279 entries in 0.728s
mircea_popescu: asciilifeform anyway, seems you were right,
keybase moduli aren't particularly rotten
mircea_popescu: asciilifeform so
keybase set more or less done w/o incident ?
phf: d280f38e56eb4b1a4f6477e18b110d8df3ae9a1545b49a05047f1deff2de94f6f011e2d005c8e1107c2ad11bbd5e589085c50e1305e1b5da832705dd29b515d0
keybase.tar.xz
phf: a lot of
keybase keys are "
Keybase OpenPGP v2.0.47", "
Keybase Go 1.0.11 (darwin)" and even some "
Keybase OpenPGP JS 0.0.1"
mircea_popescu: cat
keybase.io | while read derp; do curl "
https://keybase.io/$derp" | grep ' class="username "' | sed 's/" class/\n/' | grep "a href" | sed 's% <a href="/%%' | sort -u > keybase2.io ; done
phf: i has a working
keybase crawler..
mircea_popescu: and in other weird news,
keybase somehow has > 50k users. wtf.
mircea_popescu: asciilifeform o you know what ? wanna spider
keybase ?
mircea_popescu: "Every file you write in there is signed. There's no manual signing process, no taring or gzipping, no detached sigs. Instead, everything in this folder appears as plaintext files on everyone's computers. You can even open /
keybase/public/yourname in your Finder or Explorer and drag things in."
mircea_popescu: "Public, signed directories for everyone in the world You can now write data in a very special place: /
keybase/public/yourname"
mircea_popescu: "Alpha releases of the
Keybase app are starting to come with a cryptographically secure file mount. It is brand new. And very different." da fuck is this shit.
AdrianG: adlai: have you seen
keybase?
binaryatrocity: stop thinking about
Keybase at all, if you know me for my code on Github, and you see I've signed some message with my key, and see a message similarly signed on a Twitter account
binaryatrocity: I understand what you're saying,
Keybase could not exist and you could still do the same process of "proofs", signing a message and positing it to Twitter saying this is me achieves the same thing
mike_c: if it were a problem, if anyone cared about
keybase mike_c: why? what would make me take that leap? because they are on the same
keybase page that somebody set up?
mike_c: the problem with
keybase is that it's smoke and mirrors. there isn't any actual link between those things, but it is pretending there is
mike_c: that I somehow know that it's not somebody else posting those twitter messages because the same public key and twitter address are listed on some
keybase page?
assbot: Logged on 13-10-2015 16:16:53; mircea_popescu: binaryatrocity that's not wqhat it does. what it does is, it allows
keybase.io to PRETEND like they're relevant, based on your own work.
mircea_popescu: binaryatrocity it's not that simple. that's just a symptom.
keybase is bad because is made by the enemy, to suit the agenda of the enemy. the compromise key is just a symptom of this fundamental allignment with evil.
binaryatrocity: Yes, yes I understand that
keybase is bad because they allow the option for users to compromise their own private keys
binaryatrocity: but again i see your point, signing messages to my GIST or Twitter is still relevant without
Keybase displaying it.
mircea_popescu: binaryatrocity that's not wqhat it does. what it does is, it allows
keybase.io to PRETEND like they're relevant, based on your own work.
☟︎ binaryatrocity: Storing your PUBLIC key on
Keybase to be access by whomever is the equivalent to uploading your public key to the MIT keyserver
binaryatrocity: but as basically another keyserver, no problem with
keybase right?
assbot: Logged on 13-10-2015 14:06:35; asciilifeform: binaryatrocity: and consider moving away from
keybase. generate a civilized key on your own hardware, sign it with the old, and quit sharing private key with the enemy.
assbot: Brandon Cornejo (binaryatrocity) |
Keybase shinohai: I should make a new key, since I discovered
keybase was a waste of time.
punkman: "# Use a real encryption algorithm to protect the secret keyring, rather than CAST5." << relevant to certain folks that didn't mind posting their encrypted keyrings to
keybase.io
mircea_popescu: do that, mgith as well "store your private keys with
keybase.io indacloud"
shinohai: I was hoping that "THE GREAT JESTER" would see
keybase is a load of shit
shinohai: trinque: For some reason I got DM'd Saturday night asking for a
keybase invite
mircea_popescu: and guess what... "Vlad likes long romantic walks on the beach, e-mail him sweet nothings to vlad@tsyrklevich.net using his gpg key." links to
keybase.
ben_vulpes: gotta love these rubyists, centralizing all of the decentralized things. shithub,
keybase...
danielpbarron: it is possible to make your own key offline through
keybase but I just don't see the point
BingoBoingo: popmechanic: DO you work for
Keybase or do they just offer email addy's at their domain.
mats: does
keybase have your private key, popmechanic?
assbot: Key C6E7BDCF / "
keybase.io/marcusestes <marcusestes@
keybase.io>" successfully imported.
danielpbarron:
keybase is a way, but you're probably better off getting a real computer first
alphonse23_: ok fine. But should I not trust
keybase...
trinque:
keybase sticks it in browser local storage, right?
danielpbarron: alphonse23_, the sites that
keybase lets you link to your identity aren't really worth linking to your identity
alphonse23_: had no idea. I only used
keybase.io because someone I know was using it, and I thought it was a great idea.
alphonse23_: I have many online identities. I think
keybase.io purpose is to verify and unify those identities
alphonse23_: i've been using a service called
keybase.io lately. Is that a noob service?
Hasimir: well,
keybase might be a little more useful (but would be better if it did not try to manage private keys for anyone)
Hasimir: anyway, things like the directory key and the hush key are about the same as
keybase.io
danielpbarron: it should be possible to change what key is associated with your nickname, for when you stop using
keybase EllieAsksWhy: I want to be in the WoT. I got a
keybase.io key thingy. I was trying to figure out if I could use it for here.
trinque: williamdunne: NSA proposes they become
keybase.io for all encrypted communications
williamdunne: If anyone is looking for a
keybase.io invite hit me up
assbot: Logged on 08-03-2015 19:09:12; thestringpuller: punkman:
keybase is forcing users to trust in central authority rather than forcing users to learn "their lessons"
thestringpuller: punkman:
keybase is forcing users to trust in central authority rather than forcing users to learn "their lessons"
☟︎ thestringpuller: i thought
keybase held your keys for you cause people are stupid