I've been thinking about the possibility of doing it under the hood via a browser extension on major social networks. Something akin to 1) you publish a photograph of yourself to Facebook that contains your PGP key in EXIF. 2) Your friends, who can see that photograph, encrypt messages for all friends with "public key" photographs. Finally, 3) The browser extension seamlessly decodes all PGP messages through page manipulation (e.g. walking all text nodes and looking for a specific sentinel, and then decrypting all messages that match the sentinel). This way, you would be able to communicate securely over a social network with nothing but a browser extension.
I have a very rudimentary prototype up on Github if anyone is interested. It has some throw away keys and allows you to encrypt for those via right-clicking text in a textarea. The code uses OpenPGP.js.
Great idea. It has the potential to spread virally if those who don't have the extension installed are shown a message telling them the benefits of installing it.
I have a very rudimentary prototype up on Github if anyone is interested. It has some throw away keys and allows you to encrypt for those via right-clicking text in a textarea. The code uses OpenPGP.js.
https://github.com/hayesgm/orangutan