Friendbo: Middleground Security for a Social World
Once again, I’m learning of some cool work being done by here at UW. Today’s Seattle Times (which my family still subscribes to in print form, just for the sheer Ludditeness of it) contains an article entitled “Inflexible Security? Lighten Up” by technology columnist Brier Dudley. The piece describes Friendbo, an access-control system being developed by students and professors at the U. Thanks to a technology transfer grant, Ph.D candidate Michael Toomin has taken Friendbo from a classroom project to a company set to soon release a Facebook app.
Friendbo seeks the middle ground between strict security models using set password control, and wide open access. Most online sharing that real people do hardly needs to be locked down with access restricted only to people we authorize on an individual basis, yet many of us aren’t really comfortable letting just anyone see everything we post. Friendbo approaches the problem with “safe boxes” which can be accessed by answering a prompt question with an answer that would only be known to people the poster wants to share the content with.
Let’s say you upload pictures of a family reunion to a photo album in a safe box. You could set the prompt question to “What did we have for lunch at the reunion?” and anyone who was there for the meal should be able to answer. If someone legitimately doesn’t know the answer — they came late and missed lunch, for example — they can ask anyone in the social group, who are all capable of verifying who should and shouldn’t have access for themselves.
In concept, I think Friendbo is a perfect fit for social media. For example, my Facebook page contains nothing I’m trying to hide, yet I’ve on occasion failed to confirm friend requests for several weeks just because they slipped my mind. I would have little trouble opening it up to anyone who knew some very basic information about me, as long as I also had the option of then blocking anyone who made it through the Friendbo test, but who I didn’t necessarily want to rekindle a connection with for whatever reason.
I’m looking forward to the release of the first app. Too bad the phrase “social security” has been taken, because that’s really what this is.
(2 votes, average: 4.00 out of 5)
Loading ...
Subscribe to Comments
Follow us on Twitter
Get email updates
2 Comments, Comment or Ping
jaysh
For contact information, home address, cell numbers and the like, I see a clear need for confirming access to those on one on one basis. A psychotic ex is as likely as a good friend to know a piece of trivia about you and be able to unlock a safe box. Once revealed, some information cannot be taken back.
Safe boxes seem like a good idea for content intended for semi-public consumption. Blogs and microblogs are better suited for public conversations. Facebook walls strike me as one for semi-public conversations; conversations that are intimate even if not totally private.
Contact information, addresses, phone numbers, credit cards, and other sensitive information is private and should be secure. Preferably with one secure entity that manages your connections to all contacts and entities that need access to that information.
Lots of good ideas for comprehensive solutions to managing online identity and contact information have been going around for a while, but have yet to come to fruition.
Nov 4th, 2008
Brook Ellingwood
I agree with your points, Jay, and they made me realize how ingrained it is in me to take some precautions online. For example, I don’t even have my email address in my public Facebook info, much less something crazy like my phone number. But a lot of people do, and maybe they should stick to the 1:1 approval model for their profiles.
In addition to personal security issues, I try to keep in mind how my online activities are attached to me as a person. For instance, I never talk about anything using my real name that I wouldn’t be comfortable being asked about by my mom or a job interviewer.
Having said that, I did post my home address repeatedly on Twitter the other day because I was interested enough in a third party app that I was willing to try what I thought its confusing instructions were telling me to do. I guess I’ll call that research…
But for the sorts of sharing that constitutes so much social media activity, I think the level of security offered by Friendbo is pretty appropriate.
Nov 4th, 2008
Reply to “Friendbo: Middleground Security for a Social World”