[messaging] Summary of discussion session at USENIX HotSec
Daniel Roesler
diafygi at gmail.com
Fri Aug 22 17:28:05 PDT 2014
On Fri, Aug 22, 2014 at 2:56 AM, Wasa Bee <wasabee18 at gmail.com> wrote:
> Because we don't see ads does not mean these companies' business model is
> not based on mining personal data... and selling it to someone else... We
> don't see ads in whatsapps, yet facebook presumably acquired it so it could
> mine users' data and put ads in their corresponding facebook page.
> If the idea is to get UI experts to enhance the UI on top of OTR, I surely
> like the idea. But I am not convinced that a good UI would be enough to push
> private messaging to the mass without a proper business model that does not
> rely on mining data. Any idea?
Agreed. Non-data mining business models are pretty tough to scale,
unfortunately[1].
One possibility is for cloud storage providers (Dropbox, SpiderOak,
Box, etc.) to build E2E apps that use their cloud storage as the app's
backend. Their business model is based on selling storage, so they
don't have as much of a financial incentive to mine user data.
Additionally, they could start to offer E2E alternatives to existing
popular apps, which could possibly bring in many new users to buy
storage from them. For example, I have a free SpiderOak account. If
SpiderOak started to offer a E2E apps that stored data encrypted on
its server, I might use up more space, which might push me into having
to upgrade to a paid account.
I've explored this concept a bit with my byoFS project[2], where it
allows user to connect their own cloud storage to use as a webapp's
backend. It's a similar idea to the remoteStorage protocol[3], except
data is automatically encrypted before being sent to the connected
cloud storage.
For a recent hackathon[4], I exploited the ability to make Dropbox
files public as a way to create an E2E encrypted chat with an unhosted
webapp[5]. The next chance I get, I'd like to make an E2E encrypted
social network that's hosted entirely on users' own cloud storage
accounts.
Anyway, as cloud storage gets commoditized, I think providers are
going to be looking for ways to differentiate themselves, and building
E2E encrypted alternatives to existing apps may be a good way to
attract users.
Daniel
[1] - http://www.theatlantic.com/technology/archive/2014/08/advertising-is-the-internets-original-sin/376041/
[2] - https://github.com/diafygi/byoFS
[3] - http://remotestorage.io/
[4] - https://www.youtube.com/watch?v=WTPimUSIWbI
[5] - https://diafygi.github.io/byoFS/examples/chat/
More information about the Messaging
mailing list