Author Topic: Privacy vs Security  (Read 448 times)

0 Members and 1 Guest are viewing this topic.

Offline Harry Black

  • International Man of Mystery
  • Global Moderator
  • Poster of Extraordinary Magnitude
  • *****
  • Posts: 15456
Privacy vs Security
« on: December 11, 2018, 05:16:49 PM »
I'm a single person who dates a lot online. One of the most frustrating things about this is the sheer volume of fake accounts or trolls/catfish.
Twitter is also recognising issues with having so many fake accounts and bots on their platforms and of course its a bit of an issue for our own community.
To try and summarize the problem- Bad or disruptive actors can infiltrate an online space to such a degree that it significantly affects the function the space was intended to perform. Be it hooking people up for casual sex or facilitating honest intellectual discussion.

It would be theoretically possible to require a high enough bar to creating accounts that it would require far more investment to circumvent and that may not be worth it for eliciting some sexy pics from a stranger online or posting racist shite.
Lets say for example, you had to provide a valid credit card number. That would be a bad idea because now the platform has a duty of care for that data and new users are far less likely to join while existing users will be unduly affected by any sort of breach.
Privacy vs security.

If there was an easy answer to this problem, Im pretty sure tinder would be using it (though maybe not, fake accounts with fitness model pics do make it seem more enticing to some people who dont yet realise they are fake).

So off the top of your heads, what kind of compromises theoretical or realistic COULD help here?
Assume you have the budget and resources available to Twitter.

Offline Billzbub

  • Stopped Going Outside
  • *******
  • Posts: 4157
  • I know you know I know
Re: Privacy vs Security
« Reply #1 on: December 11, 2018, 05:41:13 PM »
They could require a credit card number that they don't save.  Then they only have to protect it long enough to make sure you are you.  However, that would limit a TON of people who don't actually have credit cards.

In the movie "Cam" that I just watched on Netflix, they required a photo of your driver's license, which I assume some computer somewhere scanned to make sure you are you.  They would have the same issue if they saved it, but not if they discarded it.  That would require that they have access to a database of real driver's licenses, which would probably prevent this from being useful, though.  Also, it would eliminate anyone without a drivers license and would only work for the country it was used in.

If it is a site where the face shot is important, it could require that you take the picture with a code that they send you when you create your account, kind of like a mug shot.  The app would force you to actually take the picture rather than uploading one.  That would limit the app to people that have cameras on their phones or computers, but that might be preferable than allowing the catfishing.
Quote from: Steven Novella
gleefully altering one’s beliefs to accommodate new information should be a badge of honor

Offline amysrevenge

  • Baseball-Cap-Beard-Baby Guy
  • Stopped Going Outside
  • *******
  • Posts: 5929
  • The Warhammeriest
Re: Privacy vs Security
« Reply #2 on: December 11, 2018, 05:55:17 PM »
I am in the process of signing up for a service that lets me legally apply my signature and engineer stamp electronically to documents.

Part of the procedure is a Skype video conference where I visibly display my credentials to an authorized observer, and then they observe me doing the required signatures.

That's a lot of overhead, but it works.
Big Mike
Grande Prairie AB Canada

Offline arthwollipot

  • Reef Tank Owner
  • *********
  • Posts: 8503
  • Observer of Phenomena
Re: Privacy vs Security
« Reply #3 on: December 11, 2018, 06:11:02 PM »
I worked for an organisation where the CEO's EA had an unencrypted .jpg file of the CEO's signature, so that she could add it to Word documents as required. No-one had ever told either of them that if anyone else was able to get their hands on that file, any documents they added it to would be legally binding, and there would be no way to prove that it wasn't legit.
Self-described nerd. Pronouns: He/Him.
Quantum materiae materietur marmota monax si marmota monax materiam possit materiarii?

Offline 2397

  • Frequent Poster
  • ******
  • Posts: 2452
Re: Privacy vs Security
« Reply #4 on: December 11, 2018, 06:12:34 PM »
There is no compromise. Privacy is security. For maximum security, be completely unknown.

But you don't want that, you want to prove who you are or that you're a real person, and make contact with other known persons. CAPTCHA can work in a lot of situations. If it's not about stopping bots, but people who actively manage accounts to misuse them, then it's more difficult to deal with.

If it is a site where the face shot is important, it could require that you take the picture with a code that they send you when you create your account, kind of like a mug shot.  The app would force you to actually take the picture rather than uploading one.  That would limit the app to people that have cameras on their phones or computers, but that might be preferable than allowing the catfishing.

It'll increase the threshold, but if that was a common verification method, then it wouldn't take long for someone to create a workaround, and stamp the code onto some kind of stock photo. Or they could take a picture of a photo once they figured out just how to set it up.

Offline Harry Black

  • International Man of Mystery
  • Global Moderator
  • Poster of Extraordinary Magnitude
  • *****
  • Posts: 15456
Re: Privacy vs Security
« Reply #5 on: December 11, 2018, 06:55:30 PM »
You misunderstand.
I mean privacy of the individual vs security of the platform. Its great that I can be anonymous here and talk about my political ideas, but I would have been less likely to sign up if I was required to give up more of my identity.

The goal is to stop users making multiple accounts so that they can harass multiple people or come back once banned.
I think facial recognition software using a face pic with an auto generated code could work very well.
You could submit it to show you match the face pic being used on the profile or for things like twitter you could use it instead of captcha so the pic doesnt need to be displayed but you would have to go more out on a limb.
The problem being if my face matches that of a banned individual.

Offline Billzbub

  • Stopped Going Outside
  • *******
  • Posts: 4157
  • I know you know I know
Re: Privacy vs Security
« Reply #6 on: December 12, 2018, 10:12:14 AM »
amysrevenge has a neat idea.  It would be cool if there was a third party company who's sole job was to authenticate that people are really who they say they are.  Then web sites and apps where that is important could use the third party site as identity confirmation.  Theoretically, if the third party's whole job is protecting your personal information, they would be good at it.  That would take such a huge burden off of so many web sites.  Sites that require you to be 18 could actually do it!  And the overhead it would take to sign up for the third party service would only have to be done once instead of every time you sign up for a new app.
Quote from: Steven Novella
gleefully altering one’s beliefs to accommodate new information should be a badge of honor

Offline 2397

  • Frequent Poster
  • ******
  • Posts: 2452
Re: Privacy vs Security
« Reply #7 on: December 12, 2018, 02:01:37 PM »
Quote
Theoretically, if the third party's whole job is protecting your personal information, they would be good at it.

Only if there was another independent party whose only job was making sure that they did their job, rather than being where everyone buys personal information.

 

personate-rain