Comment by pona-a
2 months ago
So just keep a passphrase encrypted backup offsite? Just because the tech doesn't do this contingency planning for you doesn't mean it's impossible.
2 months ago
So just keep a passphrase encrypted backup offsite? Just because the tech doesn't do this contingency planning for you doesn't mean it's impossible.
Is this a real suggestion for social media users or just a fun remark on it being possible?
It was a more general remark about decentralized identity. I can't say if the average social media user wants or needs this kind of control over their identity, but I'd much rather have say my DNS tied to a cryptographic credential stored I manage than be delegated to a third party, able to say return a tampered OPENPGP entry to a specific IP without me ever knowing.
I'm pretty sure most people would prefer to be able to recover their DNS in case of catastrophic failure over 100% cryptographic security. The technical aspects of security are never the whole picture.
Or to put it another way: Not being able to recover access is not something most people will accept and if your technical security measures don't consider that they will be worked around. If people need to go through support to recover their DNS more often then support will be used to giving out access to people's account and that will also reduce YOUR actual security.
1 reply →