The much despised (by me, at least) Vuvuzela is being put to interesting use by a group of researchers at MIT. This article discusses techniques that are being developed to hide metadata that is normally included in email and messaging systems. As we know, metadata can give away a lot of information about the parties involved in the exchange, even if the content of the messages cannot be accessed. This new messaging system creates a lot of noise to bury the metadata, e.g.:
- Messages are stored on server rather than sent directly to their recipients.
- The messages are released only in delayed rounds and not when each user requests them.
- The system generates a large amount of dummy or fake messages (the Vuvuzela effect), which makes it difficult to distinguish the “true” metadata from the “false.”
With all these mechanisms working, the researcher behind the project say that the only variables Vuvuzela reveals are “the total number of users engaged in a conversation, and the total number of users not engaged in one.” And even then, it doesn’t reveal which group the user is part of. All of this is intended to obscure the metadata only, but the servers themselves also encrypt the message content the same as any other encrypted chat system.
This system can cause some annoyances in the form of delays, and it’s not clear how the false messages would be managed. The software is in its infancy, but it’s an intriguing idea, and raises the question (not new, of course), about the balance between the desire for privacy, and the willingness to take the steps necessary to guard that privacy.