Following Path's contact fiasco, Matt Gemmell said he discovered that many developers aren't familiar with hashing, so he decided to put up a post about it. The article aims to introduce the concept of hashing in a clear, straightforward, and no-degree-required way, suitable for journalists and casual readers as well as programmers and software engineers.
His final thoughts on it is summarised below and is a recommended resource for developers implementing social networks:
- Educate yourself about hashing; it’s real, and very useful. Use hashing for personal info. Do the hashing client-side, and only upload hashed data for comparison on the server.
- Delete the hashed data after you’ve done your fancy friend-matching stuff, because your users value their privacy, and you probably don’t even need to keep the data anyway.
As for journalists or other non-developers writing about social media and privacy:
- Know pretty much what hashing is, at least in terms of the Incredible Magic it lets you do.
- Realize and understand that privacy and social features are not mutually exclusive. Don’t pull that ignorant false dichotomy bullshit; it’s factually incorrect and laughable.