Initiating the Privacy Arms Race Against Facebook: The AntiSocial Firefox Extension

By Nitesh Dhanjani
June 1, 2010 | Comments: 6

It is my opinion that the popular expectation that Facebook will eventually take privacy seriously is unfounded. Facebook is a profitable entity and their business roadmap clearly illustrates that they feel they are at a stage where user privacy must be compromised for their business to grow.

In other words, it is the users who must battle with the decision to either stop using Facebook, or to accept to collaborate and communicate using a platform that mines their private information to compute business intelligence for eventual profit.

Perhaps this is a fair set of options, given that the concept of 'social privacy' is an oxymoron: if we want to be social and benefit from it, we must share information about ourselves. However, this sort of reasoning is not grounded in reality, for the same reason that disconnecting your computer from the Internet to gain the utmost level of security isn't a reasonable option (for most people).

It is also my opinion, that the online social space has created a condition where the end users must ultimately collaborate to initiate an ongoing privacy arms race. To promote this sentiment, and to further the cause of research in this field, I'd like to announce the AntiSocial project.
antisocial.png

The AntiSocial project is a subset of my research under the NeuroSploits umbrella (more on NeuroSploits later). I have developed a Firefox extension to promote this effort. If you are in a hurry, you can download it from https://addons.mozilla.org/en-US/firefox/addon/162098/ (beware that is is an initial release, but you are most welcome to try it out and provide feedback).

At the moment, the following is what AntiSocial aims to do and how it works.

A. Provide additional privacy controls and features to the user by:

- Preventing external sites from including Facebook content. This prevents Facebook from being able to track the user's browsing habits external to Facebook (via the Referrer header).

beforeafter.png

Figure: Screenshot of CNN.COM being prevented from embedding Facebook content



errorconsole.png
Figure: Screenshot of Firefox Error Console displaying external sites blocked



- Banning all access to 3rd party Facebook applications, including applications that choose to use Facebook's Automatic Authentication in which users are not given the opportunity to authorize the execution of the 3rd party application. This will prevent arbitrary 3rd parties from being able to capture user data.
antisocial-preview.png
Figure: Screenshot of of AntiSocial in Firefox task bar



- Preventing external sites that are landed on from Facebook from capturing this fact (by modifying the Referrer header).

- [more to come]

B. Increase the noise to signal ratio of business intelligence collected by social media platforms (currently Facebook) by [research in progress]:

- Changing the Referrer header while the user browses the Facebook platform (this will not stop Facebook from collecting intelligence about the user's browsing habits within the platform, but it may make their data mining slightly more expensive).

- Changing the referrer information tracked within the Facebook cookie (this will not stop Facebook from collecting intelligence about the user's browsing habits within the platform, but it may make their data mining slightly more expensive).

- Initiating arbitrary requests to the Facebook platform to make it harder for Facebook and 3rd parties from computing business intelligence (work in progress) for given sets of computations that the user may not agree to.

- [more to come]

Please feel free to contact me with any bug reports, questions, or ideas.

[As a caveat, I'm a fan of the NoScript Firefox plugin and I do realize that some (if not all) of these feature sets can and may be incorporated by NoScript - however, the AntiSocial Firefox extension aims to target users that may not be technically savy enough to maneuver a tool such as NoScript, and also to further my own understanding and research of privacy issues in social platforms].


You might also be interested in:

6 Comments

Hello, congrats for sharing your ideas, great and helpful post.
Here is a FireFox extension i've just build:
https://addons.mozilla.org/en-US/firefox/addon/227253/
is called "miniStatus SSS (simple seo shortcut)" and it points the page you're currently browsing to the http://ministatus.com Seo and Sem analyzed data in order to get an idea of what that domain is worth or what's it's status, etc.
Hope someone will find it useful and help on spreading the word out.

Is an update for FF4 in plans?

Nice plug-in.
You are right, NoScript covers a lot, but I've recommended this to quite a few non-tech friends.
Went to recommend it again today, and I see Mozilla has pulled it from downloads. Could you please address the matter...or was that your choice?
S

I just went and checked my Error Console, and wouldn't you know it:

AntiSocial BLOCKED broadcast.oreilly.com from loading http://www.facebook.com/plugins/like.php?http://broadcast.oreilly.com/2010/06/initiating-the-privacy-arms-ra.html

I love this Plug-In because it makes live so much easier. With No-Script the original Site isnt usefull anymore if u block th hole FB-Stuff.
Keep my FF on a lower version, just to keep your plug-in.
Is there planed an update to FF4?
At least, i cant find ur plug-in anymore on the mozilla site, what happend?

Addon removed by an administrator. Interesting.

News Topics

Recommended for You

Got a Question?