You are viewing a single comment's thread from:

RE: This video was posted automatically by 3speak !

in DCooperation3 years ago

Good old non trustless systems. I know it's probably really hard to build a social network that is both accessible and only you hold your keys (without entering them on a website since even if the process is carried out within your browser it can be changed to send the info to the remote servers easily) - but it kind of defeats the purpose of keys if a bunch of systems that we don't control have access to our keys.

Sort:  

It could be encrypted at least. So, only if someone enter the second password, the application is allowed to post. I didn't yet changed the keys in @dcooperation , but in @clixmoney I did. It's possible to do that on the wallet. If that will happen again with @dcooperation, I will have to change keys here as well.

In steem we had such an issue with an other application called utopian. I don't know if it still working or not, but the issue was in hacking the application, someone gets all the keys and start using accounts to downvote whales. Those whales started to downvote back and that was crazy. A lot of little accounts get hurt because of that, including mine. But I noticed my account downvoting a bit earlier, so I revoked my posting key to the application and changed the main key, what changed all other keys after ( posting, active and others).

We have as well a system to secure our accounts and that's by using https://hivesigner.com/. So, most applications on hive use hivesigner to login, but 3speak I guess doesn't use it. We just trust them our keys (posting ones). But the issue we had with utopian was related to a website in steem that was working like hivesigner. So, some people in hive don't even trust their keys to hivesigner as well. The most trusted is keychain. We have many applications use keychain. It's the most trusted way to login to any application or any website built on hive. Because hivekeychain saves all the keys only on the pc. So, non of the websites can do anything unless we login to hivekechain. By the way hivekeychain ask the password everyday. So, not only hivekeychain don't let websites save keys, but also we have to enter a supplementary password everyday to activate it. I wish 3speak add hivekeychain to their website. Or at least hivesigner for those who trust it.