Untraceable SDs


#1

As far as I understand, the network is anonymous but unfortunately, it is also trackable through the owner id (present on SDs). I can use this information to keep track of a user’s preferences and activities on the network.

Best case scenario this is a privacy issue. Worst case scenario the user life can be in danger - I was born and raised in an authoritarian military government, a bloody one, I know what this can be.

Example: I can go to SafeBook, open Mary’s profile and discover her owner id (it’s on her profile’s SD). Then I can scan some websites (e-commerce, different social networks, safetube, comments data - decorum, etc) to create her behavioral profile.

Proposal: a “safeAuth.createAccount(secret, password)” API method. The app can randomically generate a secret / password and store it on the app root folder. Then, the app can use this user, not the master one to create untrackable SDs. The app can also use the master owner_id if necessary.

Another alternative is to enforce new credentials to each app, in a way that apps cannot access the master credentials, so even evil-minded apps will not be able to discover the user identity.


#2

Take a look at the RFCs for a revised scheme of app permissions. Numbers 46 and maybe 47 or 48 from memory.