Snake: crowdfunding an encrypted, easy-to-use social network

[Permalink]

I really don’t see how privacy and encryption will be compatible with a social network, but I will watch and hope.

that’s an awful name for a social network. would you buy a mattress from Pointy & Rusty’s Mattress Emporium, or send your kids to play baseball at the Lot Full of Broken Glass Community Center?

9 Likes

Is this going to be like how Diaspora went down? I really had hopes for them, and that didn’t really worked out the way I’d hoped.

I would really love to have a social network that rivaled FB, so I could get my family over to it, and didn’t annoy me as much as G+ does.

4 Likes

This would have to be an order of magnitude easier (in terms of use) or feature-filled for most people to even consider switching. It would have to make it dead simple to import content (photos, posts, etc) from G+, FB, whatever. Even then, it will not last unless there are a huge number of people using it… and if there are huge number of people using it, that means that users need to pay for it or accept advertising… unless it is somehow distributed, a la BitTorrent, although I suspect that most people wouldn’t go in for that.

It’s tough to beat FB because everyone’s on it. If you want to remain in touch with everyone you’re in touch with on FB, then they all need to make the switch… and that’s a big, big ask.

I know a lot of people use FB to kill time but I actually use it to keep in touch with friends and family on the other side of the planet. So I take some bad with the good.

If I were the NSA, I would offer a product just like this. Need a secure way to stay in contact with all your suspicious friends? Just install this app on ALL your machines!

Seriously, though:

  1. You install an app or use a browser-plugin.
  2. You communicate through a remote server (or server). There’s no peer-to-peer.
  3. Your data is stored on one of those remote servers.

Those are all opportunities for exploitation. I wish these guys the best, but I have reservations about the chances this will actually work. I guess the good news for them is that if it doesn’t work, it will take another Snowden to find that out.

Yeah, it does sound kinky…

Does any of this mean anything if your hard drive controller is backdoored as well?

1 Like

I’ve been hoping that priv.ly would mature and become something wonderful. I like the idea of having the flexibility of using which ever social network or email or whatever-- with the right encryption in place. Wonder how things are coming along with those folks…

1 Like

End-to-end encrypted? Didn’t they say that about Skype?

1 Like

It’s tough to beat FB because everyone’s on it.

Not me and many other people:

On mass exodus from Facebook:
http://fusion.net/abc_univision/story/quitting-facebook-11338

More:

If you want to remain in touch with everyone you’re in touch with on FB, then they all need to make the switch…

Or… pick up a phone, email…

1 Like

I think that people are taking the wrong approach for trying to develop a better and more secure Facebook. You can’t sell privacy or security. You have to sell something that is intrinsically worthwhile that also has security and privacy. Security and privacy are excellent selling points to me, and you should let me know that you have them, but there are a dozen people who don’t give a shit for every one of me. You need those people too, or else you will have your own little Dispora style ghost town.

2 Likes

Hi! Ale here, core dev of Snake! I’ll try to answer the issues you’ve pointed out!

That’s a good question, since we’re not used to have privacy in our conversations over the Internet. But we asked ourselves if it was possible to create a social network where the server stores, in a way it can understand, only the strictly required amount of information to offer the service. Or in other terms if there was a way to have a social network which respects the user privacy with technical guarantees.

Turns out it is! In Snake, all the information is encrypted before leaving your browser and decrypted when it comes back, so the server just stores apparently random data! That’s end-to-end encryption, and it’s well known among experts, but really few people use it. PGP is a good example, but it’s too hard to set up for the average user, so we wanted to something similar but hiding all the technical details and offering a user interface similar to classic social networks.

If you have doubts, take a look at our website, or just write me by e-mail or Twitter (@snakedotli). Also, consider giving a small (or big!) contribution. :wink:

Snake [is different from Diaspora][1] (FAQ section) from a technical point of view (basically we’re encrypted, they’re not), but the real point it’s that if you want real privacy on Diaspora you have to set up your own pod, and that’s something your family is not going to do, right?

In Snake instead you just have to register to a website and you’re ready, not even your e-mail address is required. Take a look at our blog post “Why yet another social network?”.

If you like the idea, plase consider contributing to our crowdfunding campaign! :slight_smile:

Well, we have some killer-features we have in mind, such as the first end-to-end encrypted online collaborative office suite (i.e. Google Docs-like service), which has never been done before and it’s something businesses need a lot.

We thought about a P2P approach, but then dismissed it (take a look at our [FAQ][1]): a social network has very different requirements from a file sharing service. About paying, a lot of services are already working well just being based on donations, think of Diaspora, all the Jabber servers, GNU/Linux distributions and so on. Moreover our system is designed to keep all the load on the client, so the server has to do extremely simple operations, which makes it easier to scale at a low price.

For the fact that a lot of people is using Facebook, it’s the network effect, and if we want something different we all have to deal with it, but extreme ease of use and a catchy UI will be a good starting point. Take a look at the above mentioned blog post, “Why yet another social network?”.

I think this overly paranoid approach actually helps the NSA, since it puts you in a non-action state. I’m quite a paranoid, and for this reason I designed Snake. A P2P approach doesn’t really help at all, P2P communications are being monitored too. Our storage server is not able to read the contents of your messages, and (if it uses our implementation) the NSA won’t be even able to collect metadata from it, since we designed Snake in a way that the only metadata stored on the server don’t leak anything useful to an attacker. For instance it’s not possible to know who is the sender or the recipient of a message.

The best thing the NSA can do is breaking into a storage server and collect metadata by themselves. But that wouldn’t work for past communications, and they would have to exfiltrate a huge amount of data, if they want to do it on large scale. Moreover they can do it also in a P2P environment, and more easily! Unless you use Tor, which would make it completely unscalable.

Also, we’re going to release everything as Free Software, so feel free to verify there are no backdoors by yourself :smile:, if you want I’d suggest to take the 73 € perk which gives you direct access to the code before the open beta.

It’s probably very hard to be safe if you’re targeted by the NSA, but we can make it very hard for them to monitor enormous masses of people. Want to give us a hand? :slight_smile:

That’s the “overlay” approach, we discared it for a series of reasons, take a look at our FAQ :wink:

One problem at a time my friend, one problem at a time. :slight_smile:

That was closed-source crap.

Well, I think the global surveillance is raising awareness in a lot of people around the world, in particular in some countries, and it’s from this kind of people that we’re looking for support right now. But I agree with you, in fact Snake is only the first step, you can build a lot over it thanks to plugins, just using JavaScript and without caring about security and privacy. We need additional killer-features, but those have to come afterwards, now we need to build a solid and secure basis.

Thanks everyone for your interest! If you have further doubts just ask here, visit our website or write me. And if you like the project, please contribute, 2 € are more than welcome! :slight_smile:

Ale

4 Likes

The real utility of facebook for me comes when you don’t have emails or phone numbers. I found old friends on facebook that I hadn’t seen since I was a kid. Yeah, it is annoying but the utility of a social network is proportional to size.

2 Likes

I have no idea who that “11 reasons you should quit Facebook” is written for, but it sure doesn’t apply to me (except for maybe #2, but I’ve never found that to be particularly bothersome with my particular usage requirements/behaviour).

In the future everybody will have their own social network, which nobody else will be on.

We senior citizens even have a form of email that uses paper as a transmission medium. Very good for privacy, but not fast enough for all those urgent lolcats.

2 Likes

That whole setting up a pod thing was the death knell for Diaspora for my folks.

I see your point, but Facebook had to start somewhere. Is is really a good idea for everyone to have all their eggs in one social basket that can be abused at the whim of the company that holds the basket? Especially when that company is Facebook and is notorious for belligerent privacy policies towards its users?

I have no idea who that "11 reasons you should quit Facebook" is written for
General audience overall, YMMV.