• Web based Crypto

    From nristen@21:1/161 to All on Tue Nov 6 08:45:44 2018
    I wanted to add a comment/question about the discussion on web based crypto such as Proton Mail and others such as Keybase.io, etc. I know services that claim to offer secure encrypted communication ie Facebook, etc keep the
    private keys themselves which allows the service provider access to the communication. I am not sure about Proton mail but I was under the
    impression that Keybase.io does not keep the private key on the servers but
    the private keys are generated on the users local machine and are never sent thus preventing the service provider from accessing content they were not
    given permission to see. I have heard good reports of Proton and wonder if they have something similar?

    Of course, you can always take the point of view that any device connected to
    a network is risky. It can be easy to bypass a lot of security with keyloggers. Another item that worries me are reports that I have seen about various organizations have access to SSL CA certs.

    --- Mystic BBS v1.12 A39 2018/04/21 (Raspberry Pi/32)
    * Origin: The Search BBS (21:1/161)
  • From Avon@21:1/101 to nristen on Wed Nov 7 21:28:04 2018
    On 11/06/18, nristen pondered and said...

    access to the communication. I am not sure about Proton mail but I was under the impression that Keybase.io does not keep the private key on
    the servers but the private keys are generated on the users local
    machine and are never sent thus preventing the service provider from

    I think that is the case and reason I like KB based on my admittedly limited reading about the service :)

    --- Mystic BBS v1.12 A39 2018/04/21 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)