'Social Media Needs A Travel Mode' (idlewords.com)

← Back to Stories (view on slashdot.org)

'Social Media Needs A Travel Mode' (idlewords.com)

Posted by msmash on Thursday February 23, 2017 @05:20AM from the genuine-concern dept.

Maciej CegÅowski, a Polish-American web developer, entrepreneur, and social critic, writes on a blog post: We need a 'trip mode' for social media sites that reduces our contact list and history to a minimal subset of what the site normally offers. Not only would such a feature protect people forced to give their passwords at the border, but it would mitigate the many additional threats to privacy they face when they use their social media accounts away from home. Both Facebook and Google make lofty claims about user safety, but they've done little to show they take the darkening political climate around the world seriously. A 'trip mode' would be a chance for them to demonstrate their commitment to user safety beyond press releases and anodyne letters of support. What's required is a small amount of engineering, a good marketing effort, and the conviction that any company that makes its fortune hoarding user data has a moral responsibility to protect its users. To work effectively, a trip mode feature would need to be easy to turn on, configurable (so you can choose how long you want the protection turned on for) and irrevocable for an amount of time chosen by the user once it's set. There's no sense in having a 'trip mode' if the person demanding your password can simply switch it off, or coerce you into switching it off.

23 of 144 comments (clear)

Min score:

Reason:

Sort:

mode complexity by micahraleigh · 2017-02-23 05:24 · Score: 3, Insightful

As a former C++ app engineer, I've found adding "modes" increases the source and test complexity and often end up not being used very much.

A sprawling generalization, but that's what I've got ...
1. Re:mode complexity by Dutch+Gun · 2017-02-23 05:34 · Score: 5, Insightful
  
  Besides, we already have all the technology we need to keep our data private. It's just that current law won't *allow* us to keep it private. As such, the *laws* need fixing, not the technology.
  
  --
  Irony: Agile development has too much intertia to be abandoned now.
2. Re:mode complexity by XxtraLarGe · 2017-02-23 05:57 · Score: 4, Insightful
  
  Besides, we already have all the technology we need to keep our data private. It's just that current law won't *allow* us to keep it private. As such, the *laws* need fixing, not the technology.
  They don't need fixing, they need repealing.
  
  --
  Taking guns away from the 99% gives the 1% 100% of the power.
3. Re:mode complexity by Austerity+Empowers · 2017-02-23 06:39 · Score: 2
  
  As such, the *laws* need fixing, not the technology.
  Yes, true, but given that it won't happen soon, technology that renders those laws useless is the only step forward we can make now.
4. Re:mode complexity by tlhIngan · 2017-02-23 06:48 · Score: 4, Insightful
  
  Besides, we already have all the technology we need to keep our data private. It's just that current law won't *allow* us to keep it private. As such, the *laws* need fixing, not the technology.
  No amount of technology can keep public information private. And no amount of "privacy controls" will make public information private. (See a pattern?).
  In fact, "social networks" and "privacy" are an oxymoron. There is no such thing as "privacy controls". "Privacy Controls" are marketspeak for "encouraging marks to over-share". Yes, Facebook and everyone has done their research - people will share more if they get the illusion their data is protected.
  In the end, everything you post on a third party website, is public. Thanks to people screen shotting, re-posting, etc, anything you post is public. Even if it's a party for selected individuals, the people you didn't invite will find out anyways.
  The only "technology" to keep our data private is to ... keep it private.
  Not that I agree with the border proection asking for passwords. But that's a legal issue that can really only be dealt with legally.
5. Re:mode complexity by jareth-0205 · 2017-02-23 07:50 · Score: 2
  
  It isn't technology nor laws. It is pure and simple ROI, as viewed by social media companies. To them:
  Security has no ROI.
  Privacy has no ROI.
  If it were in their interest to have security, we would be seeing social networks supporting client certs, reduced functionality modes, duress passwords, and many other types of security architectures, as opposed to just nothing like what we have now.
  So ROI does not fix the problem? So we need laws then?
  The market doesn't fix everything - that's why we have law.
6. Re:mode complexity by I'm+New+Around+Here · 2017-02-23 11:03 · Score: 2
  
  A voice in a crowd can sway many men.
  
  --
  If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
7. Re:mode complexity by Altrag · 2017-02-23 16:58 · Score: 2
  
  No it can't.. at least not beyond the most mundane interpretations such as "the new law could be typed up in a word processor."
  Technology needs to be implemented by somebody, and if it runs afoul of laws, the cops and lawyers will simply go after the implementer. Sure that may be impractical if you write your own encrypted messenger client that you and your 3 friends use but when we're talking companies on the scale of Google and Apple and Microsoft, their choice to run afoul of the law could affect millions of users.
  Think about the iPhone hack. One judge making one good decision is the only difference between Apple protecting its customers and Apple being forced to (effectively) open the flood gates for iPhone decryption -- which almost certainly would have been used as precedent if the next case featured an Android or Blackberry or whatever.
  That said, using encrypted communications is not yet illegal as far as I know, or at least not in the US. I'm pretty sure master keys or similar aren't even required yet. So there's currently nothing to fix in the sense that these companies could freely implement such technologies and just choose not to.
Devices are a red herring. by xtal · 2017-02-23 05:39 · Score: 3, Insightful

Border guards can ask for your account passwords.
You don't have to provide them, of course.
But if you're not a citizen, you don't have to be admitted, either.
There are little or no practical appeals.
Not responding truthfully to a border guard is a very serious crime; it's not an option, although refusing can be, with consequences.
It will be interesting to watch the economic impact of this over time - I suspect there will be none, as people have adapted in the past, and this will just become the norm.

--
..don't panic
1. Re:Devices are a red herring. by JustAnotherOldGuy · 2017-02-23 06:35 · Score: 2
  
  As AC said below, "How do I provide that which doesn't exist? What then?"
  I don't have a Facebook account, nor Instagram, Pinterest, LinkedIn, etc etc etc. Facebook *might* have a page that *they* started on me, but it's not mine.
  You can Google my name all day long and not find squat, I'm just not there. They're welcome to search for me but it'll be a wash with no relevant results.
  So how do I give them what doesn't exist?
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
2. Re:Devices are a red herring. by JustAnotherOldGuy · 2017-02-23 10:00 · Score: 2
  
  So how do I give them what doesn't exist?
  Create it, and then it will exist.
  Nooooooooooo. No no no.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
The concept is "Duress Password" by mi · 2017-02-23 05:42 · Score: 5, Interesting

A "mode" will be detectable — looking at your screen whoever compels you to show it (a criminal or an officer or both-in-one) will be able to tell, you are in "travel mode" and demand to see the real deal.
The concept you want is Duress Password — which ostensibly unlocks "everything", but hides the things you previously marked for hiding whenever the "duress" password is entered instead of real one.
And you may wish to use it not only to fool overzealous border-guards, but, for example, to hide certain materials from bystanders at Internet-cafes.
There is a "duress" PAM-module in the works for folks compelled to login to their Unix-laptop and a move to add the feature to Cyrus IMAP-server.
But, to reiterate, it is of utmost importance, that your usage of such functionality can not be not only proven, but even suspected. Whoever is in a position to compel you to login, is also in a position to punish you for fooling him...

--
In Soviet Washington the swamp drains you.
Re:If you have "travel mode" on by Marxist+Hacker+42 · 2017-02-23 05:47 · Score: 2

Because Travel Mode is an indicator that you've got something to hide, and thus, must be using social media to send encoded terrorist messages.
Sometimes I think terrorists are just nature's way of weeding out the violent and stupid- especially suicide bombers.

--
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
Re:2 accounts? by mi · 2017-02-23 05:49 · Score: 3, Insightful

Far better to have a cutsie account in your real name with only polite BS and a 2nd account in a different name where you can be honest
That would violate the "real name" policies of services like Facebook and Quora — you can lose that "important" account if you do that...
Of course, you can another account with your real name — for example, there are over a dozen Facebook accounts with my own fairly rare Firstname Lastname combination already. None of them mine...
But that has its own difficulties — most client-applications remember your username-string, even if you tell them to not record the password. So, you will be seen overwriting your username with the fake one... And, even if you aren't, whoever forces you will see, you last logged-in a year ago — and become suspicious. No, what you want is a "Duress Password", which unlocks the same account but hides the things you want hidden.

--
In Soviet Washington the swamp drains you.
How about traveling without? by damn_registrars · 2017-02-23 05:59 · Score: 3

Really, traveling without social media is a very pleasant option in most cases. My most memorable vacations are the ones I took where I was not worried about WiFi or 3G service. Your vacation should get you away from what consumes you during the rest of your existence; if you are worrying about that crap while you are away I'm going to tell you that your doing your vacation wrong.

--
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Re:Dumb Idea, Seriously by Opportunist · 2017-02-23 06:02 · Score: 2

2). Travel under the name Joe/Jane Smith and claim you never use social media. Ever. For anything!
Smart move. Where do I get a passport that says I'm Joe Smith?

4). Boot into a fake, but plausibly real looking environment, with nothing interesting on it. Load it to the gills with internet cat videos and nothing more;
I'd load it with gross but legal porn. Give them something to vomit over. Lemonparty or Tubgirl... gee, if I only could decide...

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:Uninstall? by Opportunist · 2017-02-23 06:04 · Score: 2

You hand vital information about yourself to a device you don't own?
First mistake.

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:If you have "travel mode" on by myowntrueself · 2017-02-23 06:09 · Score: 2

Because Travel Mode is an indicator that you've got something to hide, and thus, must be using social media to send encoded terrorist messages.
Sometimes I think terrorists are just nature's way of weeding out the violent and stupid- especially suicide bombers.
For one thing, there has to be something for them to see, so they don't see a blank slate and, on that basis, assume you have something to hide and probe you ever more deeply.
Clearly if there were going to be a 'Travel Mode' it would have to be very very well hidden.
When I'm travelling I wipe the phone, factory reset it, and then set it up with my work account instead of personal. That way there are contacts and emails etc but its only work related. My work isn't sensitive so I don't care. But it looks like it has stuff on it so it gives the security guys a nice satisfying experience.

--
In the free world the media isn't government run; the government is media run.
This is not a technological problem by gweihir · 2017-02-23 06:09 · Score: 2

It is a political one. If you travel to a country where they can demand your passwords, they can do equally bad things to you if you have a "travel-mode" configured. The problem is that they can demand your passwords. In a country that respects personal freedoms, that will not happen. Unfortunately, the citizens of most democratic countries are too unaware of history today to understand the value of those freedoms and how hard it was to get them and are not defending them. If you go to such a country, having them look at all your social media stuff from the inside may be the only option. Whether you want to go to a country run by honor-less and decency-less "authorities" that do these things with the general consent of the citizens there is another question.
Incidentally, doing a "travel mode" is easy: Create long random password that you cannot remember, write it down, set it as your account-password and leave the piece of paper it is on at home. Done.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Re: wow you are incredibly stupid by mi · 2017-02-23 06:32 · Score: 2

It wont be to hard for them to ask you for both passwords, you know
AFAIK, they don't ask for password. They ask you to "please, enter your password"...

--
In Soviet Washington the swamp drains you.
Re:Implying social media isn't already owned by CI by ColdWetDog · 2017-02-23 07:24 · Score: 2

You can powerwash a chromebook? Cool. I'm going to have to look into one of those.

--
Faster! Faster! Faster would be better!
Re: wow you are incredibly stupid by Opportunist · 2017-02-23 08:38 · Score: 2

What second password are you talking about? There is none.
Part of having a good duress password is not having to have one to make whatever you're using work in the first place...

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Take a vacation from your social media by enjar · 2017-02-23 09:40 · Score: 2

Log out, remove it from your device and actually be fully present for your trip. The world's a fascinating place, experiencing it through a four inch screen really doesn't do it justice.