Hacker News new | past | comments | ask | show | jobs | submit login

I think this is a fabulous idea. I will caveat that I don't code (yet) but can follow along several of the examples and I think I "get it"...let me know if anything below is BS/way off.

I was thinking about the same problem a few weeks back when LinkedIn was s̶c̶r̶e̶w̶e̶i̶n̶g̶ ̶o̶v̶e̶r̶ ̶d̶e̶v̶e̶l̶o̶p̶e̶r̶s̶ improving their users experience. It's basically a fancy online resume with a graph that connects to so many people now that it's a crapshoot if people actually remember how they got connected in the first place. But I digress.

Thinking about how this sort of framework you've developed might be useful for an aggregated profile that can then be opened up as a proxy to various service/apps instead of actually giving direct access to your accounts (maybe have something like IFTTT to import your various social profile info into the Me API as it is updated):

- Hate to allow apps to see all your github repos? Filter it via this service.

- Dislike giving random apps access to your facebook likes, profile and other info? - use this service as a proxy to only present the info you feel comfortable with (maybe a maximum of 5 posts, or posts within a certain area/geofence, etc). Basically, you can create app permissions that are more granular than Facebook's out of the box preferences.

Of course - all this would need support from apps to tap into this data source (the Me API). It's an interesting idea.

Taking this a step further - I think it would be cool if it was somehow possible to obfuscate my identity - while sharing SOME of the "Me API" data with other services.

Some examples I'm thinking of (which may not be really possible - I realize the data provided could provide enough clues to be used to "uncover" my identity by piecing the datapoints together):

- Allow a photo editing app to pull my SmugMug photos through the Me API endpoint, but keep my SmugMug account info obfuscated (ie: do not provide direct URL to my smugmug site's photos), but still pass over my actual photos.

- Allow a mapping/analysis application to access my Yelp reviews by location, without knowing my actual yelp account info/nickname.

- Pass over my LinkedIn graph (that I've manually downloaded as a CSV and ported into my Me API datastore) without providing access to my LinkedIn name or profile info. This could be used to help friends find jobs - without exposing my identity to a random webservice.

- Pass over all my Google map searches/saved locations but don't provide any that are within 100 miles (+- 10 miles) of my home. Provide access to my phone number area code, but not my email address. etc.

The Larger Idea here: There are apps that can use your data to provide useful results/info/insights but ultimately the user (Me) should retain how much info is in fact exposed to the service. Maybe the service only gets a HashID or a Nickname - but can access a bunch of data that I give permission for it to access. Another application may get my whole profile, but not detailed transaction data. The webapps that leverage my profile info should "own" the graph of data they collect from Me and Others - but the user (Me) controls how identifying it is.

Sorry for the rambling, hopefully this isn't too crazy or off the wall. Either way - great idea and thanks for sharing!




I really like this idea FWIW. That said, there's some big barriers to making it a reality.

I think it'd be difficult to get enough external services to integrate into the personal service for grabbing Github/Yelp/etc. data. There'd have to be a standard of some sort that people were willing to build with. External services that want your data will ask you to oauth directly to Github et. all, or go around you to figure out who you are instead and then scraping pages.

You'd need enough people demanding to keep their data private to make it worth apps' time to do that.


This is a brilliant idea! An xprivacy-style social reverse proxy might just be what we need in this increasingly centralized world. @win_ini I am interested in contacting you to discuss this further, detail's in my profile.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: