![]() But cryptographically it takes up to a month or so for the bomb to "explode". Visually it seems like they blow up instantly when the time limit expires right? Gone. Actually though "exploding" messages are another Keybase compromise. "I killed Bob" (new key) "You did what?" (new key) "I was so angry I just stabbed him" (new key) "Shit. Signal's double ratchet does this for every single message back and forth. In contrast a PFS system would discard the keys as soon as they'd been used to decrypt stuff, and agree new keys for subsequent messages. Doesn't matter until the key is replaced. The device may never have received these messages, maybe it was switched off, or they've since been removed. Maybe it's next week, or next month, or next year, or in ten years time. Spooks can record Alice's encrypted message and get it back if they at /any/ subsequent point obtain the Keybase device key for your iPad, iPhone, MBP or Thinkpad, for example as a result of seizing it for some other reason. This way you can read the message from any of your devices. Keybase will ensure Alice provides keys to decrypt that message for your iPad, iPhone, the MBP and your old Thinkpad. Say Alice sends you a normal Keybase message right now about murdering her husband Bob. For _other_ Keybase messages without PFS it's open season. I'm going to assume in good faith that you've simply misread the comment but I'll circle back on this because the technical details are interesting.ġ. So, firstly the comment you're replying to specifically says that Keybase _does_ use PFS for exploding messages. I don't think this was quite bad a move as some make it out to be. (Though there are caveats, but the infrastructure is there natively to build very useful things.) And I'm not even naming the fact that it natively allows you to keep fiat money as a Stellar asset instead of exposing yourself to the risk of losing value to fluctuation. I personally knew Stellar already, but as a technical user (which I feel is a natural demographic for any crypto to start to get early adopters), this brought back Stellar in my mind and renewed my interest (or would've interested me if I hadn't known it).īesides, I quite like Stellar as a cryptocurrency for payments: fees are low, and confirmations are near instant. Compare that to yet another app which I don't know, need to evaluate, don't trust to keep my secrets, or won't share them across my devices. This is probably the least painful way I've kept crypto private keys.īesides, the wallet is pretty functional, and is integrated to an app that's already sync'd to my phone and computer. Keybase wants to make encryption user-friendly, and keeping cryptocurrency keys secure fits very well to that purpose. Keep them too well, lose your money keep them not well enough, someone can steal your money. Keeping cryptocurrency keys secure has always been a challenge. There's a lot I like in the Stellar-Keybase integration. Seems like a lot of people are saying the airdrop and integrating Stellar to Keybase was a bad idea, but I don't think so. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |