in lower-risk scenarios is likely
insufficient to convince a judge.

We as a community have a fundamentally backwards idea of what privacy
means (or so we now see).  Privacy does not mean confidentiality, it
means confidentiality and unlinkability at a minimum, and in many
regimes, it means confidentiality, unlinkability, and undetectability
(because if you live somewhere where using crypto gets you killed, Tor
can't help you).

By the standards that we've been applying as a community previously,
while I stand by my comments on research software, you're not doing
bad (although the devil is in the details); the problem is those
standards were wrong.

> You probably are not going to give my app even a try but I would 
> certainly give your "Bullet proof" solution if it ever sees the 
> light of the day a try and read its documentation in full before 
> criticizing it.

I don't know where this "bullet proof" nonsense comes from -- that's not
a claim I'd make; it's childish, like talking about "military-grade
encryption"; we can do better.

I've seen a dozen architectures proposed this week for different kinds
of privacy-preserving systems.  I'm not going to install all of them and
read all of their documentation; I have work to do.  I'm happy to
provide feedback on some of them when I have time.

I'm taking the time to provide more detailed feedback on this one
because I think we need to, as a community, have a conversation around
the properties that we design solutions for.

> I have tried SO MANY of these solutions that you mentioned in a
> very restrictive environment (I come from Iran and I have first
> hand experience on whatever you are mentioning here) and trust me
> they are often so slow (you have to consider dial up bandwidth)
> that you prefer to avoid them in the first place.

I understand the bandwidth limitations of many connections in a place
like Iran.  I know Tor is too slow right now.  I'm not trying to excuse
it.  What I'm saying is that we should be working on building systems
that can compose with it and working on making it faster, or working on
building alternate systems that provide the 

Re: [liberationtech] a privacy preserving and resilient social network

[Matt Johnson]

" Encryption meaningfully prevented a wiretap
for the first time ever in *2012* (or so we're told, for
non-intelligence domestic US wiretaps), and has only ever worked five
times."

What are you referring to? Do you have a pointer to more information?
I am very curious.

--
Matt Johnson



On Fri, Jun 28, 2013 at 10:13 PM, Eleanor Saitta  wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On 2013.06.28 13.14, Jonathan Wilkes wrote:
>> Just curious, Eleanor-- once you implement your "bullet-proof"
>> privacy- preserving network, how do you plan to make the user
>> experience at all tolerable without automated mirroring like what
>> this developer has written and tested?
>
> That's going to depend on the system and the situation.  With Briar,
> we do things that are fairly similar, but we also make a point of
> taking unlinkability seriously.  Research code into social mirroring?
>  Awesome.  Protocol design intended for deployment that ignores
> unlinkability?  Not awesome.
>
> More specifically, some of this is unrelated to Alireza's proposal --
> I'm using it to illustrate the kinds of shifts that we need to
> undertake in our thinking here.  It's not about *this* tool, it's
> about every tool we build.  To that end, I suppose I do owe them a bit
> of an apology -- really, it's nothing personal about this tool (and
> certainly not anything about them, although I hope that's obvious).
> It's all of us and everything that needs to shift.
>
> Finally, I should note in passing, I'm not trying to make something
> "bullet-proof".  I care about security outcomes, not security
> theories.  What I want to see is our tools reaching the point where
> we're actually playing the game, because right now, we're not even on
> the road to the stadium.  Encryption meaningfully prevented a wiretap
> for the first time ever in *2012* (or so we're told, for
> non-intelligence domestic US wiretaps), and has only ever worked five
> times.  This is pathetic and terrifying.  Let's become an actual problem.
>
> E.
>
> - --
> Ideas are my favorite toys.
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.17 (MingW32)
>
> iF4EAREIAAYFAlHObREACgkQQwkE2RkM0wrI1AD/aSD1R4PCjLVMxJGfY2s1CDLP
> 0EOaFBGkh3daJdsJ6moA/0DHZM5CoIwHpUN/3O6cx7HdKSmE6VcqxTsnI6+f9kt+
> =v8og
> -END PGP SIGNATURE-
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.28 13.14, Jonathan Wilkes wrote:
> Just curious, Eleanor-- once you implement your "bullet-proof"
> privacy- preserving network, how do you plan to make the user
> experience at all tolerable without automated mirroring like what
> this developer has written and tested?

That's going to depend on the system and the situation.  With Briar,
we do things that are fairly similar, but we also make a point of
taking unlinkability seriously.  Research code into social mirroring?
 Awesome.  Protocol design intended for deployment that ignores
unlinkability?  Not awesome.

More specifically, some of this is unrelated to Alireza's proposal --
I'm using it to illustrate the kinds of shifts that we need to
undertake in our thinking here.  It's not about *this* tool, it's
about every tool we build.  To that end, I suppose I do owe them a bit
of an apology -- really, it's nothing personal about this tool (and
certainly not anything about them, although I hope that's obvious).
It's all of us and everything that needs to shift.

Finally, I should note in passing, I'm not trying to make something
"bullet-proof".  I care about security outcomes, not security
theories.  What I want to see is our tools reaching the point where
we're actually playing the game, because right now, we're not even on
the road to the stadium.  Encryption meaningfully prevented a wiretap
for the first time ever in *2012* (or so we're told, for
non-intelligence domestic US wiretaps), and has only ever worked five
times.  This is pathetic and terrifying.  Let's become an actual problem.

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHObREACgkQQwkE2RkM0wrI1AD/aSD1R4PCjLVMxJGfY2s1CDLP
0EOaFBGkh3daJdsJ6moA/0DHZM5CoIwHpUN/3O6cx7HdKSmE6VcqxTsnI6+f9kt+
=v8og
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.28 15.20, Yosem Companys wrote:
> I want to commend Alirezza.
> 
> It's very important for us to welcome all those who design and
> conduct research on liberation technologies,  I commend him for
> trying to build something of importance to all of us and dealing
> with the inevitable issues that result from doing so.
> 
> One of the great things of this list is that others with 
> liberationtech experience are kind enough to give feedback to
> folks like Alirezza.
> 
> As always, however, let's try to keep the discussion constructive. 
> Rather than simply point out why certain things may not work,
> outline your ideas about how these limitations could be overcome.
> Everything has a solution, if only we brainstorm the problem long
> enough.
> 
> It's one of the best ways we can all learn from one another and 
> continue to make progress in the field.

While I don't disagree at some level, we get a fairly complicated
architectural proposal coming through here on average of once a week;
more like once every few days lately.  Providing a thorough diagnosis
of how to fix said architecture while maintaining the quite often
incompatible goals of the original proposer would eat all of the time
of many of the people on this list.

There is, in fact, value in saying "here are the things that you have
not thought about that present problems with your design", especially
when they are in fact general issues that face many of us.  Hopefully,
folks who are doing new work in this field can look at the problems
that previous architectures have run into along the way and design
systems that don't have those issues.  This is standard engineering
practice.  If a solution is obvious while I'm writing a note like the
one I wrote, I'm happy to propose it, and do.  Sometimes however, the
answer is "I'm sorry, you're solving the wrong problem."

I think it's especially important to point out problems when systems
are presented as something that might not be purely just research
code.  I'm all for research prototypes of all kinds of crazy
architectures that we might learn something from, as long as we don't
try to deploy them to real users.  If something sounds like they might
be looking at taking on real users at some point (such as when they
start worrying about user content), then I think we have a
responsibility to make sure that errors are pointed out -- which is
why I'm taking the time to make the posts I have.

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHOavEACgkQQwkE2RkM0wpJiAD+Kf0ign7FmOY7S+EcGnJt5TGo
V6eysUhwHDv7qyFAXW8A/iG0D1cJN8EoL7hBejshKe2UUedm8RVafUJt2rtSaTKS
=zRPO
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

[apologies for top-posting]

There are different kinds of linkability that matter.  Linkability
from an external adversary and my ability to identify myself to a
friend are unrelated.  If we posit a Facebook where I only connect via
Tor, only post encrypted content, and also post chaff content so the
service can't tell what content is even real, the other people who I
a) tell the username to, and b) give the encryption key to can still
use the network just fine -- from their perspective, it's the same
experience.  The difference is that from an outsider's perspective,
it's noise -- they can't tell who's connecting to the service, how
much traffic they're sending, what it is, or who's reading it.

Location privacy is a critical part of unlinkability.  If I can tell
where people are located in the physical world, I can use that to
reverse engineer an otherwise pseudonymous social graph and
disambiguate social graph chaff, as is provided with your mirroring.
Likewise, message transit times when all connections are observable
will serve to distinguish between initial post propagation and mirroring.

Services that attempt to provide deniability have an interesting
problem to deal with.  Deniability is poorly defined (c.f. the
difference between hidden volume deniability in TrueCrypt and the
deniability property in OTR).  In each case, they're trying to use
technical properties of a system to enable a user to perform a certain
kind of real-world falsehood.  Enabling your users to lie has (at
least) two failure modes: the first is that the lie isn't complete
(for Truecrypt, maintaining hidden volume confidentiality is
sufficiently difficult that I'd call it field-impossible for most
moderately technical users faced with a competent forensics
technician), which means that you may be encouraging them to take
risks that will get them caught and in more trouble than otherwise,
while not giving them the degree of security they expected.  The
second is that the lie isn't plausible -- in theory, after keys have
been published at session end, another user could fake an OTR message
as having been part of that session.  However, given a wiretap taken
to even the most minimal level of forensic standards, no judge will
ever find this plausible when presented as evidence that a separately
captured transcript might have been forged.  Again, the feature is
non-functional in the real world.

Services that claim to provide a form of deniability have an
exceptionally high bar to reach to prove any degree of field utility.
 Deniability features often make protocols much more complicated (see
mpOTR) for no real gain.  Thus, I would claim that barring further
research (both field and protocol), it should be avoided as a protocol
goal.

I am a very strong believer in distributed systems.  They are key to
any freedom we may regain online.  I also see very clearly that the
set of privacy properties that we believed were necessary are
different than we previously understood, and that we need to change
the systems we research immediately in reaction to this.

Yes, Tor is slow.  This doesn't mean it's ok to say that "well, I care
about user experience, therefor we have to give up on network
unlinkability".  You'd never dream of saying that about
authentication, right?  Well, now you've got another thing you have no
choice but to deal with.

E.


On 2013.06.28 15.01, Alireza Mahdian wrote:
> To answer your concerns Eleanor: If you are talking about content 
> unlinkability as implemented in Darknet I don't want that in a
> social network that works like Facebook. I want to be able to trust
> the contents that are published on it based on their linkability to
> their publishers. Think of Facebook with no content linkability, it
> is not even meaningful anymore. what does it mean to have a wall if
> no one knows who the wall belongs to. it is a completely different
> experience and I did not want that in MyZone. I was more aiming at
> a distributed Facebook where user contents are stored on their own
> devices and mirrored on trusted devices.
> 
> Now if you are talking about the linkability of users within the
> social graph I would also recommend you to take a look at my thesis
> where I have introduced the concept of social hosting. an advantage
> of this is that let's say user A and B are friends also B and C are
> friends but not A and C. if B chooses A as a mirror then C would at
> some point connect to A to receive B's updates or interact with B's
> profile while it is offline (writing something on B's wall for
> example) at this point the entity that monitors all the links
> (let's say the government) would wrongly assume that A and C are
> friends (linkability) while it is not true. now the users can use
> this to their advantage and when prosecuted they can deny the
> linkability by just giving the counter example of this i.e. if A
> and C are really friends and A happens to be a pers

Re: [liberationtech] a privacy preserving and resilient social network

[Yosem Companys]

I want to commend Alirezza.

It's very important for us to welcome all those who design and conduct
research on liberation technologies,  I commend him for trying to
build something of importance to all of us and dealing with the
inevitable issues that result from doing so.

One of the great things of this list is that others with
liberationtech experience are kind enough to give feedback to folks
like Alirezza.

As always, however, let's try to keep the discussion constructive.
Rather than simply point out why certain things may not work, outline
your ideas about how these limitations could be overcome.  Everything
has a solution, if only we brainstorm the problem long enough.

It's one of the best ways we can all learn from one another and
continue to make progress in the field.

Best,

Yosem, one of the list moderators



On Fri, Jun 28, 2013 at 12:01 PM, Alireza Mahdian
 wrote:
> To answer your concerns Eleanor: If you are talking about content
> unlinkability as implemented in Darknet I don't want that in a social
> network that works like Facebook. I want to be able to trust the contents
> that are published on it based on their linkability to their publishers.
> Think of Facebook with no content linkability, it is not even meaningful
> anymore. what does it mean to have a wall if no one knows who the wall
> belongs to. it is a completely different experience and I did not want that
> in MyZone. I was more aiming at a distributed Facebook where user contents
> are stored on their own devices and mirrored on trusted devices.
>
> Now if you are talking about the linkability of users within the social
> graph I would also recommend you to take a look at my thesis where I have
> introduced the concept of social hosting. an advantage of this is that let's
> say user A and B are friends also B and C are friends but not A and C. if B
> chooses A as a mirror then C would at some point connect to A to receive B's
> updates or interact with B's profile while it is offline (writing something
> on B's wall for example) at this point the entity that monitors all the
> links (let's say the government) would wrongly assume that A and C are
> friends (linkability) while it is not true. now the users can use this to
> their advantage and when prosecuted they can deny the linkability by just
> giving the counter example of this i.e. if A and C are really friends and A
> happens to be a person of interest C can always claim that A was not his
> friend and he only connected to A because it was hosting B which is a non
> threatening user. I have introduced the concept of deniability while
> providing authentication in the system. the authenticity is valid within the
> social network (if A publishes something it is traced back to A by all of
> A's friends) while the deniability is valid outside the social network (as I
> made the example). As john mentioned the user experience is very important
> if at some point this system is going to compete with something like
> Facebook therefore implementing this on top of an overlay network would not
> be a good design choice. As for any system I am not claiming that this
> system does not suffer from any drawbacks but at least it's a fully
> functioning system that provides a pretty good user experience while
> preserving their privacy. also at its full implementation it is resilient
> towards large scale DDoS attacks and black outs which is what I mean by
> resiliency.
>
> To answer John: As I mentioned in an earlier post I have done this protect
> myself from any liability if someone modifies the code rendering it a
> malware. I may publish the service layer code independently under a
> different license where anyone can modify it as they want to. However I do
> understand your point.
>
> On Jun 28, 2013, at 11:14 AM, Jonathan Wilkes  wrote:
>
>
> From: Eleanor Saitta 
> To: liberationtech 
> Sent: Friday, June 28, 2013 12:24 PM
> Subject: Re: [liberationtech] a privacy preserving and resilient social
> network
>
> [...]
>
>>Congratulations!  Your job is now to figure out how to make it faster
> while keeping the same privacy guarantees.  You don't get to opt out,
> because you can't do any meaningful work until you've done this.
> Actually it looks like there might be meaningful work here on the mirroring
> front.  Mirroring content on trusted friends' machines is something the
> Freedombox folks mused about, and the video demos what looks like
> a user-friendly implementation of the same idea.
>
> Just curious, Eleanor-- once you implement your "bullet-proof" privacy-
> preserving network, how do you plan to make the user experience at all
> tolerable without automated mirroring like

Re: [liberationtech] a privacy preserving and resilient social network

[Alireza Mahdian]

To answer your concerns Eleanor: If you are talking about content unlinkability 
as implemented in Darknet I don't want that in a social network that works like 
Facebook. I want to be able to trust the contents that are published on it 
based on their linkability to their publishers. Think of Facebook with no 
content linkability, it is not even meaningful anymore. what does it mean to 
have a wall if no one knows who the wall belongs to. it is a completely 
different experience and I did not want that in MyZone. I was more aiming at a 
distributed Facebook where user contents are stored on their own devices and 
mirrored on trusted devices. 

Now if you are talking about the linkability of users within the social graph I 
would also recommend you to take a look at my thesis where I have introduced 
the concept of social hosting. an advantage of this is that let's say user A 
and B are friends also B and C are friends but not A and C. if B chooses A as a 
mirror then C would at some point connect to A to receive B's updates or 
interact with B's profile while it is offline (writing something on B's wall 
for example) at this point the entity that monitors all the links (let's say 
the government) would wrongly assume that A and C are friends (linkability) 
while it is not true. now the users can use this to their advantage and when 
prosecuted they can deny the linkability by just giving the counter example of 
this i.e. if A and C are really friends and A happens to be a person of 
interest C can always claim that A was not his friend and he only connected to 
A because it was hosting B which is a non threatening user. I have introduced 
the concept of deniability while providing authentication in the system. the 
authenticity is valid within the social network (if A publishes something it is 
traced back to A by all of A's friends) while the deniability is valid outside 
the social network (as I made the example). As john mentioned the user 
experience is very important if at some point this system is going to compete 
with something like Facebook therefore implementing this on top of an overlay 
network would not be a good design choice. As for any system I am not claiming 
that this system does not suffer from any drawbacks but at least it's a fully 
functioning system that provides a pretty good user experience while preserving 
their privacy. also at its full implementation it is resilient towards large 
scale DDoS attacks and black outs which is what I mean by resiliency. 

To answer John: As I mentioned in an earlier post I have done this protect 
myself from any liability if someone modifies the code rendering it a malware. 
I may publish the service layer code independently under a different license 
where anyone can modify it as they want to. However I do understand your point.

On Jun 28, 2013, at 11:14 AM, Jonathan Wilkes  wrote:

> 
> From: Eleanor Saitta 
> To: liberationtech  
> Sent: Friday, June 28, 2013 12:24 PM
> Subject: Re: [liberationtech] a privacy preserving and resilient social 
> network
>  
> [...]
> 
> >Congratulations!  Your job is now to figure out how to make it faster
> while keeping the same privacy guarantees.  You don't get to opt out,
> because you can't do any meaningful work until you've done this.
> Actually it looks like there might be meaningful work here on the mirroring
> front.  Mirroring content on trusted friends' machines is something the
> Freedombox folks mused about, and the video demos what looks like
> a user-friendly implementation of the same idea.
>  
> Just curious, Eleanor-- once you implement your "bullet-proof" privacy-
> preserving network, how do you plan to make the user experience at all
> tolerable without automated mirroring like what this developer has written
> and tested?
>  
> Of course this is all moot while the license of "it's free and open, as long
> as you ask me first and I agree" is in effect.  I can't imagine anyone taking
> a serious look at the code with that.
>  
> -Jonathan
>  
> -Jonathan
>  
> E.
> 
> - -- 
> Ideas are my favorite toys.
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.17 (MingW32)
> 
> iF4EAREIAAYFAlHNuKUACgkQQwkE2RkM0wr0/wD+IVTnHPuZzNSs6hqEIP0gyaiQ
> 8J351/zcc6UWICx6suEBAIVLljasG1kp4vOMjwCclkxYdOFcsfQBJSAp2zjvWX7D
> =cHDZ
> -END PGP SIGNATURE-
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> 
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/m

Re: [liberationtech] a privacy preserving and resilient social network

[Jonathan Wilkes]

 


 From: Eleanor Saitta 
To: liberationtech  
Sent: Friday, June 28, 2013 12:24 PM
Subject: Re: [liberationtech] a privacy preserving and resilient social network
  

[...]

>Congratulations!  Your job is now to figure out how to make it faster
while keeping the same privacy guarantees.  You don't get to opt out,
because you can't do any meaningful work until you've done this.

Actually it looks like there might be meaningful work here on the mirroring
front.  Mirroring content on trusted friends' machines is something the
Freedombox folks mused about, and the video demos what looks like
a user-friendly implementation of the same idea.

Just curious, Eleanor-- once you implement your "bullet-proof" privacy-
preserving network, how do you plan to make the user experience at all
tolerable without automated mirroring like what this developer has written
and tested?

Of course this is all moot while the license of "it's free and open, as long
as you ask me first and I agree" is in effect.  I can't imagine anyone taking
a serious look at the code with that.

-Jonathan

-Jonathan

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHNuKUACgkQQwkE2RkM0wr0/wD+IVTnHPuZzNSs6hqEIP0gyaiQ
8J351/zcc6UWICx6suEBAIVLljasG1kp4vOMjwCclkxYdOFcsfQBJSAp2zjvWX7D
=cHDZ
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Eleanor Saitta]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 2013.06.28 03.37, Alireza Mahdian wrote:
> First of all anonymity is not a goal here.

I'm going to come down on you kind of hard here, but it's not aimed at
you, it's aimed at everyone building systems like this.

A month ago, you could plausibly argue that it was possible to build
privacy-preserving tools that did not provided unlinkability (what you
mean when you say anonymity).

This is now revealed as obviously, laughably, tragically, and utterly
false.

Social graph and traffic analysis is the name of the game.  Content
protection actually matters much *less* than unlinkability.

If you claim to be building privacy preserving system and it either does
not provide strong unlinkability as at least an option, or creates
central points of trust failure where someone can be compelled into
compromising the network, you have done nothing.

Yes, there are different tools that are appropriate for different
contexts.  However, there is little or no point in doing further
research on so-called privacy perserving tools that do not preserve
privacy.

This sucks for folks who have grant money and research time tied up in
existing project that are now plainly irrelevant.  Tough.  The world
changed, and we as a community need to move on, in a hurry.

> A structure similar to I2P or Tor that uses overlay network would
> be very inefficient due to network delays

Congratulations!  Your job is now to figure out how to make it faster
while keeping the same privacy guarantees.  You don't get to opt out,
because you can't do any meaningful work until you've done this.

This sucks.  I would be quite happy to live in a world where these
were not the constraints we as developers had to live with.  But we
don't get that choice.

E.

- -- 
Ideas are my favorite toys.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iF4EAREIAAYFAlHNuKUACgkQQwkE2RkM0wr0/wD+IVTnHPuZzNSs6hqEIP0gyaiQ
8J351/zcc6UWICx6suEBAIVLljasG1kp4vOMjwCclkxYdOFcsfQBJSAp2zjvWX7D
=cHDZ
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Ali-Reza Anghaie]

In your resources section - you're not drawing a direct comparison but
do note model shortcomings. No worries there.. I'm trying to
understand what your design is in the context of your opening email to
the list:

"military grade encryption and no authority can have any control over
it. one design goal behind it was actually to make it resilient
towards government imposed censorship and filtering"

Which is why I brought up I2P's existing stack for example.

I'll leave it be, I'm not trying to stir you up. I'm just trying to
understand the decisions made in that statement's context. Cheers,
-Ali


On Fri, Jun 28, 2013 at 4:19 AM, Alireza Mahdian
 wrote:
> MyZone is not addressing the same issues as Tor and I2P. I have never
> compared them to MyZone in any part of my thesis. I was also never critical
> of those systems as they are not relevant to what MyZone tries to achieve
> with the exception of Diaspora which is not a peer to peer application and
> requires its users to set up their own servers. I also specifically point
> out the security limitations of our approach in section 7.3. If the CA is
> compromised then the security of all users is jeopardized as for any PKI.
> Even if the CA is attacked (DDoS attack not a private key hijacking) the
> existing users are not affected since the public key of the CA is already
> shipped with the software.
>
> On Jun 28, 2013, at 1:56 AM, Ali-Reza Anghaie  wrote:
>
> Thank you - I read your comments on Diaspora, Tor, I2P, etc. and
> through section 4.2.2 (Adversary Model) of your thesis. I find it
> curious that some of the issues you're critical of in those systems
> you've actually implemented into your own design (e.g. you do have a
> central server/trust dependency with the CA). I may go back and
> continue reading 5 later as I'm interested in how you implement your
> CA model (4.2.1 / 6.1). My questions of the earlier sections probably
> would only be addressed further in the thesis. Until next time - good
> luck. Cheers, -Ali
>
>
> On Fri, Jun 28, 2013 at 3:37 AM, Alireza Mahdian
>  wrote:
>
> First of all anonymity is not a goal here. I have to be clear on that. A
> structure similar to I2P or Tor that uses overlay network would be very
> inefficient due to network delays). as for using a Jetty stack we chose Java
> as the language to implement this software in order to have a platform
> independent application in one code base and at it is also supported on
> Android as we are developing an smartphone app as well. Using Java has saved
> us a lot of time getting this app ready for different platforms. The jetty
> is a lightweight Java based web server that also installs on android so
> seemed like a good choice to use to serve the UIs and we chose to use web
> interface to implement the UIs as it feels more like common social networks
> like facebook and google+ also future UI enhancements are easier on a web
> app. as for the user, they are not even aware that a web server is being run
> on their computer as no installation or configuration has been done by the
> user. they only run the MyZone launcher and it opens up the browser loading
> their feed page. We have considered a lot of user feedbacks when we designed
> MyZone. this software has a somewhat complex design and there are so many
> small details involved as well so if you have any further questions
> regarding our design choices I would like to refer you to
> http://joinmyzone.com/Thesis.pdf
>
> On Jun 28, 2013, at 1:17 AM, Ali-Reza Anghaie  wrote:
>
> *nod* Yeah, that's was the hint I got.. but the bits about relay
> servers, registration, etc. Lets set those aside.
>
> How do you ~intend~ for this to behave in the wild? Every single
> client w/ a Jetty stack? And - given that footprint - why not start
> within a framework like I2P? (I'm not recommending anything, I'm
> trying to understand without going too far off-kilter.)
>
> -Ali
>
>
> On Fri, Jun 28, 2013 at 3:09 AM, Alireza Mahdian
>  wrote:
>
> those are all to protect our organization (CU Boulder) from any liability.
> also the contents that can be shared on this social network can be pretty
> much anything and since we can't control or monitor any of the contents
> being shared we had to have a strict terms of use agreement just to be clear
> that if the terms of use agreement is violated we are not gonna be liable.
>
> On Jun 28, 2013, at 1:06 AM, Ali-Reza Anghaie  wrote:
>
> I had similar confusion when I first started poking around - couldn't
> find a proper LICENSE file and then the ToUs including things that
> read an awful lot like Facebook instead of a distrubuted
> privacy-centric system.
>
> Including:
>
> ---
> a. You will not provide any false personal information on MyZone, or
> create an account for anyone other than yourself without permission.
>
> b. You will not create more than one personal profile.
> ---
>
> My guess is this is because of the Uni affiliation right now..
>
> Architecture right now I'm not going to com

Re: [liberationtech] a privacy preserving and resilient social network

[Alireza Mahdian]

MyZone is not addressing the same issues as Tor and I2P. I have never compared 
them to MyZone in any part of my thesis. I was also never critical of those 
systems as they are not relevant to what MyZone tries to achieve with the 
exception of Diaspora which is not a peer to peer application and requires its 
users to set up their own servers. I also specifically point out the security 
limitations of our approach in section 7.3. If the CA is compromised then the 
security of all users is jeopardized as for any PKI. Even if the CA is attacked 
(DDoS attack not a private key hijacking) the existing users are not affected 
since the public key of the CA is already shipped with the software. 

On Jun 28, 2013, at 1:56 AM, Ali-Reza Anghaie  wrote:

> Thank you - I read your comments on Diaspora, Tor, I2P, etc. and
> through section 4.2.2 (Adversary Model) of your thesis. I find it
> curious that some of the issues you're critical of in those systems
> you've actually implemented into your own design (e.g. you do have a
> central server/trust dependency with the CA). I may go back and
> continue reading 5 later as I'm interested in how you implement your
> CA model (4.2.1 / 6.1). My questions of the earlier sections probably
> would only be addressed further in the thesis. Until next time - good
> luck. Cheers, -Ali
> 
> 
> On Fri, Jun 28, 2013 at 3:37 AM, Alireza Mahdian
>  wrote:
>> First of all anonymity is not a goal here. I have to be clear on that. A
>> structure similar to I2P or Tor that uses overlay network would be very
>> inefficient due to network delays). as for using a Jetty stack we chose Java
>> as the language to implement this software in order to have a platform
>> independent application in one code base and at it is also supported on
>> Android as we are developing an smartphone app as well. Using Java has saved
>> us a lot of time getting this app ready for different platforms. The jetty
>> is a lightweight Java based web server that also installs on android so
>> seemed like a good choice to use to serve the UIs and we chose to use web
>> interface to implement the UIs as it feels more like common social networks
>> like facebook and google+ also future UI enhancements are easier on a web
>> app. as for the user, they are not even aware that a web server is being run
>> on their computer as no installation or configuration has been done by the
>> user. they only run the MyZone launcher and it opens up the browser loading
>> their feed page. We have considered a lot of user feedbacks when we designed
>> MyZone. this software has a somewhat complex design and there are so many
>> small details involved as well so if you have any further questions
>> regarding our design choices I would like to refer you to
>> http://joinmyzone.com/Thesis.pdf
>> 
>> On Jun 28, 2013, at 1:17 AM, Ali-Reza Anghaie  wrote:
>> 
>> *nod* Yeah, that's was the hint I got.. but the bits about relay
>> servers, registration, etc. Lets set those aside.
>> 
>> How do you ~intend~ for this to behave in the wild? Every single
>> client w/ a Jetty stack? And - given that footprint - why not start
>> within a framework like I2P? (I'm not recommending anything, I'm
>> trying to understand without going too far off-kilter.)
>> 
>> -Ali
>> 
>> 
>> On Fri, Jun 28, 2013 at 3:09 AM, Alireza Mahdian
>>  wrote:
>> 
>> those are all to protect our organization (CU Boulder) from any liability.
>> also the contents that can be shared on this social network can be pretty
>> much anything and since we can't control or monitor any of the contents
>> being shared we had to have a strict terms of use agreement just to be clear
>> that if the terms of use agreement is violated we are not gonna be liable.
>> 
>> On Jun 28, 2013, at 1:06 AM, Ali-Reza Anghaie  wrote:
>> 
>> I had similar confusion when I first started poking around - couldn't
>> find a proper LICENSE file and then the ToUs including things that
>> read an awful lot like Facebook instead of a distrubuted
>> privacy-centric system.
>> 
>> Including:
>> 
>> ---
>> a. You will not provide any false personal information on MyZone, or
>> create an account for anyone other than yourself without permission.
>> 
>> b. You will not create more than one personal profile.
>> ---
>> 
>> My guess is this is because of the Uni affiliation right now..
>> 
>> Architecture right now I'm not going to comment on. Going to
>> reconsider past biases first.. -Ali
>> 
>> 
>> On Fri, Jun 28, 2013 at 2:59 AM, Alireza Mahdian
>>  wrote:
>> 
>> this is to prevent modifications that would render it as a malware. I
>> haven't signed the code yet so I am just protecting myself from such
>> liabilities.
>> 
>> On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:
>> 
>> I like the idea, so I was checking it out. I was confused by this
>> statement in the download terms:
>> 
>> Since MyZone Client Application is open source, you will not change any
>> part of MyZone’s code without the written approval of MyZon

Re: [liberationtech] a privacy preserving and resilient social network

[Ali-Reza Anghaie]

Thank you - I read your comments on Diaspora, Tor, I2P, etc. and
through section 4.2.2 (Adversary Model) of your thesis. I find it
curious that some of the issues you're critical of in those systems
you've actually implemented into your own design (e.g. you do have a
central server/trust dependency with the CA). I may go back and
continue reading 5 later as I'm interested in how you implement your
CA model (4.2.1 / 6.1). My questions of the earlier sections probably
would only be addressed further in the thesis. Until next time - good
luck. Cheers, -Ali


On Fri, Jun 28, 2013 at 3:37 AM, Alireza Mahdian
 wrote:
> First of all anonymity is not a goal here. I have to be clear on that. A
> structure similar to I2P or Tor that uses overlay network would be very
> inefficient due to network delays). as for using a Jetty stack we chose Java
> as the language to implement this software in order to have a platform
> independent application in one code base and at it is also supported on
> Android as we are developing an smartphone app as well. Using Java has saved
> us a lot of time getting this app ready for different platforms. The jetty
> is a lightweight Java based web server that also installs on android so
> seemed like a good choice to use to serve the UIs and we chose to use web
> interface to implement the UIs as it feels more like common social networks
> like facebook and google+ also future UI enhancements are easier on a web
> app. as for the user, they are not even aware that a web server is being run
> on their computer as no installation or configuration has been done by the
> user. they only run the MyZone launcher and it opens up the browser loading
> their feed page. We have considered a lot of user feedbacks when we designed
> MyZone. this software has a somewhat complex design and there are so many
> small details involved as well so if you have any further questions
> regarding our design choices I would like to refer you to
> http://joinmyzone.com/Thesis.pdf
>
> On Jun 28, 2013, at 1:17 AM, Ali-Reza Anghaie  wrote:
>
> *nod* Yeah, that's was the hint I got.. but the bits about relay
> servers, registration, etc. Lets set those aside.
>
> How do you ~intend~ for this to behave in the wild? Every single
> client w/ a Jetty stack? And - given that footprint - why not start
> within a framework like I2P? (I'm not recommending anything, I'm
> trying to understand without going too far off-kilter.)
>
> -Ali
>
>
> On Fri, Jun 28, 2013 at 3:09 AM, Alireza Mahdian
>  wrote:
>
> those are all to protect our organization (CU Boulder) from any liability.
> also the contents that can be shared on this social network can be pretty
> much anything and since we can't control or monitor any of the contents
> being shared we had to have a strict terms of use agreement just to be clear
> that if the terms of use agreement is violated we are not gonna be liable.
>
> On Jun 28, 2013, at 1:06 AM, Ali-Reza Anghaie  wrote:
>
> I had similar confusion when I first started poking around - couldn't
> find a proper LICENSE file and then the ToUs including things that
> read an awful lot like Facebook instead of a distrubuted
> privacy-centric system.
>
> Including:
>
> ---
> a. You will not provide any false personal information on MyZone, or
> create an account for anyone other than yourself without permission.
>
> b. You will not create more than one personal profile.
> ---
>
> My guess is this is because of the Uni affiliation right now..
>
> Architecture right now I'm not going to comment on. Going to
> reconsider past biases first.. -Ali
>
>
> On Fri, Jun 28, 2013 at 2:59 AM, Alireza Mahdian
>  wrote:
>
> this is to prevent modifications that would render it as a malware. I
> haven't signed the code yet so I am just protecting myself from such
> liabilities.
>
> On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:
>
> I like the idea, so I was checking it out. I was confused by this
> statement in the download terms:
>
> Since MyZone Client Application is open source, you will not change any
> part of MyZone’s code without the written approval of MyZone’s copyright
> owner Alireza Mahdian reached at (alireza.mahdian at colorado dot edu).
>
>
> Can you explain what you mean? Usually, something called "open source"
> can be modified without any additional written approval.
>
> -john
>
> --
> John Sullivan | Executive Director, Free Software Foundation
> GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS
>
> Do you use free software? Donate to join the FSF and support freedom at
> .
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Alireza Mahdian
> Department of Computer Science
> University of Colorado at Boulder
> Email: alireza.mahd...@gmail.com
>
>
> --
> Too many ema

Re: [liberationtech] a privacy preserving and resilient social network

[Alireza Mahdian]

First of all anonymity is not a goal here. I have to be clear on that. A 
structure similar to I2P or Tor that uses overlay network would be very 
inefficient due to network delays). as for using a Jetty stack we chose Java as 
the language to implement this software in order to have a platform independent 
application in one code base and at it is also supported on Android as we are 
developing an smartphone app as well. Using Java has saved us a lot of time 
getting this app ready for different platforms. The jetty is a lightweight Java 
based web server that also installs on android so seemed like a good choice to 
use to serve the UIs and we chose to use web interface to implement the UIs as 
it feels more like common social networks like facebook and google+ also future 
UI enhancements are easier on a web app. as for the user, they are not even 
aware that a web server is being run on their computer as no installation or 
configuration has been done by the user. they only run the MyZone launcher and 
it opens up the browser loading their feed page. We have considered a lot of 
user feedbacks when we designed MyZone. this software has a somewhat complex 
design and there are so many small details involved as well so if you have any 
further questions regarding our design choices I would like to refer you to 
http://joinmyzone.com/Thesis.pdf

On Jun 28, 2013, at 1:17 AM, Ali-Reza Anghaie  wrote:

> *nod* Yeah, that's was the hint I got.. but the bits about relay
> servers, registration, etc. Lets set those aside.
> 
> How do you ~intend~ for this to behave in the wild? Every single
> client w/ a Jetty stack? And - given that footprint - why not start
> within a framework like I2P? (I'm not recommending anything, I'm
> trying to understand without going too far off-kilter.)
> 
> -Ali
> 
> 
> On Fri, Jun 28, 2013 at 3:09 AM, Alireza Mahdian
>  wrote:
>> those are all to protect our organization (CU Boulder) from any liability.
>> also the contents that can be shared on this social network can be pretty
>> much anything and since we can't control or monitor any of the contents
>> being shared we had to have a strict terms of use agreement just to be clear
>> that if the terms of use agreement is violated we are not gonna be liable.
>> 
>> On Jun 28, 2013, at 1:06 AM, Ali-Reza Anghaie  wrote:
>> 
>> I had similar confusion when I first started poking around - couldn't
>> find a proper LICENSE file and then the ToUs including things that
>> read an awful lot like Facebook instead of a distrubuted
>> privacy-centric system.
>> 
>> Including:
>> 
>> ---
>> a. You will not provide any false personal information on MyZone, or
>> create an account for anyone other than yourself without permission.
>> 
>> b. You will not create more than one personal profile.
>> ---
>> 
>> My guess is this is because of the Uni affiliation right now..
>> 
>> Architecture right now I'm not going to comment on. Going to
>> reconsider past biases first.. -Ali
>> 
>> 
>> On Fri, Jun 28, 2013 at 2:59 AM, Alireza Mahdian
>>  wrote:
>> 
>> this is to prevent modifications that would render it as a malware. I
>> haven't signed the code yet so I am just protecting myself from such
>> liabilities.
>> 
>> On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:
>> 
>> I like the idea, so I was checking it out. I was confused by this
>> statement in the download terms:
>> 
>> Since MyZone Client Application is open source, you will not change any
>> part of MyZone’s code without the written approval of MyZone’s copyright
>> owner Alireza Mahdian reached at (alireza.mahdian at colorado dot edu).
>> 
>> 
>> Can you explain what you mean? Usually, something called "open source"
>> can be modified without any additional written approval.
>> 
>> -john
>> 
>> --
>> John Sullivan | Executive Director, Free Software Foundation
>> GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS
>> 
>> Do you use free software? Donate to join the FSF and support freedom at
>> .
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> 
>> 
>> 
>> --
>> Alireza Mahdian
>> Department of Computer Science
>> University of Colorado at Boulder
>> Email: alireza.mahd...@gmail.com
>> 
>> 
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> 
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> 
>> 
>> 
>> --
>> Alireza Mahdian
>> Department of Computer Science
>> University of Colorado at Boulder
>> Email: alireza.

Re: [liberationtech] a privacy preserving and resilient social network

[Ali-Reza Anghaie]

*nod* Yeah, that's was the hint I got.. but the bits about relay
servers, registration, etc. Lets set those aside.

How do you ~intend~ for this to behave in the wild? Every single
client w/ a Jetty stack? And - given that footprint - why not start
within a framework like I2P? (I'm not recommending anything, I'm
trying to understand without going too far off-kilter.)

-Ali


On Fri, Jun 28, 2013 at 3:09 AM, Alireza Mahdian
 wrote:
> those are all to protect our organization (CU Boulder) from any liability.
> also the contents that can be shared on this social network can be pretty
> much anything and since we can't control or monitor any of the contents
> being shared we had to have a strict terms of use agreement just to be clear
> that if the terms of use agreement is violated we are not gonna be liable.
>
> On Jun 28, 2013, at 1:06 AM, Ali-Reza Anghaie  wrote:
>
> I had similar confusion when I first started poking around - couldn't
> find a proper LICENSE file and then the ToUs including things that
> read an awful lot like Facebook instead of a distrubuted
> privacy-centric system.
>
> Including:
>
> ---
> a. You will not provide any false personal information on MyZone, or
> create an account for anyone other than yourself without permission.
>
> b. You will not create more than one personal profile.
> ---
>
> My guess is this is because of the Uni affiliation right now..
>
> Architecture right now I'm not going to comment on. Going to
> reconsider past biases first.. -Ali
>
>
> On Fri, Jun 28, 2013 at 2:59 AM, Alireza Mahdian
>  wrote:
>
> this is to prevent modifications that would render it as a malware. I
> haven't signed the code yet so I am just protecting myself from such
> liabilities.
>
> On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:
>
> I like the idea, so I was checking it out. I was confused by this
> statement in the download terms:
>
> Since MyZone Client Application is open source, you will not change any
> part of MyZone’s code without the written approval of MyZone’s copyright
> owner Alireza Mahdian reached at (alireza.mahdian at colorado dot edu).
>
>
> Can you explain what you mean? Usually, something called "open source"
> can be modified without any additional written approval.
>
> -john
>
> --
> John Sullivan | Executive Director, Free Software Foundation
> GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS
>
> Do you use free software? Donate to join the FSF and support freedom at
> .
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Alireza Mahdian
> Department of Computer Science
> University of Colorado at Boulder
> Email: alireza.mahd...@gmail.com
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Alireza Mahdian
> Department of Computer Science
> University of Colorado at Boulder
> Email: alireza.mahd...@gmail.com
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Alireza Mahdian]

those are all to protect our organization (CU Boulder) from any liability. also 
the contents that can be shared on this social network can be pretty much 
anything and since we can't control or monitor any of the contents being shared 
we had to have a strict terms of use agreement just to be clear that if the 
terms of use agreement is violated we are not gonna be liable. 

On Jun 28, 2013, at 1:06 AM, Ali-Reza Anghaie  wrote:

> I had similar confusion when I first started poking around - couldn't
> find a proper LICENSE file and then the ToUs including things that
> read an awful lot like Facebook instead of a distrubuted
> privacy-centric system.
> 
> Including:
> 
> ---
> a. You will not provide any false personal information on MyZone, or
> create an account for anyone other than yourself without permission.
> 
> b. You will not create more than one personal profile.
> ---
> 
> My guess is this is because of the Uni affiliation right now..
> 
> Architecture right now I'm not going to comment on. Going to
> reconsider past biases first.. -Ali
> 
> 
> On Fri, Jun 28, 2013 at 2:59 AM, Alireza Mahdian
>  wrote:
>> this is to prevent modifications that would render it as a malware. I
>> haven't signed the code yet so I am just protecting myself from such
>> liabilities.
>> 
>> On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:
>> 
>> I like the idea, so I was checking it out. I was confused by this
>> statement in the download terms:
>> 
>> Since MyZone Client Application is open source, you will not change any
>> part of MyZone’s code without the written approval of MyZone’s copyright
>> owner Alireza Mahdian reached at (alireza.mahdian at colorado dot edu).
>> 
>> 
>> Can you explain what you mean? Usually, something called "open source"
>> can be modified without any additional written approval.
>> 
>> -john
>> 
>> --
>> John Sullivan | Executive Director, Free Software Foundation
>> GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS
>> 
>> Do you use free software? Donate to join the FSF and support freedom at
>> .
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> 
>> 
>> 
>> --
>> Alireza Mahdian
>> Department of Computer Science
>> University of Colorado at Boulder
>> Email: alireza.mahd...@gmail.com
>> 
>> 
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech


--
Alireza Mahdian
Department of Computer Science
University of Colorado at Boulder
Email: alireza.mahd...@gmail.com

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Ali-Reza Anghaie]

I had similar confusion when I first started poking around - couldn't
find a proper LICENSE file and then the ToUs including things that
read an awful lot like Facebook instead of a distrubuted
privacy-centric system.

Including:

---
a. You will not provide any false personal information on MyZone, or
create an account for anyone other than yourself without permission.

b. You will not create more than one personal profile.
---

My guess is this is because of the Uni affiliation right now..

Architecture right now I'm not going to comment on. Going to
reconsider past biases first.. -Ali


On Fri, Jun 28, 2013 at 2:59 AM, Alireza Mahdian
 wrote:
> this is to prevent modifications that would render it as a malware. I
> haven't signed the code yet so I am just protecting myself from such
> liabilities.
>
> On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:
>
> I like the idea, so I was checking it out. I was confused by this
> statement in the download terms:
>
> Since MyZone Client Application is open source, you will not change any
> part of MyZone’s code without the written approval of MyZone’s copyright
> owner Alireza Mahdian reached at (alireza.mahdian at colorado dot edu).
>
>
> Can you explain what you mean? Usually, something called "open source"
> can be modified without any additional written approval.
>
> -john
>
> --
> John Sullivan | Executive Director, Free Software Foundation
> GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS
>
> Do you use free software? Donate to join the FSF and support freedom at
> .
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Alireza Mahdian
> Department of Computer Science
> University of Colorado at Boulder
> Email: alireza.mahd...@gmail.com
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[Alireza Mahdian]

this is to prevent modifications that would render it as a malware. I haven't 
signed the code yet so I am just protecting myself from such liabilities.  

On Jun 28, 2013, at 12:51 AM, John Sullivan  wrote:

> I like the idea, so I was checking it out. I was confused by this
> statement in the download terms:
> 
>> Since MyZone Client Application is open source, you will not change any
>> part of MyZone’s code without the written approval of MyZone’s copyright
>> owner Alireza Mahdian reached at (alireza.mahdian at colorado dot edu). 
> 
> Can you explain what you mean? Usually, something called "open source"
> can be modified without any additional written approval.
> 
> -john
> 
> -- 
> John Sullivan | Executive Director, Free Software Foundation
> GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS
> 
> Do you use free software? Donate to join the FSF and support freedom at
> .
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech


--
Alireza Mahdian
Department of Computer Science
University of Colorado at Boulder
Email: alireza.mahd...@gmail.com

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] a privacy preserving and resilient social network

[John Sullivan]

I like the idea, so I was checking it out. I was confused by this
statement in the download terms:

> Since MyZone Client Application is open source, you will not change any
> part of MyZone’s code without the written approval of MyZone’s copyright
> owner Alireza Mahdian reached at (alireza.mahdian at colorado dot edu). 

Can you explain what you mean? Usually, something called "open source"
can be modified without any additional written approval.

-john

-- 
John Sullivan | Executive Director, Free Software Foundation
GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS

Do you use free software? Donate to join the FSF and support freedom at
.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] a privacy preserving and resilient social network

[Alireza Mahdian]

Hi,

With all the recent news on NSA spying on social network users the concern over 
the user privacy has increased even more. I am not arguing whether it is 
ethical or not and whether it is needed for the safety of citizens and how 
effective it would be. even before this, social network providers like Facebook 
and Google were violating user privacy in so many ways and only a small 
fraction of it was revealed. 

A need for a more secure and private social network has always been there and 
was never adequately addressed. I have been working on this issue for a long 
time and I have been able to design and implement a social network that is 
inherently user privacy preserving. it uses military grade encryption and no 
authority can have any control over it. one design goal behind it was actually 
to make it resilient towards government imposed censorship and filtering. This 
is specially useful as it provides a very effective tool for democracy movement 
advocacy groups. I have implemented a prototype and you can check it out at 
http://joinmyzone.com . It is a complex piece of software but to summarize how 
it works you can think of it as implementing a social network over bittorrent. 
it supports all the common features of Facebook and Google+. Feel free to send 
me your feedbacks. thanks.

Ali

--
Alireza Mahdian
Department of Computer Science
University of Colorado at Boulder
Email: alireza.mahd...@gmail.com

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech