[liberationtech] Fwd: MyZone social network
Yosem Companys
companys at stanford.edu
Thu Jun 27 17:37:39 PDT 2013
Forwarded conversation
Subject: MyZone social network
------------------------
From: *Alireza Mahdian* <alireza.mahdian at gmail.com>
Date: Thu, Jun 27, 2013 at 12:18 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
Hi,
With all the recent news on NSA spying on social network users the concern
over the user privacy has increased even more. I am not arguing whether it
is ethical or not and whether it is needed for the safety of citizens and
how effective it would be. even before this, social network providers like
Facebook and Google were violating user privacy in so many ways and only a
small fraction of it were revealed.
A need for a more secure and private social network has always been there
and was never adequately addressed. I have been working on this issue for a
long time and I have been able to design and implement a social network
that is inherently user privacy preserving. it uses military grade
encryption and no authority can have any control over it. one design goal
behind it was actually to make it resilient towards government imposed
censorship and filtering. I have implemented a prototype and you can check
it out on joinmyzone dot com. It is a complex piece of software but to
summarize how it works you can think of it as implementing a social network
over bittorrent. Feel free to send me your feedbacks. thanks.
Ali
--
You received this message because you are subscribed to the Google Groups
"The Next Net" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to
building-a-distributed-decentralized-internet+unsubscribe at googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
----------
From: *Melvin Carvalho* <melvincarvalho at gmail.com>
Date: Thu, Jun 27, 2013 at 12:29 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
On 27 June 2013 21:18, Alireza Mahdian <alireza.mahdian at gmail.com> wrote:
> Hi,
>
> With all the recent news on NSA spying on social network users the concern
> over the user privacy has increased even more. I am not arguing whether it
> is ethical or not and whether it is needed for the safety of citizens and
> how effective it would be. even before this, social network providers like
> Facebook and Google were violating user privacy in so many ways and only a
> small fraction of it were revealed.
>
> A need for a more secure and private social network has always been there
> and was never adequately addressed. I have been working on this issue for a
> long time and I have been able to design and implement a social network
> that is inherently user privacy preserving. it uses military grade
> encryption and no authority can have any control over it. one design goal
> behind it was actually to make it resilient towards government imposed
> censorship and filtering. I have implemented a prototype and you can check
> it out on joinmyzone dot com. It is a complex piece of software but to
> summarize how it works you can think of it as implementing a social network
> over bittorrent. Feel free to send me your feedbacks. thanks.
>
You may be interested in
http://retroshare.sourceforge.net/
>
> Ali
>
> --
> You received this message because you are subscribed to the Google Groups
> "The Next Net" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> building-a-distributed-decentralized-internet+unsubscribe at googlegroups.com
> .
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
----------
From: *Alireza Mahdian* <alireza.mahdian at gmail.com>
Date: Thu, Jun 27, 2013 at 12:46 PM
To: "building-a-distributed-decentralized-internet at googlegroups.com" <
building-a-distributed-decentralized-internet at googlegroups.com>
I've seen this before but myzone is Facebook but decentralized. There are
some huge challenges when you want to achieve such a goal.
Sent from my iPhone
On Jun 27, 2013, at 1:29 PM, Melvin Carvalho <melvincarvalho at gmail.com>
wrote:
On 27 June 2013 21:18, Alireza Mahdian <alireza.mahdian at gmail.com> wrote:
> Hi,
>
> With all the recent news on NSA spying on social network users the concern
> over the user privacy has increased even more. I am not arguing whether it
> is ethical or not and whether it is needed for the safety of citizens and
> how effective it would be. even before this, social network providers like
> Facebook and Google were violating user privacy in so many ways and only a
> small fraction of it were revealed.
>
> A need for a more secure and private social network has always been there
> and was never adequately addressed. I have been working on this issue for a
> long time and I have been able to design and implement a social network
> that is inherently user privacy preserving. it uses military grade
> encryption and no authority can have any control over it. one design goal
> behind it was actually to make it resilient towards government imposed
> censorship and filtering. I have implemented a prototype and you can check
> it out on joinmyzone dot com. It is a complex piece of software but to
> summarize how it works you can think of it as implementing a social network
> over bittorrent. Feel free to send me your feedbacks. thanks.
>
You may be interested in
http://retroshare.sourceforge.net/
>
> Ali
>
> --
> You received this message because you are subscribed to the Google Groups
> "The Next Net" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> building-a-distributed-decentralized-internet+unsubscribe at googlegroups.com
> .
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
--
You received this message because you are subscribed to a topic in the
Google Groups "The Next Net" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/building-a-distributed-decentralized-internet/nfrWbVmMicU/unsubscribe
.
To unsubscribe from this group and all its topics, send an email to
building-a-distributed-decentralized-internet+unsubscribe at googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
----------
From: *Nathan Rixham* <nrixham at gmail.com>
Date: Thu, Jun 27, 2013 at 12:50 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
The only real way to tackle this, is to tackle it from the ground up.
Once you have private, encrypted, ACL controlled personal data storage,
then you can mount anything on top of that in the same way we do with the
web. It simply makes a private, encrypted, ACL controlled web. Then
everything built on it, social or not, is built the right way.
retroshare is worth looking at.
----------
From: *Alireza Mahdian* <alireza.mahdian at gmail.com>
Date: Thu, Jun 27, 2013 at 1:26 PM
To: "building-a-distributed-decentralized-internet at googlegroups.com" <
building-a-distributed-decentralized-internet at googlegroups.com>
Well myzone has a service layer that works pretty much the same way.
Sent from my iPhone
----------
From: *Nathan Rixham* <nrixham at gmail.com>
Date: Thu, Jun 27, 2013 at 1:30 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
will read the Thesis
http://joinmyzone.com/Thesis.**pdf<http://joinmyzone.com/Thesis.pdf>and
then take a look.
n
----------
From: *Alireza Mahdian* <alireza.mahdian at gmail.com>
Date: Thu, Jun 27, 2013 at 1:45 PM
To: "building-a-distributed-decentralized-internet at googlegroups.com" <
building-a-distributed-decentralized-internet at googlegroups.com>
Ok
Sent from my iPhone
----------
From: *Melvin Carvalho* <melvincarvalho at gmail.com>
Date: Thu, Jun 27, 2013 at 3:13 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
On 27 June 2013 21:46, Alireza Mahdian <alireza.mahdian at gmail.com> wrote:
> I've seen this before but myzone is Facebook but decentralized. There are
> some huge challenges when you want to achieve such a goal.
>
Facebook but decentralized sounds intriguing. So the first question I
normally ask is how you identify a user. In facebook it would be
graph.facebook.com/bob
The retroshare people say the hardest part in this is getting through
firewalls. How well tested is your system in terms of real world NAT
busting etc. ISPs often make it hard to break through.
----------
From: *Alireza Mahdian* <alireza.mahdian at gmail.com>
Date: Thu, Jun 27, 2013 at 3:16 PM
To: "building-a-distributed-decentralized-internet at googlegroups.com" <
building-a-distributed-decentralized-internet at googlegroups.com>
It does Nat traversal and uses relay servers for firewalls that are not
traversable and the user is not even aware of all the things that are
happening underneath. As for identities we link each person to a
certificate and a verified email address.
Sent from my iPhone
----------
From: *Melvin Carvalho* <melvincarvalho at gmail.com>
Date: Thu, Jun 27, 2013 at 3:21 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
On 28 June 2013 00:16, Alireza Mahdian <alireza.mahdian at gmail.com> wrote:
> It does Nat traversal and uses relay servers for firewalls that are not
> traversable and the user is not even aware of all the things that are
> happening underneath. As for identities we link each person to a
> certificate and a verified email address.
>
Thanks for the reply. Would it be possible to give an example of an
identity string in your system. How can you ensure that an identity in
your system does not clash with an identity in another system.
The example I gave with facebook I can do a few things e.g. I can add that
to my roster of friends (decentralized friending), I can find out more
information about the user (standards based discovery), I can rate and
create reputational data about that entity (distributed claims) as well as
use the provided APIs for messaging, requests, chat, payments etc.
Does the identity in your system have any of these properties.
Sorry, lots of questions, but this will give an idea of how easy it would
be to interact with your proposal...
----------
From: *Alireza Mahdian* <alireza.mahdian at gmail.com>
Date: Thu, Jun 27, 2013 at 3:32 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
each user has his own pair of keys (we use RSA) the username is a unique
email address that the user provides upon sign up they send us their public
keys and we issue a certificate and only send them the certificate if they
verify their email address. all the other interactions on the system uses
this certificate infrastructure for authentication and security. I am not
sure if I could answer your question or not. as for your friends they
probably know your email address so if anybody wants to spoof your identity
they can probably figure it out based on the fact that the invite came from
a user with an unknown email address.
--
Alireza Mahdian
Department of Computer Science
University of Colorado at Boulder
Email: alireza.mahdian at gmail.com
----------
From: *Melvin Carvalho* <melvincarvalho at gmail.com>
Date: Thu, Jun 27, 2013 at 3:55 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
On 28 June 2013 00:32, Alireza Mahdian <alireza.mahdian at gmail.com> wrote:
> each user has his own pair of keys (we use RSA) the username is a unique
> email address that the user provides upon sign up they send us their public
> keys and we issue a certificate and only send them the certificate if they
> verify their email address. all the other interactions on the system uses
> this certificate infrastructure for authentication and security. I am not
> sure if I could answer your question or not. as for your friends they
> probably know your email address so if anybody wants to spoof your identity
> they can probably figure it out based on the fact that the invite came from
> a user with an unknown email address.
>
Thanks for the details. I'm less concerned with authentication, initially,
more interested about identity. I'm unsure that you gave an example of an
identity string used in your system.
So I would be unsure of what to put in my existing roster, say, wanted to
add someone from your network you as a friend.
Or is the idea that everyone should join MyZone. a bit like skype or
facebook?
----------
From: *Alireza Mahdian* <alireza.mahdian at gmail.com>
Date: Thu, Jun 27, 2013 at 3:59 PM
To: building-a-distributed-decentralized-internet at googlegroups.com
Oh now I think I get what you are saying. so you have add their email
addresses and whenever they join myzone and by joining I mean getting a
certificate from us they will receive the friendship requests that are
pending for their email addresses. upon accepting the friendship request a
friendship is established between the two identities. you can also add a
friend of friend by for example clicking on a comment they made on a
friend's post and the system will automatically take you to a page where
you can send the friendship request. either way uses the email address as
the identifier if that is what you are asking about.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130627/55d202be/attachment.html>
More information about the liberationtech
mailing list