From 0875b9d6219c86b230675c282b9aefeb3546fe34 Mon Sep 17 00:00:00 2001 From: Jay Graber Date: Tue, 21 Jul 2020 15:02:43 -0700 Subject: [PATCH] Update privacy --- topics/privacy.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/topics/privacy.md b/topics/privacy.md index 9262199..0063b0d 100644 --- a/topics/privacy.md +++ b/topics/privacy.md @@ -8,9 +8,11 @@ At a large enough scale, user metadata collected by federated applications becom ### Private accounts -Mastodon has account-level and post-level privacy controls. When an account is locked, follow requests must be approved. Since posts are copied to the instances of followers, locking an account gives a user more control over where their posts will be distributed. +Mastodon and Matrix provide private accounts, where the account can be located, but the data posted by the account is only shown to approved followers. -Individual posts, as well as the default post setting, can be set to "followers-only". +Mastodon has account-level and post-level privacy controls. When an account is locked, follow requests must be approved. Since posts are copied to the instances of followers, locking an account gives a user more control over where their posts will be distributed. Individual posts, as well as the default post setting, can be set to "followers-only". + +Matrix has private rooms, which can be joined upon invitation. Users can also ["knock"](https://github.com/Sorunome/matrix-doc/blob/soru/knock/proposals/2403-knock.md) to request to join a room. ### Direct messages @@ -18,7 +20,7 @@ Many decentralized social applications use e2e encryption to preserve the privac - Matrix - [End-to-end encryption guide for Matrix clients](https://matrix.org/docs/guides/end-to-end-encryption-implementation-guide) - ActivityPub - Mastodon is [adding e2e encryption to ActivityPub](https://github.com/tootsuite/mastodon/pull/13820). Previously, messages were unencrypted on the server. -- Ssb - Ssb, as a p2p protocol, included [e2e encryption for direct messages](http://scuttlebot.io/docs/basics/encryption.html) from the start, so that unencrypted messages would not be passed around the network. +- Ssb - Ssb, as a p2p protocol, included [e2e encryption for direct messages](http://scuttlebot.io/docs/basics/encryption.html) from the start, so that unencrypted messages would not be passed through untrusted peers in the network. Some more e2e messaging encryption options: @@ -29,6 +31,8 @@ Some more e2e messaging encryption options: - [Peergos](../protocols/peergos.md) - Peergos provides [capability-based access control](https://github.com/Peergos/Peergos) for files on top of IPFS. Files are kept private. All encryption happens on the client, which could be a native Peergos client or a browser. Data is always encrypted on the servers. Servers do not have access to metadata or sensitive information. Access is controlled through cryptographic capabilities. -- [Zeronet](https://zeronet.io/) - Zeronet is a p2p browser built on BitTorrent and Bitcoin, designed with a focus on privacy. Instead of having IP addresses, Zeronet site addresses are Bitcoin public keys. ZeroMe is a proof-of-concept Twitter-like social network on Zeronet. Other sites on Zeronet include ZeroTalk (like Reddit), ZeroBlog (microblogging), and ZeroMail (encrypted mail). +- [Zeronet](https://zeronet.io/) - Zeronet is a p2p browser built on BitTorrent and Bitcoin, designed with a focus on privacy. Instead of having IP addresses, Zeronet site addresses are Bitcoin public keys. [ZeroMe](https://bluishcoder.co.nz/2017/10/12/zerome-decentralized-microblogging-on-zeronet.html) is a proof-of-concept Twitter-like social network on Zeronet. Other sites on Zeronet include ZeroTalk (like Reddit), ZeroBlog (microblogging), and ZeroMail (encrypted mail). + +- [Freenet](https://freenetproject.org/index.html) - Zeronet was preceded by Freenet, a privacy-preserving p2p overlay network. In Freenet, all data is encrypted and communication is routed through peers, similar to Tor. It cannot be used to access the web; it only allows access to content that has been inserted into the Freenet network. It has an anonymous microblogging service, [Sone](https://socialmediaalternatives.org/archive/collections/show/24). Freenet uses a [web-of-trust plugin](http://freesocial.draketo.de/wot_en.html) to help manage spam and moderation in an uncensorable medium. - [Zbay](https://www.zbay.app/) - Zbay is a Slack-like messaging application with monetary transactions, which uses the Zcash blockchain as a database and transaction settlement layer. User identities are Zcash addresses. Usernames are registered by sending a message to an address everyone has a viewing key for, and providing the new user's public key. Private messages can then be sent to the user's address using encrypted transactions.