log☇︎
279 entries in 0.404s
mircea_popescu: asciilifeform anyway, seems you were right, keybase moduli aren't particularly rotten
mircea_popescu: asciilifeform so keybase set more or less done w/o incident ?
shinohai: https://www.reddit.com/r/KeybaseProofs/ <<< if signed objects are of any help re: keybase
phf: d280f38e56eb4b1a4f6477e18b110d8df3ae9a1545b49a05047f1deff2de94f6f011e2d005c8e1107c2ad11bbd5e589085c50e1305e1b5da832705dd29b515d0 keybase.tar.xz
phf: http://glyf.org/tmp/keybase.tar.xz
phf: a lot of keybase keys are "Keybase OpenPGP v2.0.47", "Keybase Go 1.0.11 (darwin)" and even some "Keybase OpenPGP JS 0.0.1"
mircea_popescu: cat keybase.io | while read derp; do curl "https://keybase.io/$derp" | grep ' class="username "' | sed 's/" class/\n/' | grep "a href" | sed 's% <a href="/%%' | sort -u > keybase2.io ; done
phf: keybase
phf: i has a working keybase crawler..
mircea_popescu: and in other weird news, keybase somehow has > 50k users. wtf.
a111: Logged on 2016-05-04 18:01 mircea_popescu: asciilifeform meanwhile : keybase keys confirmed new via http://phuctor.nosuchlabs.com/gpgkey/1D7AB955D7C3D6DA6952F80879F3F89B16E367E31BA8067853DEFF66389A1FE7 ; will be sending you a dump later today.
mircea_popescu: asciilifeform meanwhile : keybase keys confirmed new via http://phuctor.nosuchlabs.com/gpgkey/1D7AB955D7C3D6DA6952F80879F3F89B16E367E31BA8067853DEFF66389A1FE7 ; will be sending you a dump later today. ☟︎
mircea_popescu: asciilifeform o you know what ? wanna spider keybase ?
asciilifeform: just like keybase!1111111
shinohai: http://btcbase.org/log/2016-04-26#1457700 <<< thx I thought it was keybase.io faggotry or something. ☝︎
punkman: there's a new 8char brainwallet challenge, apparently nobody solved the last one https://keybase.io/warp/warp_1.0.8_SHA256_5111a723fe008dbf628237023e6f2de72c7953f8bb4265d5c16fc9fd79384b7a.html
mircea_popescu: "Every file you write in there is signed. There's no manual signing process, no taring or gzipping, no detached sigs. Instead, everything in this folder appears as plaintext files on everyone's computers. You can even open /keybase/public/yourname in your Finder or Explorer and drag things in."
mircea_popescu: "Public, signed directories for everyone in the world You can now write data in a very special place: /keybase/public/yourname"
mircea_popescu: "Alpha releases of the Keybase app are starting to come with a cryptographically secure file mount. It is brand new. And very different." da fuck is this shit.
assbot: Logged on 05-02-2016 12:06:30; punkman: https://keybase.io/introducing-the-keybase-filesystem
assbot: Introducing the Keybase filesystem ... ( http://bit.ly/1TIsDhI )
punkman: https://keybase.io/introducing-the-keybase-filesystem ☟︎
AdrianG: adlai: have you seen keybase?
asciilifeform: in the keybase vs actual-pgp sense
binaryatrocity: stop thinking about Keybase at all, if you know me for my code on Github, and you see I've signed some message with my key, and see a message similarly signed on a Twitter account
binaryatrocity: I understand what you're saying, Keybase could not exist and you could still do the same process of "proofs", signing a message and positing it to Twitter saying this is me achieves the same thing
mike_c: if it were a problem, if anyone cared about keybase
mike_c: why? what would make me take that leap? because they are on the same keybase page that somebody set up?
mike_c: the problem with keybase is that it's smoke and mirrors. there isn't any actual link between those things, but it is pretending there is
mike_c: that I somehow know that it's not somebody else posting those twitter messages because the same public key and twitter address are listed on some keybase page?
assbot: Brandon Cornejo (binaryatrocity) | Keybase ... ( http://bit.ly/1k2eA8F )
mike_c: https://keybase.io/binaryatrocity << so, your twitter feed is "associated" with your public key, because.. keybase says so?
assbot: Logged on 13-10-2015 16:16:53; mircea_popescu: binaryatrocity that's not wqhat it does. what it does is, it allows keybase.io to PRETEND like they're relevant, based on your own work.
assbot: Logged on 26-09-2015 11:23:38; punkman: https://keybase.io/blog/keybase-new-key-model gpg is hard, let's go shopping
mircea_popescu: binaryatrocity it's not that simple. that's just a symptom. keybase is bad because is made by the enemy, to suit the agenda of the enemy. the compromise key is just a symptom of this fundamental allignment with evil.
binaryatrocity: Yes, yes I understand that keybase is bad because they allow the option for users to compromise their own private keys
binaryatrocity: but again i see your point, signing messages to my GIST or Twitter is still relevant without Keybase displaying it.
mircea_popescu: binaryatrocity that's not wqhat it does. what it does is, it allows keybase.io to PRETEND like they're relevant, based on your own work. ☟︎
binaryatrocity: Storing your PUBLIC key on Keybase to be access by whomever is the equivalent to uploading your public key to the MIT keyserver
binaryatrocity: but as basically another keyserver, no problem with keybase right?
assbot: Logged on 13-10-2015 14:06:35; asciilifeform: binaryatrocity: and consider moving away from keybase. generate a civilized key on your own hardware, sign it with the old, and quit sharing private key with the enemy.
shinohai: http://log.bitcoin-assets.com/?date=13-10-2015#1297671 <<< sadly, keybase turned out to be a giant disappoint for me. ☝︎
asciilifeform: binaryatrocity: and consider moving away from keybase. generate a civilized key on your own hardware, sign it with the old, and quit sharing private key with the enemy. ☟︎
assbot: 87 results for 'keybase' : http://s.b-a.link/?q=keybase
asciilifeform: !s keybase
asciilifeform: keybase?!!
assbot: Brandon Cornejo (binaryatrocity) | Keybase
binaryatrocity: http://keybase.io/binaryatrocity
assbot: Keybase's New Key Model ... ( http://bit.ly/1YGYQHV )
punkman: https://keybase.io/blog/keybase-new-key-model gpg is hard, let's go shopping ☟︎
asciilifeform: mircea_popescu: not keybase this time. a fresh one.
mircea_popescu: http://log.bitcoin-assets.com/?date=21-09-2015#1281253 << dun tell me, that keybase thing ? ☝︎
shinohai: I should make a new key, since I discovered keybase was a waste of time.
punkman: "# Use a real encryption algorithm to protect the secret keyring, rather than CAST5." << relevant to certain folks that didn't mind posting their encrypted keyrings to keybase.io
mircea_popescu: do that, mgith as well "store your private keys with keybase.io indacloud"
asciilifeform: easy hypothesis - sell 'redphones,' 'blackphones,', 'keybase', 'cryptodoesntwork' (tm) (r)
shinohai: I was hoping that "THE GREAT JESTER" would see keybase is a load of shit
shinohai: trinque: For some reason I got DM'd Saturday night asking for a keybase invite
mircea_popescu: and guess what... "Vlad likes long romantic walks on the beach, e-mail him sweet nothings to vlad@tsyrklevich.net using his gpg key." links to keybase.
ben_vulpes: gotta love these rubyists, centralizing all of the decentralized things. shithub, keybase...
danielpbarron: it is possible to make your own key offline through keybase but I just don't see the point
BingoBoingo: popmechanic: DO you work for Keybase or do they just offer email addy's at their domain.
mats: does keybase have your private key, popmechanic?
assbot: Key C6E7BDCF / "keybase.io/marcusestes <marcusestes@keybase.io>" successfully imported.
assbot: Keybase raises $10.8M ... ( http://bit.ly/1CHYvwW )
punkman: https://keybase.io/blog/2015-07-15/keybase-raises-series-a
asciilifeform: immediately stupid in the same way keybase is
danielpbarron: keybase is a way, but you're probably better off getting a real computer first
alphonse23_: ok fine. But should I not trust keybase...
trinque: keybase sticks it in browser local storage, right?
danielpbarron: alphonse23_, the sites that keybase lets you link to your identity aren't really worth linking to your identity
asciilifeform: alphonse23_: except to keybase?
alphonse23_: had no idea. I only used keybase.io because someone I know was using it, and I thought it was a great idea.
alphonse23_: I have many online identities. I think keybase.io purpose is to verify and unify those identities
shinohai: keybase blows
assbot: 64 results for 'keybase' : http://s.b-a.link/?q=keybase
ben_vulpes: !s keybase
alphonse23_: i've been using a service called keybase.io lately. Is that a noob service?
Hasimir: well, keybase might be a little more useful (but would be better if it did not try to manage private keys for anyone)
Hasimir: anyway, things like the directory key and the hush key are about the same as keybase.io
mircea_popescu: pushed by someone with... a keybase.io account.
danielpbarron: it should be possible to change what key is associated with your nickname, for when you stop using keybase
assbot: triplesec/talks/hack-and-tell 2013.10.22.key at master · keybase/triplesec · GitHub ... ( http://bit.ly/1PJHmp4 )
EllieAsksWhy: I noticed from the link provided by asciilifeform earlier, that Mircea knows about triplesec. That led me to this, which I'm not sure about https://github.com/keybase/triplesec/tree/master/talks/hack-and-tell%202013.10.22.key
assbot: I don't understand tracking · Issue #100 · keybase/keybase-issues · GitHub ... ( http://bit.ly/1PJGZuz )
EllieAsksWhy: Speaking of keybase.io horrors, this was my introduction to it <smile> https://github.com/keybase/keybase-issues/issues/100
assbot: 56 results for 'keybase' : http://s.b-a.link/?q=keybase
asciilifeform: !s keybase
EllieAsksWhy: I want to be in the WoT. I got a keybase.io key thingy. I was trying to figure out if I could use it for here.
trinque: williamdunne: NSA proposes they become keybase.io for all encrypted communications
williamdunne: I don't store by GPG keys on Keybase...
asciilifeform: williamdunne: keybase and friends (usg in the broadest possible sense) can read your mail and sign as you.
williamdunne: If anyone is looking for a keybase.io invite hit me up
asciilifeform: for all i know, 'keybase' is a licensee
asciilifeform: it's a 'keybase'.
assbot: Logged on 08-03-2015 19:09:12; thestringpuller: punkman: keybase is forcing users to trust in central authority rather than forcing users to learn "their lessons"
punkman: lol https://keybase.io/kbpgp/docs/in_the_wild
punkman: oh they got their own javascript pgp now https://keybase.io/kbpgp
thestringpuller: punkman: keybase is forcing users to trust in central authority rather than forcing users to learn "their lessons" ☟︎
thestringpuller: i thought keybase held your keys for you cause people are stupid