Priv.ly offers, or promises to offer, a solution to this issue. Similarly, GnuPG is a solution to the issue with e-mail.
Kurt
Sent from my Android phone.
Generally these are questions (::looking for validation::):A pod (and therefore, the pod administrator) requests data on behave of a user and data is available based on what access that user has to the data?
A pod (and pod admin) can only access data that one of it's users has access to?
Can it access that data whenever it wants, or only when that user requests the data (don't see how it could be restricted to requires the user be active... the admin can probably impersonal the user whenever...)
If those answers are generally yes (first two questions), then one can protect their data by1) using a pod (and admin) that the data owner trusts (perhaps self) and2) only friending those who are on pods that the owner trusts(I'm not even sure if my concept of a user belonging to a pod is correct... )
Thanks in advance,-- BT
On Tuesday, June 12, 2012 5:46:34 PM UTC-7, jeremy wrote:
On Friday, May 18, 2012 7:36:37 PM UTC-4, Carl Marley wrote:
Secondly, let's say I'm running my own pod. I control my data. I'm
connected with friends on pod1, pod2, pod3, pod4, pod5, foo-pod and
bar-pod. I presume that if my friends on those pods can access my
personal data, so can the admin of those pods (via cache or whatever),
which means I have to trust not only my pod, but all the other pods
too.
This is correct. The answer is that no, we are not protected. Unless you host your own pod and host all your followers too then you do not control your data. Along the same lines - if you are hosting yourself and your friends, your friends have to trust you with *their* data. I don't know that I'd want someone in my circle of friends hosting my private messages, which may relate to topics of interest to them that I'd prefer they not read. I don't want my podmin telling my ex-girlfriend what I said about her to another friend in a private message. I'd much sooner trust a soulless corporation that doesn't care a fig about my personal life, when it comes to that score.
Priv.ly looks very promising. I just read about it in this thread for the first time but I like what I've seen so far. While adoption may be a struggle, for those who really want privacy they probably will be able to get it no matter which network they are hosted on this way. There is probably no solution to this problem that is convenient enough for most people. Consider email: most people will never use GPG, will not host their own email server nor only host email with their friends.
I definitely think that there is a place for D*, even though we live in an imperfect world in which seamless encryption systems do not exist for data at rest. The developers have already stated some improvements in federation protocol; for example less actual copying/caching of data. Unfortunately there are tradeoffs: reliability, performance, privacy. Pick two.D* has to be usable and fast or it cannot get anywhere. The initial implementation of federation was disappointing from a privacy perspective but I understand why it was done and I will not say it has been wrong, but it must get better.One final point. Even if federation doesn't pan out and the only useful/fun PODs are very large ones, as long as there is still the same functionality we have today at a minimum, then we will have more freedom and privacy in at least one important respect. Simply put, the Facebook terms of service would never, ever fly on a D* pod because people would have a choice. So we can worry about what a nefarious evil podmin might do - but those are the edge cases.Its a world of difference trusting a a big soulless corporation that has *promised* to exploit your data, compared to a relatively open and engaged company that has promised not to.