Slashdot Mirror

← Back to Stories (view on slashdot.org)

LOAF - Distributed Social Networking Over Email

Posted by ryuzaki0 on from the do-you-loaf? dept.

FamousLongAgo writes "LOAF (List Of All Friends) is an extension to email that lets you send out address book data without compromising your privacy. LOAF appends a hash-like data structure to each outgoing email, and collects similar attachments from the people who write to you. These files can be queried to see if they contain a given email address, but they can't be reverse-engineered to reveal the list of addresses used to construct them. LOAF lets you check whether someone emailing you for the first time is a complete stranger, or appears in the address books of some of your trusted correspondents. And as a decentralized application, LOAF offers an interesting alternative to current social networking sites like Orkut or Friendster."

12 of 273 comments (clear)

  1. Spam blocking uses? by LoudMusic · · Score: 4, Interesting

    I've refreshed the /. page a few times and still see no comments. How strange.

    Anyway, how would something like this hold up in a spam blocking function? How easy would it be to get onto the LOAF list? And if the contents can't be listed, how are you to know that it's not chalk full of the bad stuff? How do you know that you aren't emailing to people whom you don't wish to receive your mails?

    --
    No sig for you. YOU GET NO SIG!
  2. Spam filter? by Daniel_Staal · · Score: 4, Interesting

    Could this be used in a spam filter? A somewhat adaptive whitelist?

    Not that it would solve anything, but it could be useful...

    --
    'Sensible' is a curse word.
  3. Re:Yeah, right.. by Nos. · · Score: 3, Interesting

    I'll believe it can't be hacked when its been in wide spread use for several years, and has been the subject of crypto seminars. Until then, I'm going to assume the spammers will break it.

  4. Re:Please go outside by over_exposed · · Score: 4, Interesting

    I agree with you completely, but I'm not sure that's the only application/purpose of this concept. I see this as more of a spam filtering tool (at least for those with near average intelligence). If it has a subject line with RE: in it and it's not from anyone you know or anyone that knows someone you know, it's probably safest not to open it. In fact, why not expand on this technology and have the e-mail client smart enough to warn the (sub average intelligent) user that this isn't a response to anything you've sent out and is most likely not a safe e-mail to open.

    --
    "The object of war is not to die for your country, but to make the other bastard die for his." - Patton
  5. 0wned Machines & LOAF-OKed viruses by G4from128k · · Score: 5, Interesting

    LOAF sounds wonderful until someone creates a LOAF-exploiting virus. If a friend becomes infected, their 0wned machine can send virus messages (with the friend's LOAF signature) that have a very high chance of being read and thus spreading through a LOAF network.

    The challenge with any computer-based social network is not the "do I trust my friend" question but the issue of "do I trust my friend's computer that is sending me this message"? Perhaps all computers need a tamperproof hash that encodes their OS patch/AV update/spyware/firewall defense state. That way the message recipient can assess the trustworthyness of the sending machine.

    --
    Two wrongs don't make a right, but three lefts do.
  6. Re:Yeah, right.. by AuMatar · · Score: 4, Interesting

    If they're doing it the right way, it can't be. For example, you could assign every address a random but calculatable value (for the hell of it, lets use the value of the product of all the ascii characters in their name). Thats a pretty random variable. You can check if an address matches it by caluclating its value and comparring, but you cannot reverse the process (due ot multiple possible matches). The cost you pay is that false positives are possible. In the above example, with 32 bit values, you have a 2^-32 chance of a false positive.

    --
    I still have more fans than freaks. WTF is wrong with you people?
  7. Something similar for AIM? by adamh526 · · Score: 2, Interesting

    This sounds like an interesting idea. I wonder if it'd be possible for someone to come up with something similar for AIM? Even though I don't like only allowing people on my buddy list to IM me, it think I'd rather only get IMs from someone who has some sort of connection to someone else on my list. That way I wouldn't have to keep turning down and blocking SnowJen15, SnowJen16, SnowJen17... SnowJen55, etc.

  8. Limits by glpierce · · Score: 4, Interesting

    What you call "superiority" others would call "limiting". All of your "advantages" involve speaking to a small group of known people anywhere/anytime. In the physical world, you meet new people. New people bring new ideas, perspectives, activities, etc.

    --
    G
  9. Hmm... by Hobbex · · Score: 3, Interesting

    A ``me too'' attack consists of taking someone else's filter and claiming it as your own. This does not help you get recognized by other correspondents - that determination is made by comparing your email address against their list of stored filters - but once you are 'in', it will make you appear to share many contacts with people you actually don't know well at all.

    Why not just salt the SHA1 function with the filter owners email address? That way somebody could never take my filter and claim it as their own, since the bloom filter won't match anything when the hash values are produced with their email address as the salt.

    Am I missing something?

  10. SPAM Application by xombo · · Score: 2, Interesting

    What would be great is to use this as a SPAM fighting measure. Just apply fewer points to a message that comes from a "real person" or "friend" on the network based upon their closeness to you in the social network thus reducing the possibility of the message going into the Junk box. Or, why not use the same concept to create "networks" of Spammers. So when you get a message, add them to the spam network and apply points to the message to consider it SPAM that way there's a global list spammers that could potentially weed them all out.

  11. Thunderbird extension by Guillermito · · Score: 2, Interesting

    Looks somewhat interesting.

    I would try it myself when/if someone writes a Thunderbird/Mozilla extension for it.

    (Before you ask. No, it's not interesting enough for ME to write a thunderbird extension myself)

  12. Re:Please go outside by superflippy · · Score: 2, Interesting

    People are better grokked in person, and this virtual hooey is way overrated and ultimately unsatisfactory.

    I'd say that depends on where you hang out online. There's a forum I frequent where members make an effort to periodically get together in real life. I've met some really neat people that way, and made friends in places that I might not normally visit. Now if I ever have to go to Greenville or Newfoundland or Israel, I know I've got friends there.

    Of course, the purpose of this forum is to discuss a common interest, not to meet people. I think it makes it easier for online relationships to translate to offline when you already know that you've got a few things in common.

    --
    Your fantasies contain the seeds of important concepts.