This post is also available in: Español
In late September, a year after the user data fiasco with Cambridge Analytica, Facebook was once again under fire for user privacy breaches. Three software loopholes severely jeopardizing private user data were uncovered on September 25th: further investigation discovered it had led to the exposure of nearly 50 million users’ personal information. This is the largest security breach in the history of the company; it’s unclear how long the attacks have been going on for since the vulnerabilities were introduced July 2017 and only discovered recently.
Why Does This Matter?
This is a big deal. Previously, the reveal of Cambridge Analytica’s access to up to 87 million users’ private information wreaked havoc across the world; there was widespread concern about the impacts of the manipulation of this data on the United States 2016 elections. Now, there’s more user information vulnerable than ever before – not just information mined from Facebook, but also from the huge number of platforms using Facebook as a login mechanism.
How Did It Happen?
The first two of the software bugs came about through a tool implemented much earlier that was meant to increase user privacy; the problem was compounded by the third bug, originating from a function that helps users upload birthday videos more easily. A “view as” feature in the birthday video function allowing users to view their posts and profiles as someone else had a loophole; it allowed attackers to obtain users’ access tokens. Access tokens are what most sites and apps use to save your login information, so you don’t have to manually go through the login process every single time; tapping into these allowed attackers to uncover users’ personal information.
Where Does Blockchain Come In?
Facebook most likely won’t be the only one to suffer these security breaches going forward. Today, we rely on a just a handful of platforms to access most of our online services – nearly our entire online presences are built on top of these companies’ software. When online services grow to have such a wide reach, the implications hold higher stakes; the leak of certain sensitive information could very well cost lives. In other words: these platforms have one central point of failure that needs to be protected really, really well.
This is where distributed ledger technologies like blockchain come in; because they’re precisely built to avoid having that central point of failure, they have a great shot at solving these problems we face today.
To understand how blockchain will change the way this problem is approached, it’s important to understand the centralization of the Internet itself. Web 2.0, unlike the Web 1.0 days of Geocities websites, is dominated by a select few online services. The natural process of growth had online platforms pairing up with 3rd party developers and businesses in order to mutually grow their companies. However, as time went on, these partners would develop one-sided reliances on the platforms. This has happened multiple times; we’ve seen it with Zynga and Facebook, Microsoft and Netscape, and Google with Yelp.
The resulting trend: as centralized online platforms grow, they move from the point of cooperation, codependence and user attraction to the point of competition against their affiliated creators and developers. Their business model also begins to point towards the extraction of information from their users. As a result, people no longer have full control over their information online, and any value generated by users and creators ultimately returns to the owners of the platform.
Blockchain is well positioned to address these problems. Since all interactions that happen on distributed ledger networks are peer-to-peer, there’s no intermediary actor that can intercept and process the information you’re moving around. Furthermore, distributed ledger networks use cutting-edge cryptography to secure the data and make it completely unchangeable; this makes a lot more failsafe than your typical platform’s software. Most importantly, it’s a distributed network, which means there’s no central point of failure.
Who’s Working On This?
Networks like Ethereum are moving towards powering the new Web 3.0; what are the keystone projects that are working to usher in a new era of safer, more just social media to populate these protocols? A notable project is Steemit, a decentralized social network similar to Reddit built on top of the Steem blockchain. It leverages the network to monetize content with tokens in a way that’s accessible.
Another project specifically targeted towards diminishing mass hysteria triggered by “fake news” and democratizing social networks is Sapien. Their mission is to completely rehash the way social media operates as we know it today; Sapien aims to promise complete privacy, free speech, and customizability.
Sola is a social network doubling as a distributor of different media; it leverages machine learning algorithms to make content more engaging and tailored for each user, and powers the ecosystem with its utility token, SOL.
Though blockchain has a long way to go before it can be capable of scaling to accommodate a community the size of a Facebook, the space is ever-growing and evolving. The potential to make the Internet a safer place for everyone and to give users control of their data holds much incentive for innovation.