this post was submitted on 11 Nov 2024
87 points (100.0% liked)

Technology

59672 readers
2763 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 14 comments
sorted by: hot top controversial new old
[–] demesisx@infosec.pub 18 points 2 weeks ago (1 children)

Very cool! I can think of so many applications for this.

[–] somtwo@lemmy.world 3 points 2 weeks ago (1 children)

Mind giving a summary for the rest of us?

[–] dragbone@lemmy.world 2 points 2 weeks ago

I tried to answer another question which should also work as a summary: https://lemmy.world/comment/13409438

[–] asbestos@lemmy.world 10 points 2 weeks ago

This paper is extremely technical (and rightfully so), but I wish there was a ELI5 or a decent explanation for us layman folks.

[–] tekato@lemmy.world 6 points 2 weeks ago (3 children)

How is this better than just mapping GPS data to a hexagon and sending that to the third-party?

[–] dragbone@lemmy.world 4 points 2 weeks ago (2 children)

Imagine you want use Google Home to manage your home (questionable decision, but bare with me for a moment). Whenever you get near your house it should turn on your lights and starts up the heating so it's nice and toasty when you get home. In order to do this you need to constantly send your GPS data to Google so they can track when you get near your home. Even if your location data is slightly obfuscated (e.g. by rounding to nearest mile or some hexagonal grid) they still get a rough estimate of your location. What this paper uses is a "thing" called SNARK. You can think of it (for this example) like a function that computes if you are near your house or not. You then execute that SNARK on your local device with your current exact GPS coordinates. The result of that operation is a signed result that is the proof if you are near your house or not, without actually telling where exactly you are. This proof can then be sent to Google without much fear of giving them any data they don't need. The privacy aspect is especially interesting whenever you are not nearby: it will just tell Google that you are not at home, they have absolutely no idea if you are at work, or in Australia, or on the Moon or wherever else. I think the main thing they did in this paper is to define some operations on SNARKs that lets you compute proximity efficiently.

[–] noughtnaut@lemmy.world 4 points 2 weeks ago* (last edited 2 weeks ago)

Wait, that's a dumb design. On a (way) older phone I had some automation running and all that location triggering was done on the phone and only connected to my home when I was in fact near it. Google (or any role party) shouldn't need to receive live geo location updates.

[–] tekato@lemmy.world 1 points 2 weeks ago

You then execute that SNARK on your local device with your current exact GPS coordinates

No, that’s what I’m suggesting. The proposed method in the paper makes no use of GPS, instead it’s some peer-to-peer network.

[–] JayDee@lemmy.ml 1 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I think it is spoof-resistant from the sound of it? You giving a valid proof-of-region via one of their circuit designs provides proof of your region but does not give your exact location, from the sounds of it.

I'll get back to you after I've read through it.

[–] tekato@lemmy.world 3 points 2 weeks ago

Yes, looks like the actual advantage (or disadvantage , depending on who you are) is ensuring that you don’t send a false location to a third party.

[–] brian@programming.dev 1 points 2 weeks ago (1 children)

as per the first paragraph of the intro of the linked paper, it's safer to store this than it is an actual location. if data gets leaked it's like leaking a hashed password instead of a plaintext one. their example is device trackers.

[–] tekato@lemmy.world 1 points 2 weeks ago (1 children)

You mean the hexagon? What prevents you from mapping your GPS output to a hexagon?

[–] brian@programming.dev 1 points 2 weeks ago

you have to be more specific lol

just tesselate the world with hexagons and say you're in a specific one? that doesn't give precise proximity but does expose your general area.

this does the opposite, doesn't expose your general area but let's you determine if it is close to some other location via an expensive comparison. the precision of proximity isn't tied to how precise a location/small a hexagon you're exposing

[–] WhyJiffie@sh.itjust.works 1 points 1 week ago

here's my newest invention, zero knowledge location privacy without snarks.

app on phone periodically checks location. if home is near, it triggers home related actions instead of uploading the location to anywhere.

now, where is the nearest patent office? /s