Archives for posts with tag: social media

With the recent surveillance nightmares of 90s hackers coming true, I’ve begun moving a bit toward the “dark arts” of networking, as agencies such as the NSA and CIA are rather blatantly spying on the American people now. I am not fully informed on how the rest of the web looks, but I don’t think it’s much better. I know Brazil is a mess at the moment.

Facebook is currently the most popular social network site, and has gotten more commercial by the day since it achieved its popularity. Numerous companies use facebook “likes”, comments, and social patterns of Facebook for marketing purposes, and borderline legal data mining for their own purposes. Facebook is also notorious for disrespecting the assumed privacy of such a network, and anything discussed in Facebook messages can be assumed to be open for their admins, other companies, and law enforcement to read.

In this mini-tutorial I will guide you through how to run Facebook chat through a separate client, and encrypt the messages so Facebook’s staff and records cannot read them. Other Facebook interaction cannot be secured from their own servers this way, but there is a great open-source, community maintained social network called Diaspora* starting up now. If one really cares about security, a direct connection from server to server is optimal, followed by secure forums such as IRC. However, Facebook’s pre-existing network is too convenient to ignore.

*DISCLAIMER* If you use this to mask illegal activities, don’t blame me

*DISCLAIMER* BOTH ends will need to be set up like so for this to work

1.) Install pidgin. Pidgin is a small IM client on a GNU General Public License, and works in Linux with Gnome, KDE, and on Windows. (Windows is not featured on this blog, but the Windows set up should just be an install .exe or .zip, then again for otr which will be mentioned later on)

for Debian/Ubuntu/Mint: su -c “apt-get install pidgin”

for Fedora/Red Hat: su -c “yum install pidgin”

for Arch Linux: su -c “pacman -S pidgin” (unverified, but should be there, otherwise check AUR)

2.) Get pidgin-otr. To save time this could have been done with the above step, but I felt it was important to identify this extension separately. OTR means “off the record”, which is a feature of pidgin allowing encrypted chat between users. I believe this method will use PGP, but I could be wrong.

for Debian/Ubuntu/Mint: su -c “apt-get install pidgin-otr”

for Fedora/Red Hat: su -c “yum install pidgin-otr”

for Arch Linux: su -c “pacman -S pidgin-otr” (unverified, but should be there, otherwise check AUR)

3.) Configure otr in pidgin. This is done by launching pidgin, the at the top navigating Tools > Plugins, or hitting ctrl+u. In these plugins, check the checkbox next to otr, then in those settings, enable otr, but do NOT require it. Requiring it will prevent pidgin from sending unencrypted messages, so the client will not work unless both ends of chat are configured this way. Next it will have an option to create a key, which will take a few moments. Try to move the cursor around and hit random keys to create entropy.

4.) Configure facebook. Pidgin should have a wizard for this, and if you do not know your username, go to your facebook page and the URL will be www . facebook . com/YourUserName, and your password will be your password.

5.) Begin otr chat. Open your “buddies list” for Facebook, then right-click a name and choose “IM”. This will being an IM session with this user. Pidgin, if properly configured, with have a button which reads “not private”, which is used to toggle private, aka encrypted conversation. If the other end is not set up, the message will read [encypted message], and then all messages after the “starting off the record chat” message will show up normal, and unecrypted. Again, both ends must be set up this way, and they must accept the invite to otr, or this will not be encrypted.

In conclusion, one can essential ignore Facebook as a social network, and just pretend it’s a very popular IM client, and after removing personal data from their site, ones security is restored. Through encrypted messaging Facebook is unable to read messages, and with no “likes” or personal info to mine, they have nothing to gain from you, and you are, as the title says, using Facebook without them using you.

As far as I know, Facebook stores all removed data for a period of 6 months before actually deleting. Please comment, ask questions, provide further info, or notify me of errors or vulnerabilities of this method in the comments.

Image

photo credit: http://elioguevara.blogspot.com/

Advertisements

I know we can’t have the ’00s internet forever, but it is sad to watch beloved sites falling one by one:

Myspace lost fame and is now only used for band advertising

Facebook is overrun by ads, and is primarily used for sharing outdated memes

4chan is now where teenagers go to feel empowered by “Anonymous”

Digg is just dead

IRC is where Linux gurus go to show off

Google plus is a dream deferred

R.I.P. Megauploads

Tumblr’s for girls fawning over British actors and Feminists ranting to themselves

cheezburger/memebase is where memes go to die

Should I expect more to keep falling? Will newer sites spring up to replace them?

I’ve been looking for smaller, more intellectual communities interested in coding and/or hacking (by the reclaimed definition) and/or anything computer science related, any ideas?

Reddit seems to have survived, and things like PBS’s ideachannel give me hope

 

Facing the over-abundance of corporate involvement in social media, I’ve been thinking, what if we could make a free social network? And by free, I mean more than it being $0 to join, I mean a community of volunteer programmers and server administrators erect a social network that is free of advertisement, survey, monitoring, or anything other than what the network is intended to do. If it is web based, it should be maintained by volunteers, if it is downloadable software, it should be free, and open-source.

I imagine it functioning much like the GNU/Linux project, run primarily by volunteers, and funded by donors and interest groups willing to invest in cyber freedom. I, personally, would be more than willing to take my other PC, install FreeBSD and a terabyte hard drive, and get to work.

Concerning Graph Search

I am beyond concerned about Facebook graph search… I have been tempted to leave Facebook numerous times already for similar corporate invasion of social media, but always was forced back because no one else feels like migrating.

I understand that corporations need information for advertising, but this is getting a bit ridiculous. This information needs to come from more voluntary sources like surveys or product registration, as the majority of Facebook users are less than likely to read the fine print before agreeing to update after update of their privacy policies.

I feel like GNU or FSF should sponsor a “free” social network, which could be funded by donations and contribution, much like GNU/Linux operating systems, where our expression and interaction will not be exploited for personal gain, or that very least be honest about doing so. Perhaps an incarnation of IRC with a GUI more oriented toward less experienced users?