home.social
Sign in Create account

#keybase — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #keybase, aggregated by home.social.

  1. Jonathan Kamens 86 47 @[email protected] ·

    #TechIsShitDispatch
    It's been more than a year since #Debian #Linux deprecated the insecure #SHA1 hash algorithm in #APT repositories.
    The #Keybase, #Slack, and #Dropbox repositories (I'm sure among others) are still using SHA1, and therefore for over a year they have not worked in Debian without changing the default APT policies to allow them.
    I know Slack knows about this, because I told them. A year ago.
    Why haven't they upgraded the security on their repository?
    Seriously, wtf?
    #infosec

    #techisshitdispatch #debian #linux #sha1 #apt #slack
  2. Anthony Accioly @[email protected] ·

    I'm just writing to say that I finally uploaded my PGP key to Keybase! You can now easily verify signed content or send me encrypted messages using my key at keybase.io/aaccioly. Let’s be real... Probably no one will. Still, I’d love to be proven wrong! 🤣

    I’ll also be setting up WKD for all my relevant email addresses soon. I'm finally upgrading to a "modern" PGP experience.

    #Cybersecurity #PGP #Keybase #WKD #Encryption

    #cybersecurity #pgp #keybase #wkd #encryption
  3. Jeremy Herve @[email protected] ·

    It would seem like identity and domain verification are a hot topic again:

    Cybersquatting is not a new issue, of course, but Bluesky’s decision to tie verification to domains as social proof shows the limitations of the strategy. After all, if Conor Sen doesn’t want to register his namesake domain, it just takes one questionable party to do it instead, put up a fake email signup form, and register an account. Domains simply don’t offer enough in the way of social proof for the average person.

    Bluesky impersonation risks

    This reminds me of Keybase.io. It’s a service that had potential as a centralized identity verification service. I enjoyed its simplicity and its support for developer tools. Unfortunately, they were acquired by Zoom and it seems the service was since mothballed. Of course, I’d be remiss if I didn’t mention Gravatar as an alternative. I know I’m biased, but I think it has become a really good identity verification service nowadays.

    Or maybe, we should just forget those external services to manage our content, and have everything on our own personal site like this one 🙂

    #Bluesky #EN #Gravatar #Keybase

    #bluesky #en #gravatar #keybase
  4. autogestion @[email protected] ·

    @mariusor
    there is one more interesting blockchain, #credentia credentia.io/?lang=en , it is based on #DIDs (Decentralized Identifiers). Not sure if they are #passwordless , but it looks more robust then #keybase

    #keybase #passwordless #dids #credentia