Has no one here heard of bitchute, odysee, rumble, brighteon? Come on man!

submitted by rubberbiscuit from i.imgur.com

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 6 insightful - 5 fun6 insightful - 4 fun7 insightful - 5 fun -  (18 children)

Actually the whole idea of passwords is retarded. On my sites one just enters one's email and gets a link with a hash that sets a persistent cookie. No need for annoying passwords.

😮 sounds pretty awesome

[–]raven9 6 insightful - 4 fun6 insightful - 3 fun7 insightful - 4 fun -  (9 children)

It's not really very awesome. It just means you have to sign into your email instead to receive the link... Steve Gibson invented a good solution but I have yet to see anyone implement it.

When you sign up, your app would generate an encryption key pair and send the public key to the host site. They store that key. In future, whenever you log in, you just enter your username. The site responds by using your public key to encrypt some random text which it sends to your app. Your app uses your private key to decrypt it and sends the plain text back to the site, encrypted with your private key. The host site decrypts it with the public key. If it matches the random text they encrypted and sent, you are logged in. No need to remember any passwords.

[–][deleted] 4 insightful - 4 fun4 insightful - 3 fun5 insightful - 4 fun -  (6 children)

Schmidts email approach has an advantage in that everyone already uses email and can understand it. I believe he's making a larger pitch that some casual accounts just don't need to be very secure.

[–]JasonCarswell 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (5 children)

Is there any interest in setting up a public/private key generating thing on SaidIt that could be used to log in on other platforms carrying our identities forward? Not sure it would matter too much with anons other than to verify you're the same "d3rr" on other platforms as on here, without getting direct communicated validation in comments or chat.

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (3 children)

Is there any interest in setting up a public/private key generating thing on SaidIt that could be used to log in on other platforms carrying our identities forward?

This is basically oAuth. It's already running here for the android app. No one cares about additional uses for it. No one wants to make saidit the center of their digital identity.

[–]JasonCarswell 3 insightful - 4 fun3 insightful - 3 fun4 insightful - 4 fun -  (2 children)

No one wants to make saidit the center of their digital identity.

I resemble that accusation.

I take it oAuth is good or you wouldn't use it. Would it be of use to non-Android folks?

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (1 child)

Yes oAuth has many uses. Sign in with Google, Sign in with Facebook, etc, those are all oAuth.

[–]JasonCarswell 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

Oh. I thought it was more indie. Last Feb someone (maybe Panzer) posted an alt-oAuth that sounded terrific. I wish I could find that again.

[–]raven9 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

You could create a key pair and publish the public key so then when you make a post anywhere else you could make a SHA1 hash of it and encrypt that and post it along with your post. Anyone with your public key could decrypt the hash and verify it matches their own hash of your post. That proves you are the one who encrypted it hence proof of the same identity. That would also mean other people could encrypt messages to you with your public key.

[–][deleted]  (1 child)

[deleted]

    [–]raven9 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

    Yes that sounds good too, I didn't know a signature can be verified with just a hash of the public key.

    [–][deleted] 4 insightful - 3 fun4 insightful - 2 fun5 insightful - 3 fun -  (7 children)

    That's how the Brave browser works too.

    [–][deleted] 4 insightful - 3 fun4 insightful - 2 fun5 insightful - 3 fun -  (6 children)

    I think I remember that, for their BAT doxing scam

    [–][deleted] 4 insightful - 3 fun4 insightful - 2 fun5 insightful - 3 fun -  (5 children)

    Uh oh, wasn't aware of that. I have had a pretty good experience with BAT, it's like getting paid $8 a month to use their browser. Not much, but it's handy for beer money.

    [–][deleted] 4 insightful - 3 fun4 insightful - 2 fun5 insightful - 3 fun -  (4 children)

    I'm just mad that their Uphold partner requires an ID upload. Maybe it's not a scam. But I'm under the impression that they don't need to know your identity until you make $10k, in compliance with those Know Your Customer laws. So Brave and/or Uphold* (I think it's an big and) is more strict than the law requires. I guess like here :(

    [–][deleted] 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (1 child)

    Ah the Uphold issues, I heard about those. So far no problems but reading about them wasn't real encouraging. My bank gives a fraud alert for transferring funds in.

    [–][deleted] 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (0 children)

    Hhahaha your bank is my new favorite bank.

    [–]JasonCarswell 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (1 child)

    My offer still stands. I'd BAT for you.

    [–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

    It ain't me your looking for, babe