[Noisebridge-discuss] Develop for Privacy Challenge

Griffin Boyce griffinboyce at gmail.com
Tue Feb 8 03:41:56 UTC 2011 

On Mon, Feb 7, 2011 at 10:16 PM, Micah Lee <twopointfour at riseup.net> wrote:
> I like the idea of doing something functional, like with crypto or proxy
> servers or making a custom browser (lots of fun with javascript,
> cookies, SSL, proxies). This also is probably really hard to do well though.
>

Functional is good!  =)  Proxies have the issues of a single
point-of-failure and privacy by policy.  Because Tor is a sponsor, I'd
expect it to get a thumbs-down.  An all-in-one solution for Tor use,
like Orbot but better, would be pretty amazing. =D

I don't use a lot of email on my phone, but a fast encrypt/decrypt
utility would be good.  Something you could also store your keyring
on.

There's a Firefox plugin called HTTPS Everywhere, which rewrites all
requests to large sites that allow it with https:// .  I wonder if we
could come up with a custom browser that ports that functionality.  It
works on a lot of sites, like Google Search and Twitter.  The EFF
maintains it: http://www.eff.org/https-everywhere

> I also like the idea of gathering as much info that systems give us
> (like the phone OS, or the facebook API if you're logged in, etc) and
> displaying it to the user so they know how much info they're leaking.

I really love this idea, because it's scary to see the amount of data
you really put out there.  It could shock a lot of people, in a good
way, and lead them to be more mindful.  The question there is how to
pull it off...

> I would lean towards either making a web application designed
> specifically for viewing on a phone or for making it an Android app.
>
> iPhone would be difficult given their App Store. If we made an iPhone
> app that displayed to you all the info about you that iPhone apps have
> access to, they might reject it, and you have to jailbreak to install
> third-party apps.

Agreed.  And limiting it to jailbroken iphones would probably kill
widespread distribution.

> Android doesn't have this problem. And I've never used or programmed for
> a Blackberry.

I just thought I'd mention it since I mentioned business users =)

> I also like the idea of making it a web app. Mobile Safari on iOS has
> all these added features that normal webkit browsers don't have, like
> access to accelerometer data. And newer Android phones have Flash. We
> could make a single website that tells you everything it knows about not
> only the phone you're using (including accelerometer data, your carrier
> if we can get it, etc), but also other info you're leaking (maybe you're
> logged into google or facebook, or automatically allow location
> tracking). And of course instructions on how to fix these problems.

That would be EPIC.  That would also make a perfect phone+computer
crossover project, with some CSS changes to differentiate between
computer and phone...

> If there are others who are interested in this project, maybe we can all
> meet at noisebridge, perhaps this weekend?

I am marooned on the east coast currently, but want to stay updated
and help out where I can.

~Griffin


-- 
Be the change you want to see in the world.
~Mahatma Gandhi

More information about the Noisebridge-discuss mailing list