LOAF - Distributed Social Networking Over Email

FamousLongAgo writes "LOAF (List Of All Friends) is an extension to email that lets you send out address book data without compromising your privacy. LOAF appends a hash-like data structure to each outgoing email, and collects similar attachments from the people who write to you. These files can be queried to see if they contain a given email address, but they can't be reverse-engineered to reveal the list of addresses used to construct them. LOAF lets you check whether someone emailing you for the first time is a complete stranger, or appears in the address books of some of your trusted correspondents. And as a decentralized application, LOAF offers an interesting alternative to current social networking sites like Orkut or Friendster."

Please go outside

[revscat]

Ok, I've had it with Friendster, Tribe, and all this social networking crap. Go to a bar, go to a park, hell go to a freaking CHURCH or something but if you want to make friends then for the love of Augusta Jane Chapin STEP AWAY FROM THE BLOODY COMPUTER. People are better grokked in person, and this virtual hooey is way overrated and ultimately unsatisfactory. If you're fat and ugly, go hang out with other fat and ugly people. Whatever you are comfortable with. But you just can NOT get the same social dynamics online as you do in the real world.

Why do you think people are such assholes online? You know, like me. Because the social dynamics are different and don't match reality. People don't have to be polite online, and you don't get to practice communications skills that make you successful in the real world.

And since the eventual goal is to get laid the physical verbal interactions are kind of important.

Having said that, this seems like an interesting technology, and doesn't seem as inherently annoying as Friendster. When the FAQ has stuff like this in it:

The false positive rate for Bloom filters is determined by the number of hashing functions, the size of the filter, and the number of entries in the filter, given by the approximate formula:

( 1 - e^(kn/m) )^k

It makes me go all warm and fuzzy.

Re:Please go outside

[AuMatar]

If you don't like them, don't use them. I don't myself. That being said, I know a lot of ways they're superior to real life:

*Ability to talk to people at any time. If my friend isn't at the bar, I can't talk to him. The chance he's near his computer is much higher
*Ability to hold multiple conversations. I can hold 4 or 5 simultaneous text conversations, only 1 oral one.
*Ability to talk asynchronousl. I can post something, he can read it later. A bar doesn't do that
*Ability to talk to people when on the road
*Ability to talk to people whatever the distance

Thats a few of the advantages. Real life has its own set of advantages. Neither is obviously better than the other. Nor is either exclusive- you're allowed to do both.

Re:Please go outside

[over_exposed]

I agree with you completely, but I'm not sure that's the only application/purpose of this concept. I see this as more of a spam filtering tool (at least for those with near average intelligence). If it has a subject line with RE: in it and it's not from anyone you know or anyone that knows someone you know, it's probably safest not to open it. In fact, why not expand on this technology and have the e-mail client smart enough to warn the (sub average intelligent) user that this isn't a response to anything you've sent out and is most likely not a safe e-mail to open.

Re:Please go outside

[eln]

And since the eventual goal is to get laid the physical verbal interactions are kind of important.

I think that pretty much says everything we needed to know about you.

I don't go in for these sites either, but to say that personal relationships online are any less valid than personal relationships in any other setting is ludicrous. Just because your only goal in life is to get laid doesn't mean that's the case with everyone else on the planet. Sometimes, we like to talk to people because we find them interesting, not because we think we might be able to score with them.

You're right that the social dynamics online are different, but you can't completely dismiss a manner of human interaction because it's different than what you're used to. But then, if all you're after is picking up drunk women in bars, then you can go ahead and spend your life doing that. You would have to be pretty shallow to consider that kind of lifestyle anything but "ultimately unsatisfactory" though.

Of course, there's a certain irony in your comment coming from a Slashdot subscriber.

Re:Please go outside

[greg_barton]

But you just can NOT get the same social dynamics online as you do in the real world.

I think that's the point. Maybe some people don't WANT the same social dynamics you get in the real world.

Re:Please go outside

[shadowmatter]

Indeed, Bloom Filters are the shit.

These days, in my spare time, I'm writing a p2p program -- think of it as a swarm-download system, like BitTorrent, on an overlay network topology, like eMule (only eMule uses Kademlia, and I'm using Pastry). It has been shown, here and here, that Bloom Filters can drastically reduce the traffic generated when searching peer to peer networks. I recently coded a Java implementation of a Bloom Filter for my p2p program, and it works great in testing. (But the p2p program isn't anywhere near done, so don't ask about it ;)

Furthermore, Bloom Filters can be compressed -- see Michael Mitzenmacher's work here. The idea that you can compress a Bloom Filter is a little counter-intuitive, because the size of the bit vector and the number of hash functions are derived using calculus to maximize the compactness of the set, for a given false positive rate -- thus, in this state, it is non-compressable (it is "already compressed" by simply being an optimal Bloom Filter). To compress a bloom filter, you must choose a large bit vector, and a non-optimal number of hash functions, then apply the compression algorithm (typically arithmetic coding). Because the bit vector is so large, it is sparsely populated -- and so compression works.

Often you can save 10% and 20% on the size of your bloom filter, while having a lower false positive rate. Score!

A very nice, very interesting survey of all the applications of Bloom Filters can be found here.

- sm

Re:Please go outside

[EvilTwinSkippy]

As I sit here slashdotting in one hand and playing interference with my infant on the other, I contemplate the social scene for new dads.

(Tends to screaming kid.)

Well I guess I could hire a sitter. (No sweety, not the iBook!!!!) a;dfogadlogjs;ldug wsorutspritgsagu9o uapouigfa oczvj zfj jozdo zdzolaeroprasjo; jgd oj j drg

Bad timing today.

[kiltedtaco]

These files can be queried to see if they contain a given email address, but they can't be reverse-engineered to reveal the list of addresses used to construct them.

Or so they thought, untill they heard about the sha vulnerability.

Spam blocking uses?

[LoudMusic]

I've refreshed the /. page a few times and still see no comments. How strange.

Anyway, how would something like this hold up in a spam blocking function? How easy would it be to get onto the LOAF list? And if the contents can't be listed, how are you to know that it's not chalk full of the bad stuff? How do you know that you aren't emailing to people whom you don't wish to receive your mails?

Re:Spam blocking uses?

[Sparr0]

There is no central list. The concept is that you append a list of YOUR friends to the end of each email you send. No one can read the list alone, but they can check if specific addresses are in it. So when someone new emails you, you check their address against all the known-good LOAF hashes youve recieved, this will tell you if they are a friend of a friend of yours.

Re:Spam blocking uses?

[Bingo+Foo]

Correct, And since your List Of All Friends is appended as a hash and not plaintext, no one can "pinch" your LOAF, so to speak.

Spam filter?

[Daniel_Staal]

Could this be used in a spam filter? A somewhat adaptive whitelist?

Not that it would solve anything, but it could be useful...

Re:Spam filter?

[Soko]

Hmmm... Mail Expurgated Against Tenative List Of All Friends - MEATLOAF!!!

MEATLOAF - the Anti-SPAM!

Yech. Time to go home.

Soko

LOAF

anyone else think linux on a floppy when they saw this?

Dictionary attack?

[Sheetrock]

Create a huge (a@a.com, b@a.com, c@a.com, etc.) list of 'friends' and check the hashes in that list against everything you receive via LOAF?

You don't need to reverse it if you can brute force it.

Re:Dictionary attack?

[GillBates0]

RTF About Page

They've included a nice analysis of the types of attacks including the Ex-Girlfriend attack, Marc Canter attack, and Dictionary Attacks in the writeup

The configurable false positive rate can make Bloom filters resistant to dictionary attack, but it also renders them less useful. Given a false positive rate of c, and a dictionary with k elements, a dictionary attack will result in ck false hits. This rate goes down if you can collect multiple filters from the same user that are either 1) of different length, or 2) use different hash functions (salts, in our implementation). False positives in either case will be different, so for n filters the false positive rate will drop to c^n.

This implies that the truly paranoid should use a presized filter large enough to contain as many correspondents as they ever expect to have on record, and an invariant set of salts. Under those conditions, collecting multiple filters will not change the false positive rate. A mostly empty large filter might have an unacceptably low false positive rate, so you would want to pad the list of real emails out with random data, to maintain a constant ratio of on/off bits as well.

The tradeoff with a high false positive rate is that the filter will be less useful to legitimate recipients. An intriguing possibility is that of sending out very inaccurate filters that are updated on a regular basis (for example weekly) so that a user has to accumulate a certain number of the filters in order to run queries with a good degree of certitude. This spreads private information over several filters and ensures that an eavesdropper who intercepts only one file will find it of very limited value.

And most importantly they say: Of course, the truly paranoid would be crazy to use LOAF.

Re:Dictionary attack?

[JohnFluxx]

of course! How stupid of these people.
I'm sure that with email addresses being around 15 characters, with around 40 different letters, that's only 40^15 different emails to try.
That's 1 million million million million combinations.
Shouldn't take too long to try.

just hope your name isn't

a766a602 b65cffe7 73bcf258 26b322b3 d01b1a97 2684ef53 3e3b4b7f 53fe3762 24c08e47 e959b2bc 3b519880 b9286568 247d110f 70f5c5e2 b4590ca3 f55f52fe effd4c8f e68de835 329e603c c51e7f02 545410d1 671d108d f5a4000d cf20a439 4949d72c d14fbb03 45cf3a29 5dcda89f 998f8755 2c9a58b1 bdc38483 5e477185 f96e68be bb0025d2 d2b69edf 21724198 f688b41d eb9b4913 fbe696b5 457ab399 21e1d759 1f89de84 57e8613c 6c9e3b24 2879d4d8 783b2d9c a9935ea5 26a729c0 6edfc501 37e69330 be976012 cc5dfe1c 14c4c68b d1db3ecb 24438a59 a09b5db4 35563e0d 8bdf572f 77b53065 cef31f32 dc9dbaa0 4146261e 9994bd5c d0758e3d

(http://www.mail-archive.com/cryptography%40metzdo wd.com/msg02554.html

Re:Yeah, right..

[Nos.]

I'll believe it can't be hacked when its been in wide spread use for several years, and has been the subject of crypto seminars. Until then, I'm going to assume the spammers will break it.

FWD:FWD:FWD:FWD: LOAF !

[lateralus_1024]

Send this email to your LOAF within 3 minutes or suffer a tragic loss next week!

It's a spammer's dream.

[techno-vampire]

All you need to do is join a few mailing lists with people on it that use this. Then, you run you CD of email address through it, looking for hits. This gives you a much smaller list, but they're all confirmed, known good addresses. The cool thing, from the spammer's perspective is that you don't have to go out and harvest, people go out of their way to give you their friend's email addresses.

Re:It's a spammer's dream.

[cmowire]

True, but does this actually *help* them?

It's much faster to just send out to a plasuable set of addresses than to actually try to check for them actually being "good". So they generally don't wory about that sort of thing.

They, of course, still claim that their lists are good addresses who have "opted in" to their list. But that's just salesmanship.

Virii and worms

[grahamsz]

It doesn't seem like it'd be hard to have a worm write an arbitrary address into your address book.

Then LOAF would propogate that address to your friends, and then spammers could use the address programmed into the worm as the from address.

On the whole though this seems like a really nice addition to existing spam blocking systems.

Unfortunately the cases where i recieve email from a friend of a friend are relatively rare - but that's just me.

It also does have some privacy issues - since it'd essentially enable me to check if one of my friends happens to have my wife in his address book...

You clicked/deleted WHAT?!?

[Donoho]

LOAF lets you check whether someone emailing you for the first time is a complete stranger, or appears in the address books of some of your trusted correspondents.

What's the difference? Some of my most trusted confidants have systems riddled with spyware and viri. They're great people but Horrible users. I rarely give out my real email address for that very reason.

0wned Machines & LOAF-OKed viruses

[G4from128k]

LOAF sounds wonderful until someone creates a LOAF-exploiting virus. If a friend becomes infected, their 0wned machine can send virus messages (with the friend's LOAF signature) that have a very high chance of being read and thus spreading through a LOAF network.

The challenge with any computer-based social network is not the "do I trust my friend" question but the issue of "do I trust my friend's computer that is sending me this message"? Perhaps all computers need a tamperproof hash that encodes their OS patch/AV update/spyware/firewall defense state. That way the message recipient can assess the trustworthyness of the sending machine.

Oh Great

[data64]

Now you want to tell people to "Go ahead and open all those emails with attachments" ?

Re:Yeah, right..

[AuMatar]

If they're doing it the right way, it can't be. For example, you could assign every address a random but calculatable value (for the hell of it, lets use the value of the product of all the ascii characters in their name). Thats a pretty random variable. You can check if an address matches it by caluclating its value and comparring, but you cannot reverse the process (due ot multiple possible matches). The cost you pay is that false positives are possible. In the above example, with 32 bit values, you have a 2^-32 chance of a false positive.

Linux On A Floppy

[zoloto]

For a minute there, I thought this was an actual readable article about a distro that was once fairly useful L.O.A.F. and its revival.

Guess not.

Oh, come on.

[Short+Circuit]

Being online give you freedom. Manners, grammar and spelling aren't eliminated, they become a choice. And as a choice, they can become something to be proud of.

Interacting with other people online has allowed me to get to know people from other countries and cultures, instead of being limited to a west Michigan culture where it's sometimes hard to find other people interested in the same things I am.

Finally, things like email and online forums allow me to communicate and cooperate with people in other time zones. I don't have to be awake for my message to reach my buddy in Mexico. Or my friends in Africa, Europe or Asia.

Re:Can't is such a strong word

[bsdfish]

You generally reverse engineer it because there is fundamental information loss in the hashing process. However, there are caveats.

For example, lets consider a really primitive hashing function: we add up the ascii values of all the letters in the the email address and that is the hash value. However, foo@bar.com and bar@foo.com obviously have the same hash in this case, so knowing that the sum is 1234, you can't determine which the address is.

Now if the hash is long and very good at avoiding collisions, you may actually be in more trouble than when using a weak hash, because the very rarity of hash collisions reduces the information loss (maybe there's only one string that includes an @ sign and is shorter than 40 characters that hashes to that value!) So, if we have some way of generating a string, fitting a specific template, that evaluates to a particular hash (and so far, the found SHA-0 collision is nothing of this sort), we can just generate all short strings that match that hash and look for one that could be an email address. However, a weaker hash would result in many plausible email addersses hashing to the value, which would increase false positives, but reduce the risk of finding the original addresses.

DVD encryption was reverse engineered because all the information was preserved. As long as the hashing function looses enough information, there is no way to recover the original email.

Limits

[glpierce]

What you call "superiority" others would call "limiting". All of your "advantages" involve speaking to a small group of known people anywhere/anytime. In the physical world, you meet new people. New people bring new ideas, perspectives, activities, etc.

Re:Limits

[AuMatar]

And what you would call "advantages" many would call "limiting". I for one don't tend to like meeting random people, I want to meet highly intelligent, thoughtful people. There tends to be a limited number of those per geographic area. Those limitations are removed online. And meeting them online at least has an automatic intelligence filter- if they can't type english, they can be ignored as morons (or foreigners, but if they can't use english I won't be able to communicate with them in person either).

Like I said- both have advantages and disadcantages. Thats why both exist. Use the one you want, or both of them. But don't insult someone else for prefering one over the other.

Re:Limits

[FirstTimeCaller]

You know who hangs out at bars? Drunks. I don't want a social circle of drunks.

That's OK. We don't want you either.

Re:Limits

[glpierce]

"Elitist" is the word.

If you wouldn't "lower" yourself to speaking to anything but the-best-and-the-brightest, you're not going to learn appropriate social skills for dealing with "regular" people, which are what you're normally going to deal with in the physical world. Also, there are many places to meet "intelligent, thoughtful people"; try a bookstore, coffee shop, etc. instead of a bar, and you might find different sorts of people.

Re:Limits

Trust me, they're more bored by you then you by them.

Re:Limits

[theLOUDroom]

"Elitist" is the word.

Sorry, wrong. It's just a simple reailty.
You can't just walk into a coffee shop and find someone to talk to about digital FIR filters, for example. There just aren't people like that everywhere.

It's not that I won't talk to normal people about normal things, but when you want to talk find out about adjusting your sway bar end-links for zero preload, most people just nod and smile.

One of the great things about the internet is to make it easy to find people to talk to about these things. Maybe there are only 100 people who know much about the ECU in an Mazda RX-7, but chances are, you be able to find some of them online and have a real, meaningful conversation on the subject, rather than some idiot going "Wow! That's like in 2F2F!"

It's not elitist, to not want to waste your time and someone else's time having a one-sided discussion they won't understand. Some people just aren't that interesting to certain other people. That's just the way it is. It not because the other person considers them to be a less person, IT'S BECAUSE THE HAVE NOTHING IN COMMON, NOTHING TO TALK ABOUT.

Re:Limits

[jskiff]

BS in Computer Engineering, UIUC. No masters, I'm applying for phd programs next fall
1580 SAT
34 ACT
National AP Scholar (requires completing 8 full semester equivalent AP tests while in high school, and getting a minimum score of 4/5 on all of them. A 4 is equivalent to an A in a college course)
National Merit Finalist
ACM Member of the Year, UIUC branch. Awarded for my work on the tutoring program
2nd place biology and 5th place computers JETS Illinois State championship
3rd place biology and 5th place computers WYSE Illinois State Championship (they renamed it my second year)


Job outsourced to India: Priceless...

Re:Limits

[Erik+Hollensbe]

Sigh.

I work with a couple of people like you!

I can't stand them.

I am a "highly intelligent" person (don't ask me, ask the people I know, who also happen to be "highly intelligent").

A lack of diversity can almost be directly equated to a lack of knowledge. I fail to see how your approach to so-called "stupid people" is any different than a racist bias.

Who defines intelligence? At least racists made it clear who they hated - but you provide nothing more than a loophole which you can manipulate to your will.

"I don't like him; he must be an idiot".

Heck, if you wanted to say you didn't like hanging out with uninteresting people, that would make sense. Heck, I'm not fond of uninteresting people either, but my definition of uninteresting is different than yours.

But trying to plant your statement as objective when it's obviously subjective is some kind of logical fallacy (and if it isn't, I'll be taking my nobel prize now), one which I can't remember at this time.

What's funny, is that most of the job skills that I apply today that really make me stand out (other than my technical skills), are the skills I learned working jobs for shit pay like being a clerk at a convenience store or *gasp* working at McDonalds.

Some of the smartest people I know are engineers. They are also spend 90% of their time trying to avoid work, never apply themselves to their fullest potential and occasionally outright refuse to work with team or accept team members' ideas.

Nothing requires you to learn these skills when your technical knowledge and ideas are put on a pedestal. On the flipside, everyone knows how to flip a burger or work a cash register - you are competing for something significantly more real (like your cash flow) and might actually learn a thing or two.

P.S, did you know that there are Truck Drivers that are in MENSA? Don't believe me? Look at their Web Site, here's the quote:

As far as occupations, the range is staggering. Mensa has professors and truck drivers, scientists and firefighters, computer programmers and farmers, artists, military people, musicians, laborers, police officers, glassblowers--the diverse list goes on and on. There are famous Mensans and prize-winning Mensans, but there are many whose names you wouldn't know.

Get real.

Re:Limits

[Wordsmith]

Why don't you guys all meet up somewhere and talk this over. I'm sure the in-person interaction would be better. Or maybe worse. Or maybe better. Or maybe ...

Re:Can't is such a strong word

[Iamnoone]

Because it allows false positives, it is pretty lossy and loses a lot of info upon encoding.

An (bad) example would be that the "encoding" function is the ascii values for the first and third character before the @ and the first character after the @ - those bits of a 128 bit Bloom filter are "lit up" for your address, so that means:

akbar@anon.com
a1babe@all4you.com
asbackwards@aw crap.uk

all map to the same bits being lit up in the bloom filter, there is no real way to "reverse engineer" it and since it does not assume no collisions (unlike MD5 and SHA*) it is not expected to have unique mappings - that's a feature, as they say.

but, what if..

[Keruo]

you don't have any friends?

But....

[oO+Peeping+Tom+Oo]

If they release a worm, we'll finally know which ones of our friends were dumb enough to open attatchments :p

Not that strong...

[ikegami]

You don't need to extract every email in it to break it...

For example, if your employer got their hands on your list, they could check if you've been in contact with people at your competitors.

It's even worse if they try and get a false positive!

what mail client(s) is this talking about?

[frovingslosh]

OK, I've read the article, and I still can't determine just what they are talking about. They use the term "address book" like there was some sort of one size fits all address book that all e-mail clients use. Such is certainly not the case; I use several e-mail clients and each has it's own address book (a sad fact that is even delaying my switch to Thunderbird on my desktop). What address book or address books does this thing use? What client(s) does it support?

While IM was never mentioned in the article, my fear is that something like this is more likely aimed at IM users than others; quite an oximoron for an application designed to promote privacy and security. Also, since it seems to be based on a friend-of-friend approach, it would have to support the address book format of every friend that I excahange e-mail with, would it not? This all seems to be ignored in the article.

Re:What about people who don't use address books?

[stefanlasiewski]

Too bad I don't use electronic address books.

Yeah, back in my day we didn't have fancy electronic address books.

We only had paper address books. If I ran into a stranger, I would take my address book and smear it across his face one page at a time. If the ink rubbed off, then I knew they were a friend of one of my friends, and I could trust 'em.

And then we could drink beer together. But we didn't have carbonation back then so we used straws to blow bubbles. There wasn't any plastic back then neither, so we had to find a swamp and cut some reeds...

Hmm...

[Hobbex]

A ``me too'' attack consists of taking someone else's filter and claiming it as your own. This does not help you get recognized by other correspondents - that determination is made by comparing your email address against their list of stored filters - but once you are 'in', it will make you appear to share many contacts with people you actually don't know well at all.

Why not just salt the SHA1 function with the filter owners email address? That way somebody could never take my filter and claim it as their own, since the bloom filter won't match anything when the hash values are produced with their email address as the salt.

Am I missing something?

Oh Boy, Longer Emails!

[tarsi210]

Gee...hasn't anyone else noticed what else we get with LOAF? Longer shit on emails!

Unless the application (which it might, I haven't checked) filters the LOAF signature, we'll have a nice influx of three-word emails with 25 lines of crap at the end of each, plus headers, plus the 50-line signature that I flamed you about last week, plus your cutsey signoff, plus the last 14 messages you've quoted in the discussion thread because you were too fucking lazy to edit them off, plus a poorly-rendered ASCII-art picture of Britney Spears showing her hot grits, plus...

Well. You get the picture. I can't wait until I can be on mailing lists that have 95 LOAF signatures at the end of each email because they were running Outlook and it couldn't filter them out.

Any way to stick those babies in a header? At least they can be hidden, then. The bandwidth is just a victim anyway.

It will work for a while - degrees of seperation

[dbIII]

It will work for a while, then someone you know will get Kevin Bacon on their list you'll be able to get emails from anyone.

Perhaps limit it to a couple of steps away.

Sad state of the Interweb....

[mat+catastrophe]

I'm not sure if anyone else has posted this idea yet, 'cause I'm way too lazy and tired to read the whole discussion, so I'm just throwing this out there....

It seems kind of sad and pathetic that we need something that "checks incoming mail against the address books of your friends" in an effort to get rid of email from complete strangers....

The internet was supposed to, among a thousand other things that are now long forgotten, get strangers together who shared common bonds of interest or study. Hobbies, ideas, whatever...