„Social Networks based on XMPP“, by Jan Torben Heuer, Institute of Geoinformatic, University of Münster.
Current ideas and work based on diploma thesis, opening the project for non-academic users and wants to discuss approach with interested people.
Quick poll in audience: Not many of the audience uses LinkedIN, twitter, facebook etc.
Privacy in the social semantic web
First: What is a social network? is it really something new? does it use new technologies?
Is is social because it is written for the people? He is unsure.
It is social because of the people who use it?
People today on the internet differ from those 10 years ago. Today internet is used differently than back then. Also differences between younger and older internet users. Like a studivz link is not something good for everybody.
Most users are also not interested in technical details, they just want to use it to talk to their friends. They don’t think about what it means to upload everything on the servers of one company.
Data is accesible from everywhere, your online and real life are conncected. RL friends can easily be contacted and you can make connections to new virtual friends.
Main problem: Many users fo not know about security or privacy issues.
This is also his motivation.
What is privacy about?
It’s about personal data you store in social network. Everything you store in there can affect your privacy. You never know what might happen to/with that data.
But that’s not all, it’s also about what you do on the net. Doubleclick knows a lot, Google Search knows a lot, Google Analytics as well.
Then there is the stuff what others publish about you. Like party photos etc. But that’s not a technical issues and you should discuss this with your friends.
What is the semantic web?
Vision of a machine-readable internet. One example: FOAF. Internet as a big database. You can aggregate and combine information from different sources.
How can we protect our privacy today and tomorrow?
You won’t be able to tell people not to use social network. So we need a better architecture. A central server is not a good thing.
His proposal is based on XMPP.
- Data must not be stored at a central place
- Data exchange must be between friends only
- Transmission must be encrypted
XMPP is not true peer to peer but needs messaging servers. Ensures communication between two peers even if they are hidden between packet filters.
PGP Encryption can be used. it allows for secure end-to-end encryption. Currently, PGP isn’t widely used.
We need user-friendly PGP support!
His has a prototype and would like to take it and build a library out of it (right now it’s Java). It’s a Java6 Webstart application, used because of the libraries, like the RDF lib, Smack API; prefuse.org visualization toolkit.
How can a serverless network survice? What happens if too many clients are offline (ongoing work).
And how can PGP be made more accessible to many people?
Are you interested? Here is what can be done:
- Extend current Java approach
- Create another client, like web interface, IM extension, Flash or mobile application
Technorati Tags: 25c3, ccc, congress, conference, privacy, socialnetworks, dataportability