fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

8.8K
active users

#weboftrust

0 posts0 participants0 posts today
Yrjänä Rankka 🌻<p>So with the <a href="https://mastodon.social/tags/slopageddon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>slopageddon</span></a> ongoing we now need systems of vetting user agents. The proof of work is rearing its ugly head again. Or do we make another attempt at <a href="https://mastodon.social/tags/weboftrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>weboftrust</span></a> like we failed with GPG? No 200 reply unless the UA presents a pubkey signed by N verified bag-of-flesh agents?</p>
bitpickup<p><strong>requeteChe wrote:</strong></p><blockquote>.. some kind of independent lossless pseudonym ONG ..<br>..<br>In any case, ultimately even an issue that in part ends up in conversations and best practice about trust and creating a <a href="https://tupambae.com/search?tag=webOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webOfTrust</span></a> between those involved in a mandatory and by default pseudonym environment ..</blockquote><br>Ultimately this is a crucial point that needs to be worked out very well as the internet itself, scamming on one hand and at the same time on the other hand real people and their data and safety, are issues that can't be underestimated.<p><br><b>Examples:</b><br><a href="https://www.youtube.com/watch?v=EVWhKPVXSG4" rel="nofollow noopener" target="_blank">"Die Tinder-Schwindler: Der Riesenbetrug mit der Liebe | SPIEGEL TV"</a>:<br>A spiegelTV documentary on YT about scams on the web. Not only a blueprint for scamers but an interesting take that shows a lot of angles and the damage all this implies.<br><a href="https://taz.de/Gewalt-gegen-kolumbianische-Aktivisten/!6036125/" rel="nofollow noopener" target="_blank">"Gewalt gegen (kolumbianische) Aktivisten"</a>:<br>A <a href="https://tupambae.com/search?tag=TAZ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TAZ</span></a> article by <span class="h-card"><a href="https://mastodon.social/users/tazgetroete" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tazgetroete</span></a></span> about the exposure of environmental activists in particular in <a href="https://tupambae.com/search?tag=latinAmerica" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>latinAmerica</span></a>:<br></p><p><strong>TAZ translated wrote:</strong></p><blockquote>Bangkok afp | According to a report, almost 200 environmental activists were murdered worldwide last year. According to the non-governmental organization Global Witness on Tuesday, Latin America remains the most dangerous region for people working to protect the environment and respect land rights.</blockquote><p>So, while in general terms we do have all the tools at hand, including even options like some kind of escrow guarantees for monetary aspects and things like <a href="https://tupambae.com/search?tag=SEGWIT+ID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SEGWIT ID</span></a> profiles <span class="h-card"><a href="https://1dhfsbbdpv4wshuyc6197nymcfeqqkfvy9.tupambae.org/profile/bc1q3jmgjcvmd5eaadx69ggazctksr0d7ca4q6w4vr" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bc1q3jmgjcvmd5eaadx69ggazctksr0d7ca4q6w4vr</span></a></span> and even simple ID verification's via payPal for example, first of all this has to do with the interest of people to involve themselves in working out some how some kind of:</p><ul><li> proof of concepts</li><li> proof of work</li><li> proof of stake</li><li> proof of cooperation </li></ul><p><br><a href="https://tupambae.com/search?tag=altText" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>altText</span></a>:<br>Some video snippets of the <a href="https://tupambae.com/search?tag=spiegelTV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spiegelTV</span></a> documentation about internet scams. The subtitels are in englisch, The people interviewed are seen in their environment.</p><p><span class="h-card"><a href="https://berlin.social/users/mina" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mina</span></a></span> <span class="h-card"><a href="https://troet.cafe/users/aiquez" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>aiquez</span></a></span> <span class="h-card"><a href="https://mastodon.uy/users/sinmisterios" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sinmisterios</span></a></span> <span class="h-card"><a href="https://moppels.bar/users/98zdjovf3p" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>crossgolf_rebel</span></a></span> <span class="h-card"><a href="https://mas.to/users/resl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>resl</span></a></span> <span class="h-card"><a href="https://mastodon.uy/users/dprieto" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dprieto</span></a></span></p>
requeteChe<p><strong>aiquez wrote:</strong></p><blockquote><a href="https://tupambae.com/display/4c926222-d4205ba588641680-0cfceb4d" rel="nofollow noopener" target="_blank">i think it is difficult not to have at least an agenda / topic .. </a> some things were working indeed ( <a href="https://tupambae.com/search?tag=FoFritz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FoFritz</span></a> ) but on the longer run, it has to be clear if it is an art Project or collaborative_system_trial<br>i got 2 less time in daily life (2 much occupied by work and fam) only in holiday and some free time.</blockquote><p>Even tho while your observation is reasonable, and excellent in terms of feedback <span class="h-card"><a href="https://troet.cafe/users/aiquez" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>aiquez</span></a></span>, including our very personal circumstances, it doesn't look like you or <span class="h-card"><a href="https://berlin.social/users/mina" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mina</span></a></span> are right in terms about clearness of what this is/was from the beginning, or what apparently it mend to be.<br>The problem in any case is around the setup and/or kind of announcement/invite in a world of microblogging and federated content over different platforms, languages, societies, space, time (and all the rest).</p><p>Than there were in part some misunderstandings in terms of platform functionality about getting update notifications, as it was worked out with <code>@mina</code>. The first drafts contained a 25 minute audio that wasn't summed up and didn't get the feedback "requested". Or it didn't get the feedback as expected to become summed up at least in general terms by conversations. If you have a look right now at the first initial post, it's in version v.04 and has a renewed quite simple freeplane mindmap, as the initial idea, the way of presenting it and the time to represent it evolved. Ultimately the proposal is more or less about what an answer to <span class="h-card"><a href="https://mastodon.uy/users/sinmisterios" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sinmisterios</span></a></span> summed up later on:<br></p><p><strong>bitpickup translated into englisch wrote:</strong></p><blockquote>The reality is that this is a string of conversation about:<ul><li> how to make us join to create content</li><li> how to create it</li><li> what tools to use to do so</li><li> how to publish the content<br>and</li><li>where to publish it</li></ul><p><br>and all that around a specific topic as a hook for a proof of concept.<br>Ultimately the proposal is simple and called:<br><a href="https://tupambae.com/search?tag=mitDenken" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitDenken</span></a></p></blockquote><p>If you look at it, to a certain extent now we are at a point where even each and every one of the points, except the one of co-editing content, that's the <i>studi0</i> and the media page part, have been touched or exemplified. Actually, the same happened to <a href="https://tupambae.com/search?tag=foFritz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>foFritz</span></a> too. At the same time, quite like in the <a href="https://tupambae.com/search?tag=foFritz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>foFritz</span></a> project, the community accounts (bitpickup, jesuisatire (and tierranietos)) have dedicated themselves to the project kinda full time 96/7/365. Others, to more or less extent have joined efforts to add content by comments but not so much questions, clarifying answers or own initiatives. Except <span class="h-card"><a href="https://mastodon.uy/users/dprieto" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dprieto</span></a></span>, who actually went off on a branch that in reality belonged to some specific content by <i>tierranietos</i>. A detail that in the end was useful and a good feedback at the same time because it showed how we perceive the communication out here and in any case gave some hints about what is needed to make things like this proposal work if that is possible at all.</p><p>Somehow this "project", the search for how to prevent "the one who is out there all alone" to drown in his <a href="https://tupambae.com/search?tag=depression" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>depression</span></a>, loneliness and <a href="https://tupambae.com/search?tag=climateGrief" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>climateGrief</span></a>, and together with that actually ultimately "how to sustain and protect <i>La tierra de nuestros nietos</i>", tries to tackle exactly "the emptiness of the common social media that programmed us", as pointed out quite neat by <span class="h-card"><a href="https://mastodon.social/users/_elena" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>_elena</span></a></span> in her latest trailer <a href="https://tupambae.com/search?tag=theFedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>theFedi</span></a>. And if we talk about "try to tackle", we would come to points that weren't even touched, or perhaps were expected to be touched thru feed back conversations about trust, cooperation and so on.</p><p>At the same time, main point is and always will be, that most of us are just people out here who are chit-chatting, looking for some entertainment and didn't subscribe, nor requested to become some kind of independent lossless pseudonym ONG to fulfill the expectations of others. So the first point of the sum-up, "how to join forces", has worked out to a certain extent by addressing contacts out of specific reasons. At the same time those contacts became kinda baffled because they found themself in comments and discussions that looked off-topic for them. Even more because they by themselves did not out of an own impulse "subscribe" to some <a href="https://tupambae.com/search?tag=greenPeaceLastGenerationTwoPoint0" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>greenPeaceLastGenerationTwoPoint0</span></a> project and there for not only became confused but even maybe became feed up somehow. And again, all this in an ambience of strangers in a dopamine wanna be social-web short span attention entertainment snippet reality.</p><p>In other words, as pointed out by <span class="h-card"><a href="https://tupambae.com/profile/bitpickup" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bitpickup</span></a></span>:</p><ul><li>is/was this post string a useful experience?<br>yes</li><li>is/was this a useful experience to build on that can stand/remain as it is?<br>yes</li><li>was it successful?<br>As of now, not really.</li><li>did the initial proposal has "at least an agenda / topic"<br>Actually it did, but all of you, as for now, never managed to work that out and stumbled over nitpicking details, <a href="https://berlin.social/@mina/114467235040703469" rel="nofollow noopener" target="_blank">quite nice chit-chat content, worthy for kind slap stick comic conversation string</a>, and probably strange nerv wrecking results because of dopamine, micro-blogging and previous negative social media experiences which all together create misunderstanding and perhaps even feelings that become perceived as offensive or feeling offended.</li></ul><p>At least that is the interpretation from over here.</p><p>Last but not least:<br></p><p><strong>aiquez wrote:</strong></p><blockquote>the sftp_issue could be interesting<br>-&gt; collecting_files for activism or arts .. lets see</blockquote><br>Actually it looks like this is where the <a href="https://media.tupambae.org/colaborator/studi0/pro_iDeenMerz/" rel="nofollow noopener" target="_blank">#foFritz-@studi0 project "got stuck"</a> for now, not in terms of creating sftp access in the first place, but in terms of downloading the material for <a href="https://tupambae.com/search?tag=FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> co-editing with <a href="https://tupambae.com/search?tag=KDEnlive" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KDEnlive</span></a>, <a href="https://tupambae.com/search?tag=OBS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OBS</span></a> and/or <a href="https://tupambae.com/search?tag=GIMP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GIMP</span></a> and working out howTo's and how to do that in the first place. In any case, ultimately even an issue that in part ends up in conversations and best practice about trust and creating a <a href="https://tupambae.com/search?tag=webOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webOfTrust</span></a> between those involved in a mandatory and by default pseudonym environment, as you are supposed to download a zip/tar.gz and/or files and open them on your system.<p><br>btw<br>Looks like <a href="https://tupambae.com/search?tag=foFritz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>foFritz</span></a> actually evolved into <a href="https://tupambae.com/search?tag=idenTheater" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>idenTheater</span></a> and is actually just there, waiting to be used for all kinds of news slaughter, exposure, satirizing of tyrants and all those things.</p><p>Last take was <i>the envy of a dying emperor over people who farewelled their beloved humble neighbor</i> who was forced by life to become president for one term.</p><p><br><span class="h-card"><a href="https://moppels.bar/users/98zdjovf3p" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>crossgolf_rebel</span></a></span> <span class="h-card"><a href="https://mas.to/users/resl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>resl</span></a></span></p>
Klaus Frank<p>Given all of the <a href="https://chaos.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://chaos.social/tags/shittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shittification</span></a> a web of trust built on a friend-to-friend basis appears to be inevitable for anything remotely like the current internet to exist moving forward.</p><p>Literally no point in interacting with any of the AI shit besides writing your own bot to hide, close, remove, ... it wherever possible...<br><a href="https://chaos.social/tags/weboftrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>weboftrust</span></a></p>
N-gated Hacker News<p>Ah, yes, the Linux Kernel's <a href="https://mastodon.social/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> Web of Trust—because nothing screams "cutting-edge technology" like a system built on the tattered remains of <a href="https://mastodon.social/tags/keyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keyserver</span></a> networks 🤦‍♂️. Who needs simplicity when you can have a Byzantine key repository maintained by a single guy named Konstantin? 🔐🔑<br><a href="https://blog.kleine-koenig.org/ukl/the-linux-kernels-pgp-web-of-trust.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.kleine-koenig.org/ukl/the</span><span class="invisible">-linux-kernels-pgp-web-of-trust.html</span></a> <a href="https://mastodon.social/tags/LinuxKernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinuxKernel</span></a> <a href="https://mastodon.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://mastodon.social/tags/Humor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Humor</span></a> <a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/ngated" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ngated</span></a></p>
Hacker News<p>The Linux Kernel's PGP Web of Trust</p><p><a href="https://blog.kleine-koenig.org/ukl/the-linux-kernels-pgp-web-of-trust.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.kleine-koenig.org/ukl/the</span><span class="invisible">-linux-kernels-pgp-web-of-trust.html</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/LinuxKernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinuxKernel</span></a> <a href="https://mastodon.social/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://mastodon.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a></p>
Colan Schwartz<p>Until these tools learn how to properly trust sources, check them yourself, and ensure their trustworthiness before using them. </p><p>I'm wondering if some kind of trust ecosystem could work here, though? It wouldn't be hard for the AIs to verify digital signatures, right?</p><p><a href="https://arstechnica.com/security/2025/04/ai-generated-code-could-be-a-disaster-for-the-software-supply-chain-heres-why/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2025/</span><span class="invisible">04/ai-generated-code-could-be-a-disaster-for-the-software-supply-chain-heres-why/</span></a></p><p><a href="https://mastodon.social/tags/supplychainsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supplychainsecurity</span></a> <a href="https://mastodon.social/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supplychainattack</span></a> <a href="https://mastodon.social/tags/LLMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLMs</span></a> <a href="https://mastodon.social/tags/factchecking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>factchecking</span></a> <a href="https://mastodon.social/tags/softwaresupplychain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwaresupplychain</span></a> <a href="https://mastodon.social/tags/SoftwareSupplyChainSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareSupplyChainSecurity</span></a> <a href="https://mastodon.social/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://mastodon.social/tags/packagemanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>packagemanagement</span></a> <a href="https://mastodon.social/tags/weboftrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>weboftrust</span></a> <a href="https://mastodon.social/tags/factchecking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>factchecking</span></a> <a href="https://mastodon.social/tags/digitalsignatures" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>digitalsignatures</span></a></p>
HoldMyTyperant
Janik :linux: :ansible: :bash:<p><span class="h-card" translate="no"><a href="https://social.wildeboer.net/@jwildeboer" class="u-url mention">@<span>jwildeboer</span></a></span> Now the big question is: How can we fight the crawlers?<br />My suggestion is that we need to establish a layer of trust on the web. Connections made by humans should be different from connections made by machines. We can go beyond captchas and turnstile.<br />Let&#39;s adopt the web of trust principles.</p><p><a href="https://fosstodon.org/tags/WebOfTrust" class="mention hashtag" rel="tag">#<span>WebOfTrust</span></a></p>
Cryptomator<p>The latest Cryptomator Hub release is here – and it's all about trust, control, and clarity.</p><p>With version 1.4.0, we're introducing new ways to verify identities, manage vault creation, and monitor activity more precisely.</p><p>Perfect for teams and organizations that take data security seriously.</p><p>🔍 Curious? Check out the full release breakdown on our blog: <a href="https://cryptomator.org/blog/2025/04/15/hub-1.4.0/?utm_source=mastodon&amp;utm_medium=social&amp;utm_campaign=hub-1-4-0" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cryptomator.org/blog/2025/04/1</span><span class="invisible">5/hub-1.4.0/?utm_source=mastodon&amp;utm_medium=social&amp;utm_campaign=hub-1-4-0</span></a></p><p><a href="https://mastodon.online/tags/Cryptomator" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cryptomator</span></a> <a href="https://mastodon.online/tags/DataPrivacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataPrivacy</span></a> <a href="https://mastodon.online/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.online/tags/OpenSourceTools" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSourceTools</span></a> <a href="https://mastodon.online/tags/EncryptionMatters" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncryptionMatters</span></a> <a href="https://mastodon.online/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> <a href="https://mastodon.online/tags/AuditTrail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AuditTrail</span></a> <a href="https://mastodon.online/tags/ZeroKnowledge" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroKnowledge</span></a></p>
Colin Cogle :verified:<p><span class="h-card" translate="no"><a href="https://gaygeek.social/@vlpatton" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>vlpatton</span></a></span> The classic method is a key signing party. Get a bunch of people in the same room with legal photo identification and their fingerprints, and go around the room checking everyone else’s ID. Then, go home and sign everyone’s keys. Send the signed key to the key owner. Import signed keys and collect signatures!</p><p>Key servers sharing signatures haven’t been a thing since the attacks years ago. Any modern keyserver will strip the signatures, so you’ll have to distribute your key with signatures some other way (WKD, DNS, a file on your web site, etc.).</p><p>CAcert will do PGP key endorsements if you get enough assurances on their platform. Everyone with a signed key has had two forms of ID checked by two people. However, their infrastructure can only work on old-school RSA keys right now (they’re working on modernizing).</p><p><a href="https://mastodon.colincogle.name/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://mastodon.colincogle.name/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a> <a href="https://mastodon.colincogle.name/tags/CAcert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CAcert</span></a> <a href="https://mastodon.colincogle.name/tags/KeySigningParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeySigningParty</span></a> <a href="https://mastodon.colincogle.name/tags/cryptoparty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cryptoparty</span></a> <a href="https://mastodon.colincogle.name/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a></p>
Ayzee 🏳️‍⚧️<p>how does one perhaps acquire signatures for their PGP key? I'm wanting to build a web of trust, but I'm unsure if there's anyone I know personally (and especially in-person) who would be able to sign my keys...</p><p>fwiw, I use my keys to sign Git commits, mostly.</p><p><a href="https://gaygeek.social/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://gaygeek.social/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encryption</span></a> <a href="https://gaygeek.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> <a href="https://gaygeek.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a></p>
CarK :python:<p><span class="h-card" translate="no"><a href="https://bonn.social/@Sascha" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Sascha</span></a></span> </p><p>Ein ähnliches Beispiel ist das Recht auf Anonymität: Wichtig um Missstände aufzudecken ("Whistle-Blowing"), wird aber oft für Hetze und Desinformation benutzt.</p><p>→ Es braucht mittelfristig ein kluges Management von Vertrauen im Internet.</p><p>Das <a href="https://social.tchncs.de/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> [1] hat das Problem im Bereich <a href="https://social.tchncs.de/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>-basierter E-Mail-Authentizität eigentlich schon gelöst. Sowas ähnliches bräuchte es (zeitgemäß umgesetzt) für allgemeine Informationen.</p><p>[1] <a href="https://de.wikipedia.org/wiki/Web_of_Trust" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">de.wikipedia.org/wiki/Web_of_T</span><span class="invisible">rust</span></a></p>
jack 💥<p>I decree that <a href="https://mastodon.online/tags/mozilla" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mozilla</span></a> should create a <a href="https://mastodon.online/tags/weboftrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>weboftrust</span></a> mechanism. Kinda of like what keybase used to be. As way to very identity others so you can safety chat, share, exchange, etc. </p><p>In a world of bullshit ID (Azure, Google, Amazon, Apple, Etc) having an ID that wasn't tied to a billionaire corp, g-men, or government name it would be a valued service. Offer a premium version that makes it supercharged. place it behind firefox ID.</p><p>xoxo</p><p><a href="https://mastodon.online/tags/brainstorm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>brainstorm</span></a> <a href="https://mastodon.online/tags/firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>firefox</span></a></p>
Benedikt Ritter (he/him)<p>The keybase.io proof for my domain just broke because I recreated my website. Does anybody still use keybase.io? It felt like it was a great idea in the beginning but then introduced crypto currencies which felt shady to me.</p><p><a href="https://chaos.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> <a href="https://chaos.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://chaos.social/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> <a href="https://chaos.social/tags/keybase_io" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keybase_io</span></a></p>
Christian Thäter<p>Just a Brainfart:</p><p>How about a verify button next to the fav button to a post. People who verified the content of a post can check this.</p><p>One can tag people/accounts as 'trustworthy'.</p><p>Toots then be shown differently:<br> * gray '?' when validity is unknown<br> * blue :verified: when someone trusted verified it<br> * green checkmark when oneself verified it</p><p>In account settings one could configure<br>a warning/error when sharing unverified content.</p><p>Building a <a href="https://karlsruhe-social.de/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> on <a href="https://karlsruhe-social.de/tags/mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mastodon</span></a> against <a href="https://karlsruhe-social.de/tags/fakenews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fakenews</span></a>.</p>
Rob Pegoraro<p><strong>Weekly output: Internet founders in D.C., Tim Berners-Lee at Web Summit, Bluesky account-verification advice</strong></p><p>This holiday-shortened week still had a lot of work–just not all the kind that yielded bylines, in some cases not the kind that will yield bylines this year.</p><p>11/25/2024: <a href="https://www.pcmag.com/news/internet-founders-open-architectures-are-best-but-big-tech-makes-it-difficult" rel="nofollow noopener" target="_blank">Internet Founders: Open Architectures Are Best, But Big Tech Makes It Difficult</a>, PCMag</p><p>As I <a href="https://robpegoraro.com/2024/11/23/reminder-its-neat-covering-a-technology-when-its-inventors-are-still-around-to-talk-about-it/" rel="nofollow noopener" target="_blank">wrote last week</a>, it’s a treat seeing Internet pioneers speak about how their collective invention has been working out and what we ought to be doing with it.</p><p>11/27/2024: <a href="https://www.fastcompany.com/91231379/tim-berners-lee-solid-inrupt-pod-digital-wallet" rel="nofollow noopener" target="_blank">The man who gave us the web is building a better digital wallet</a>, Fast Company</p><p>My Fast Company editor Harry McCracken asked if I wanted to join him to quiz the inventor of the Web at Web Summit, and I quickly said I’d clear my schedule for that. Like&nbsp;<a href="https://robpegoraro.com/2022/11/13/weekly-output-web-summit-tim-berners-lee-1password-slingbox-rocket-lab/" rel="nofollow noopener" target="_blank">two years ago</a>,&nbsp;Harry asked most of the questions and then wrote up our conversation.</p><p>11/29/2024: <a href="https://www.pcmag.com/how-to/real-or-imposter-how-to-verify-that-a-bluesky-account-is-legit" rel="nofollow noopener" target="_blank">Real or Imposter? How to Verify That a Bluesky Account Is Legit</a>, PCMag</p><p>My inspiration for this how-to came from <a href="https://bsky.app/profile/robpegoraro.com/post/3lbfkwvwi4k2r" rel="nofollow noopener" target="_blank">seeing some bozo try to impersonate Rep. Don Beyer</a> (D.-Va.) on Bluesky, then wondering why my congressman had not <a href="https://bsky.social/about/blog/4-28-2023-domain-handle-tutorial" rel="nofollow noopener" target="_blank">domain-verified</a> his account with a house.gov handle, then <a href="https://bsky.app/profile/robpegoraro.com/post/3lbfvcaomt22h" rel="nofollow noopener" target="_blank">personally shaming Bay Area Rapid Transit into tweeting its Bluesky handle from its verified X account</a> (BART has since domain-verified its account). My editors then updated the post Sunday with details from <a href="https://bsky.app/profile/safety.bsky.app/post/3lc4h7p676225" rel="nofollow noopener" target="_blank">posts Friday afternoon by Bluesky’s safety account</a> about how the platform is dealing with this impersonation problem–including a recognition that “users want more ways to verify their identity beyond domain verification.”</p><p><a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/account-impersonation/" target="_blank">#accountImpersonation</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/bluesky/" target="_blank">#Bluesky</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/domain-name-verification/" target="_blank">#domainNameVerification</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/project-liberty/" target="_blank">#ProjectLiberty</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/social-media-fraud/" target="_blank">#socialMediaFraud</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/social-media-verification/" target="_blank">#socialMediaVerification</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/steve-crocker/" target="_blank">#SteveCrocker</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/tbl/" target="_blank">#TBL</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/tim-berners-lee/" target="_blank">#TimBernersLee</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/vint-cerf/" target="_blank">#VintCerf</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/web-of-trust/" target="_blank">#webOfTrust</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://robpegoraro.com/tag/web-summit/" target="_blank">#WebSummit</a></p>
Hugo Trentesaux<p><strong>Toile de confiance animée #6</strong></p> <p><a href="https://tube.p2p.legal/videos/watch/56295b07-2cae-4d3e-8d81-e4f4f4317a67" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tube.p2p.legal/videos/watch/56</span><span class="invisible">295b07-2cae-4d3e-8d81-e4f4f4317a67</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@shaknais" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>shaknais</span></a></span> No, <a href="https://infosec.space/tags/VoLTE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VoLTE</span></a> - like any <a href="https://infosec.space/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> - <em>can't and won't</em> solve <a href="https://mastodon.social/@shaknais/113241205903082429" rel="nofollow noopener" target="_blank">issues</a> caused by <em><a href="https://infosec.space/tags/humans" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>humans</span></a> being <a href="https://infosec.space/tags/malicious" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malicious</span></a> and/or <a href="https://infosec.space/tags/corrupt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>corrupt</span></a></em>, espechally since it's a <a href="https://infosec.space/tags/blackbox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blackbox</span></a> that the user can't even <em>verify a checksum or fingerprint</em> of.</p><ul><li><p>Whereas with <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a> one can use <a href="https://infosec.space/tags/DueDiligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DueDiligence</span></a>, <a href="https://infosec.space/tags/MFA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MFA</span></a> &amp; <a href="https://infosec.space/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a> independently from each other to verify things!</p></li><li><p>You're goalposting, so the entire conversation is just a waste of time and traffic for me.</p></li></ul><p><a href="https://infosec.space/tags/thxbye" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thxbye</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EOD</span></a></p>
Rowan the Selfsame<p>If you know me, you know I am an Invisible Internet Project [<a href="https://c.im/tags/I2P" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>I2P</span></a> &amp; <span class="h-card" translate="no"><a href="https://mastodon.social/@i2p" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>i2p</span></a></span>] enthusiast. (See the <a href="https://geti2p.net/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/</span><span class="invisible"></span></a> <a href="https://c.im/tags/homepage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homepage</span></a>.) I2P is similar to Tor, but differs in that _every_ client instance of the I2P software, while connected to the Internet, _participates in routing traffic_ around Internet blockages.</p><p>I just read <a href="https://www.diva.exchange/en/privacy/i2p-interview-with-the-developer-idk-part-2/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">diva.exchange/en/privacy/i2p-i</span><span class="invisible">nterview-with-the-developer-idk-part-2/</span></a> and came across a link to a <a href="https://c.im/tags/SoftwareLibrary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareLibrary</span></a> for the "SAM API" of I2P. In the past, I had thought the SAM <a href="https://c.im/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>API</span></a> cumbersome and clunky (perhaps this was due to the format of the documentation).</p><p>The <a href="https://www.diva.exchange/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">diva.exchange/</span><span class="invisible"></span></a> team have created a <a href="https://c.im/tags/Typescript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Typescript</span></a> wrapper for the I2P SAM API. It seems that Diva Exchange uses <a href="https://c.im/tags/I2PD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>I2PD</span></a> (the <a href="https://c.im/tags/CPlusPlus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPlusPlus</span></a> variety of the available I2P applications) rather than the reference <a href="https://c.im/tags/Java" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Java</span></a> implementation.</p><p>**If you are affiliated with diva.exchange/, please reach out to the editors to include back-links to the I2P Homepage and <a href="https://c.im/tags/SourceCode" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SourceCode</span></a> repositories &amp; documentation!** Even if the links are subtle and get overlooked by casual readers (attentive readers will cite the links additionally), the publicity gained by linking to the relevant I2P pages _should_ help the I2P to climb the ranks of search engine results. Mutual aid is a social duty — even on the Internet!</p><p>----</p><p>The I2P SAM library that excites me: <a href="https://github.com/diva-exchange/i2p-sam" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/diva-exchange/i2p-s</span><span class="invisible">am</span></a> (Note: this library _is not listed_ in the table of libraries on the I2P SAM documentation page.)<br>The I2P SAM canonical documentation: <a href="https://geti2p.net/en/docs/api/samv3" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/docs/api/samv3</span><span class="invisible"></span></a></p><p>----</p><p>If you would like to play with I2P, here are the links to download the software:</p><p>- <a href="https://geti2p.net/en/download#windows" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#windows</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#mac" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#mac</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#unix" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#unix</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#deb" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#deb</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#android" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#android</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#source" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#source</span><span class="invisible"></span></a></p><p>----</p><p>Here are a few other links of interest, relating to I2P:</p><p>- "Bitcoin core adds support for I2P!" at <a href="https://geti2p.net/en/blog/post/2021/09/18/i2p-bitcoin" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">geti2p.net/en/blog/post/2021/0</span><span class="invisible">9/18/i2p-bitcoin</span></a>, posted 2021-09-18 by idk. **Blurb**: "A new use case and a signal of growing acceptance.". [<a href="https://c.im/tags/BTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BTC</span></a> <a href="https://c.im/tags/Bitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bitcoin</span></a> <a href="https://c.im/tags/BitcoinCore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BitcoinCore</span></a> <a href="https://c.im/tags/Proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proxy</span></a>]<br>- "Help your Friends Join I2P by Sharing Reseed Bundles" at <a href="https://geti2p.net/en/blog/post/2020/06/07/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">geti2p.net/en/blog/post/2020/0</span><span class="invisible">6/07/</span></a>, , posted 2020-06-07 by idk. **Blurb**: file-based-reseed "Create, exchange, and use reseed bundles". [<a href="https://c.im/tags/NetworkHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetworkHub</span></a> <a href="https://c.im/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebOfTrust</span></a>]<br>- "Gitlab over I2P Setup" at <a href="https://geti2p.net/en/blog/post/2020/03/16/gitlab-over-i2p/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">geti2p.net/en/blog/post/2020/0</span><span class="invisible">3/16/gitlab-over-i2p/</span></a>, posted 2020-03-16 by idk. **Blurb**: "Mirror I2P Git repositories and Bridge Clearnet repositories for others." [<a href="https://c.im/tags/Git" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Git</span></a> <a href="https://c.im/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a>]<br>- "Blizzard (I2P Router Plugin)" at <a href="https://i2p-pt.github.io/blizzard/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">i2p-pt.github.io/blizzard/</span><span class="invisible"></span></a>, whose **blurb** is: "blizzard, I2P Plugin for Donating a Snowflake.", and "Plugins — I2P" at <a href="https://geti2p.net/en/docs/plugins" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/docs/plugins</span><span class="invisible"></span></a>:<br> &gt; Blizzard is a standalone version of the Tor Project’s Snowflake proxy. It can be used to produce an I2P Plugin that will donate a Snowflake to Tor Browser users. The Snowflake uses I2P to manage its lifecycle. That means when you start and stop your I2P router you start and stop the Snowflake.<br>- "I2P — Wikipedia § Software" at <a href="https://en.wikipedia.org/wiki/I2P#Software" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.wikipedia.org/wiki/I2P#Soft</span><span class="invisible">ware</span></a>.</p>