Show more
VeintePesos channeled

@pamela Yeap.

Made an account a long while back, had to do all kinds of silly shit to be able to verify website and email and such without running their horrible software:
back then it would (try to) create an authentication subkey without one's permission, and store it in plaintext on disk; fun when one uses those for SSH authentication and such...

The only legitimate point of it is basically making it easier to verify an identity against controlled websites, accounts, ...
basically to check signatures on software (or encrypt stuff to someone you never communicated with yet, I guess?)

You are right that all the social crap on top is just very very dangerous :(

VeintePesos channeled

re: Keybase and Mastodon 

VeintePesos channeled
VeintePesos channeled

entire python development team dies of simultaneous heart attacks when research shows that programs written in C run faster

VeintePesos channeled
VeintePesos channeled

Keybase 

VeintePesos channeled
VeintePesos channeled
VeintePesos channeled
@VeintePesos @phessler I am just imagining the meetings of the UX design team for Keybase.

"And then we prompt the user for their private key..."
VeintePesos channeled
VeintePesos channeled
VeintePesos channeled
@phessler Also with all this keybase stuff, if people uploaded their private keys and just use passwords instead then they've got a database of easy to crack, not forward secret correspondence under sufficiently lax terms of use that they could sell that to anyone.

In before "but they're making encryption easy for the masses!".
VeintePesos channeled
VeintePesos channeled
VeintePesos channeled

@leah partners seem to be the terminology they use for services they can verify from. It's a word with specific meaning in the US Business scene, and I did not agree to that.

I don't know of a list.

VeintePesos channeled

#mastoAdmin #keybase #bullshit

Contrary to their documentation, Keybase does not ask for the consent of the admins of a Mastodon-software instance before adding our instance as a "partner".

Since they are liars, I am blocking the endpoint they use to confirm our users. (/.well-known/keybase-proof-config)

We are also *extremely* concerned about their "What's Next", and do not consent to these tech-bro experiments.

keybase.io/blog/keybase-proofs

VeintePesos channeled

@lanodan @lain yeah they'll try convince you so you can "easily sign from the webinterface"

VeintePesos channeled
@lain @lanodan ah yes, a service we definitely want to encourage people to adopt
VeintePesos channeled
VeintePesos channeled
Show more
witches.live

A witchy space for most any face! Whether a witch or a witch-respecter, join the coven that is free of fash, TERFs, feds, and bigots