Brainstorm!

[maradydd]

Prompted by a discussion with bunnykitteh, who's good at prompting these kinds of things:

Imagine a Facebook and/or MySpace application aimed at organising flash mobs for political action (e.g., the kind of thing Anonymous might use to quickly notify members of imminent $cientology activity in a particular location). What features should it have? (Twitter gateway?)

(Note that with Facebook, especially, there are all kinds of interesting concerns with respect to privacy...)

Comments

[siliconshaman.livejournal.com]

Twitter definitely, and video function too. Also, geo-tagging, so you could meet up via GPS, [or tag where the coppers are massing and avoid that area!]

I think strong encryption with PGP keys would be more of a necessity!

[maradydd.livejournal.com]

I think strong encryption with PGP keys would be more of a necessity!

Oh, now that's a neat idea -- though, hrm, the first question that pops to mind is how to go about generating keys for folks who don't have 'em and don't know how to do so. Client-side implementation (e.g. in Javascript) that saves the private half of the keypair in a cookie or a text file? What about people who use more than one machine?

I suspect there's some primitive that would be more useful here than PGP proper; perhaps enochsmiles, sjmurdoch or tshb will pipe up.

[michiexile]

The central question here probably is _why_ do you want PGP, or strong encryption?

What is it that the crypto is supposed to provide?

Depending on the answers you'll want completely different solutions:
- is it keeping eavesdroppers out before the flashmob happens? Short timespan, go for some sort of session key handling and AES or something like that.
- is it keeping eavesdroppers out afterwards as well? This will get tricky, depending on your paranoia levels and the timespans involved.
- is it verifying identities? Now we're talking the entire trustweb infrastructure. And here the Javascript key-generation will not do any good.

[maradydd.livejournal.com]

I'm rather skeptical of the whole notion of the web of trust these days, but yeah, these are all good points. Thus the open "what features are desired?" question to start with.

[siliconshaman.livejournal.com]

Hmm..I think the primary need would be have some means of preventing the flashmob from being hijacked or monitored by the authorities. This has happened at least once to my knowledge. There was protest about Tibet in London recently that the police 'jacked and changed the route so the protesters marched into a trap.

Which, upon reflection, seems to be about 80% social engineering and less network security. The problem is, how do you identify who's a legitimate user?

[bigby.livejournal.com]

FlashMobs require people. one alternate is a twitter/*chan hybrid with no security other than everything being wide open. (remove the persistence of messages to prevent snooping?) Handshaking becomes a social and content function as does any persistent identity for Anon.

Maybe a two layer system where you can consume information with a nominal login if any (keeps you and your devise Anon and not identified for prosecution) and a posting layer with much higher security?

[maradydd.livejournal.com]

I can do sender/receiver unlinkability to twitter/*chan no problem. Cf. Matthias Bauer, "New Covert Channels in HTTP", WPES 2003. The more I think about it, the more I think that trusting the sender ends up being a social problem, but I'm going to keep chewing on it.

Also got pointed earlier today at Heydt-Benjamin/Serjantov/Defend, "Nonesuch: a Mix Network with Sender Unobservability", WPES 2006, which I need to read more thoroughly but also looks promising.

[bunnykitteh.livejournal.com]

Political activists in some parts of the world are being tortured to get their Facebook passwords, if that tells you anything.

[michiexile]

Yeah, I respect the need to establish security around political protest. My point was that PGP is NOT a magic wand that you wave and automatically get Teh Securitee! - you need to actually figure out WHAT you want to do, which specific functions you want your crypto to do, and first when you have a clear idea of all your requirements it's useful to discuss specific program packages, specific protocols and specific algorithms.

Besides - if people are being tortured to divulge their Facebook passwords - what prevents The Authorities to request their secret keys while they're at it?

[bunnykitteh.livejournal.com]

LOL oh totally.

And I think our coder in question is focused more on American protests where torture is (somewhat?) less of a concern.

I can haz securitee?

[maradydd.livejournal.com]

I am focused more on America, true, but that's no reason not to do it right the first time. Happily, this LJ is a good convergence point for some of the brightest minds in computer security today...

(software engineering lesson #1: figure out what the project requirements are first!)

[bunnykitteh.livejournal.com]

Mai project requirez a full buffet and dancing boyz!

[michiexile]

/me pulls off a decent solo charleston routine

[bunnykitteh.livejournal.com]

iLOLed

[siliconshaman.livejournal.com]

You're right...the problem is more 'how do you maintain anonymity and verify who's a legitimate user.'

I have no idea how to do that.

[enochsmiles.livejournal.com]

Scratch the first part. How do you verify who is a legitimate user, period?

[michiexile]

And once you have a way to verify legitimacy, how do you make sure that the police Hijackers don't look legitimate?

[maradydd.livejournal.com]

I think this is the part where enochsmiles or ephermata or allonymist or sjmurdoch or tshb hits us over the head with papers that I, at least, should have read already.

(You have an excuse, you're a topologist. I came at security from formal language theory, that's my problem.)

[michiexile]

I used to be a salaried cryptographer. One major reason I'm throwing myself into this debate and dropping buzzwords as I go.

[maradydd.livejournal.com]

Oh. Well then. We should formalize what the actual problem is. It looks to me like a zero-knowledge proof of legitimate usership -- which, as enochsmiles pointed out, has the zeroth-step problem of who constitutes a legitimate user to start with.

[jrtom.livejournal.com]

Agreed that the actual problem is not yet specified. Stronger, even: we haven't yet specified the users' requirements (from which we will derive the problems that need to be solved, etc.).

That is: there's a whole thread here which seems to be suggesting that there will be privacy guarantees and possibly identity verification measures...but nothing specific.

(Which is fine, this started out as you asking for possible features; I'm just suggesting that we may want to back up a bit.)

[jrtom.livejournal.com]

First, define "legitimate". Then we can start to take a hack at the problem.

(I'm not being snarky, really. Actually I suspect that once we define "legitimate" we may be most of the way to a solution.)

[feyandstrange.livejournal.com]

Have you already seen http://www.virgance.com/ and carrotmob?

[maradydd.livejournal.com]

Hadn't until just now, but that's cool!

[evelien.livejournal.com]

Facebook during the election had an application where you could sign up to have your status automatically updated every 2 hours to urge people to go vote. 1,745,754 people signed up, and in just under 5 days, sent out 4,919,071 status messages. The largest online rally in history.

[jrtom.livejournal.com]

I don't have any experience with Facebook/MySpace (programming or even really spending time on their sites), but...

How do you want to contact people? Email, SMS, IM, phone, nearby hackable electronic billboard *grin*...the more options you provide the better your coverage. (Some of us use SMS only as a last resort.)

Geo-based filtering might be useful so that a call to arms for a protest in Podunk doesn't annoy the activists in Artemisia.

Give people an easy way to invite others along who haven't signed up for your alerts.

[maradydd.livejournal.com]

The first two are pretty easy to solve in software -- any of those contact methods (well, maybe not so much the billboard) are simple enough to implement, and geo-based filtering is solved too. The latter brings us to the "who do you trust" problem.

[mycroftxxx.livejournal.com]

Uhm, an auto-archival function would be nice. Something that followed all of the participant twitter/Qix/whatever streams during the event and auto-collated it all into a timeline-based "What just happened" page. Assuming a group organizer/moderator, it would also be a good spot to submit links from later blog postings.

[maradydd.livejournal.com]

Good call. Could be done on the fly using AJAX events pretty trivially, to boot.

And each event could be assigned a unique name to use in tagging, so that folks who register their blog with the app get posts tagged with that tag auto-syndicated (perhaps pending mod approval).

[mellowtigger]

Semi-related, I had trouble finding info about a local Queer Women's March just 2 weeks ago. I found out about it here at LiveJournal, but other people who attended found out via Facebook.

I've been kicking around for several years an idea (specific to the Bear community, because of the name) to start a project called "Bearly Involved" that would highlight very easy steps that people could follow to actively do something helpful for the environment. Post one "challenge" each quarter-year, have people write in their accomplishment on the postcard and bring it to a Bear event. The postcards are collected and then a winner is randomly drawn to receive a prize. I think it would be a great way to entice/introduce people to "scary eco-activist" ideas but in a grounded and practical way. I would focus on the plight of the poor polar bear, just to begin, but branch out from there. From barely involved to bearly involved.

[maradydd.livejournal.com]

Oh, I like that idea! Tying ideas like this into existing social circles seems like a good way to go about it, too, particularly when you can find specific examples that the community already has some affinity for.

[bunnykitteh.livejournal.com]

LOL... affinity for bearz... and bunnehs...