Hacker Poesytrust
http://status.hackerposse.com/tag/trust/rss
Updates tagged with trust on Hacker Poesy!rozzin: So, "what am I doing when I get a new key from someone and check the signatures to see if there are any people in common" depends heavily on what you mean by "check the signatures" and "people in common". If you mean "trace through signature-chains with no #trust #metrics to find *reachable* signatures", then no you're not using #WoT verification, you're making your own inferences based on something else.
http://status.hackerposse.com/notice/133956
rozzin's status on Wednesday, 03-Jul-2019 10:32:33 EDTSo, "what am I doing when I get a new key from someone and check the signatures to see if there are any people in common" depends heavily on what you mean by "check the signatures" and "people in common". If you mean "trace through signature-chains with no #<span class="tag"><a href="https://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> #<span class="tag"><a href="https://status.hackerposse.com/tag/metrics" rel="tag">metrics</a></span> to find *reachable* signatures", then no you're not using #<span class="tag"><a href="https://status.hackerposse.com/tag/wot" rel="tag">WoT</a></span> verification, you're making your own inferences based on something else.2019-07-03T10:32:33-04:00Joshua Judson Rosenrozzin: That #PGP's #WoT metrics (supposedly) propagate through signature-chains is somehow basically an extremely popular #myth; "talks about WoT being all about arbitrarily-long multi-hop chains of trust" and "conflates #trust and #identity #certification" have been "understands-pgp-p" litmus tests for me since I realized how confused *I was myself* years ago, and they've never failed before.
http://status.hackerposse.com/notice/133948
rozzin's status on Wednesday, 03-Jul-2019 00:49:32 EDTThat #<span class="tag"><a href="https://status.hackerposse.com/tag/pgp" rel="tag">PGP</a></span>'s #<span class="tag"><a href="https://status.hackerposse.com/tag/wot" rel="tag">WoT</a></span> metrics (supposedly) propagate through signature-chains is somehow basically an extremely popular #<span class="tag"><a href="https://status.hackerposse.com/tag/myth" rel="tag">myth</a></span>; "talks about WoT being all about arbitrarily-long multi-hop chains of trust" and "conflates #<span class="tag"><a href="https://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> and #<span class="tag"><a href="https://status.hackerposse.com/tag/identity" rel="tag">identity</a></span> #<span class="tag"><a href="https://status.hackerposse.com/tag/certification" rel="tag">certification</a></span>" have been "understands-pgp-p" litmus tests for me since I realized how confused *I was myself* years ago, and they've never failed before.2019-07-03T00:49:32-04:00Joshua Judson Rosenkuro: Google Won't #Trust Symantec and Neither Should You https://is.gd/bPcDnI !security
http://status.hackerposse.com/notice/121403
kuro's status on Friday, 21-Apr-2017 14:23:46 EDTGoogle Won't #<span class="tag"><a href="https://quitter.se/tag/trust" rel="tag">Trust</a></span> Symantec and Neither Should You <a href="http://www.darkreading.com/endpoint/google-wont-trust-symantec-and-neither-should-you/a/d-id/1328682?" title="http://www.darkreading.com/endpoint/google-wont-trust-symantec-and-neither-should-you/a/d-id/1328682?" class="attachment" rel="nofollow external">https://is.gd/bPcDnI</a> !<a href="http://sn.jonkman.ca/group/416/id" class="h-card group" title="Computer and Network Security (security)">security</a>2017-04-21T14:23:46-04:00kurorozzin: As the #GnuPG manual says, bundling #trust into #keysigning "is generally only useful in distinct communities or groups": https://www.gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html
http://status.hackerposse.com/notice/95824
rozzin's status on Thursday, 24-Mar-2016 18:30:48 EDTAs the #<span class="tag"><a href="http://status.hackerposse.com/tag/gnupg" rel="tag">GnuPG</a></span> manual says, bundling #<span class="tag"><a href="http://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> into #<span class="tag"><a href="http://status.hackerposse.com/tag/keysigning" rel="tag">keysigning</a></span> "is generally only useful in distinct communities or groups": <a href="https://www.gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html" title="https://www.gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html" class="attachment" id="attachment-10289" rel="nofollow external">https://www.gnupg.org/documentation/manuals/gnupg/OpenPGP-Key-Management.html</a>2016-03-24T18:30:48-04:00Joshua Judson Rosennsa: we've to make them #trust us when they are still young ( adults don't believe anything we tell since @Snowden )
http://status.hackerposse.com/notice/68501
nsa's status on Saturday, 22-Nov-2014 12:29:33 ESTwe've to make them #<span class="tag"><a href="http://oracle.skilledtests.com/tag/trust" rel="tag">trust</a></span> us when they are still young ( adults don't believe anything we tell since @<span class="vcard"><a href="http://oracle.skilledtests.com/user/4859" class="url" title="Edward Snowden"><span class="fn nickname mention">Snowden</span></a></span> )2014-11-22T12:29:33-05:00nsarozzin: @lnxw48, I'd much rather people who #trust me #verify that they're actually getting a file _from me_ than from "the right domain".
http://status.hackerposse.com/notice/68144
rozzin's status on Monday, 03-Nov-2014 00:15:23 EST@<span class="vcard"><a href="https://fresh.federati.net/lnxw48" class="url" title="lnxw48"><span class="fn nickname mention">lnxw48</span></a></span>, I'd much rather people who #<span class="tag"><a href="http://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> me #<span class="tag"><a href="http://status.hackerposse.com/tag/verify" rel="tag">verify</a></span> that they're actually getting a file _from me_ than from "the right domain".2014-11-03T00:15:23-05:00Joshua Judson Rosenrozzin: I think people should be a lot #paranoid and not base #trust of data-transfers on whether the endpoints appear to have good #DNS names.
http://status.hackerposse.com/notice/67962
rozzin's status on Sunday, 26-Oct-2014 20:39:07 EDTI think people should be a lot #<span class="tag"><a href="http://status.hackerposse.com/tag/paranoid" rel="tag">paranoid</a></span> and not base #<span class="tag"><a href="http://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> of data-transfers on whether the endpoints appear to have good #<span class="tag"><a href="http://status.hackerposse.com/tag/dns" rel="tag">DNS</a></span> names.2014-10-26T20:39:07-04:00Joshua Judson Rosenerkanyilmaz: web of #trust: before and after the "Chemnitz Linux Days 2014" (2days) via @qbi http://oracle.skilledtests.com/attachment/32693
http://status.hackerposse.com/notice/62029
erkanyilmaz's status on Wednesday, 19-Mar-2014 08:33:19 EDTweb of #<span class="tag"><a href="http://oracle.skilledtests.com/tag/trust" rel="tag">trust</a></span>: before and after the "Chemnitz Linux Days 2014" (2days) via @<span class="vcard"><a href="http://quitter.se/qbi" class="url" title="qbi"><span class="fn nickname mention">qbi</span></a></span> <a href="http://oracle.skilledtests.com/attachment/32693" title="http://oracleat.skilledtests.com/erkanyilmaz-20140319T123318-greuzdb.jpeg" class="attachment thumbnail" rel="nofollow external">http://oracle.skilledtests.com/attachment/32693</a>2014-03-19T08:33:19-04:00Erkan Yılmazerkanyilmaz: you mean: besides Evan destroying #knowledge (1), make people #leave to the big silos like !twitter (and probably shake their #trust in "free projects"), killing off the whole SN ecosystem (throw away the !ostatus standard and use the new awesome whatever (3) or die), ... and we're so far not yet talking about #dumpio #features or so which we long-time users expect(ed) (a http://oracle.skilledtests.com/notice/473716
http://status.hackerposse.com/notice/60406
erkanyilmaz's status on Tuesday, 18-Feb-2014 05:10:00 ESTyou mean: besides Evan destroying #<span class="tag"><a href="http://status.hackerposse.com/tag/knowledge" rel="tag">knowledge</a></span> (1), make people #<span class="tag"><a href="http://status.hackerposse.com/tag/leave" rel="tag">leave</a></span> to the big silos like !twitter (and probably shake their #<span class="tag"><a href="http://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> in "free projects"), killing off the whole SN ecosystem (throw away the !ostatus standard and use the new awesome whatever (3) or die), ... and we're so far not yet talking about #<span class="tag"><a href="http://status.hackerposse.com/tag/dumpio" rel="tag">dumpio</a></span> #<span class="tag"><a href="http://status.hackerposse.com/tag/features" rel="tag">features</a></span> or so which we long-time users expect(ed) (a<a href="http://status.hackerposse.com/attachment/5281" class="attachment more" title="Show more">…</a>2014-02-18T05:10:00-05:00Erkan Yılmazerkanyilmaz: 'Liars and Outliers' "covers a wide array of disciplines, from game theory and security to sociology and evolution in its attempt to explain how #trust scales from a small village in which people know and trust each other to a global economy where individuals cannot possibly trust every person they must work with, but trust the systems of law and physical security instead." http://ur1.ca/geq42 cc @question
http://status.hackerposse.com/notice/57271
erkanyilmaz's status on Monday, 13-Jan-2014 12:47:27 EST'Liars and Outliers' "covers a wide array of disciplines, from game theory and security to sociology and evolution in its attempt to explain how #<span class="tag"><a href="http://oracle.skilledtests.com/tag/trust" rel="tag">trust</a></span> scales from a small village in which people know and trust each other to a global economy where individuals cannot possibly trust every person they must work with, but trust the systems of law and physical security instead." <a href="https://en.wikipedia.org/wiki/Liars_and_Outliers" title="https://en.wikipedia.org/wiki/Liars_and_Outliers" rel="nofollow external">https://en.wikipedia.org/wiki/Liars_and_Outliers</a> cc @<span class="vcard"><a href="http://oracle.skilledtests.com/user/2" class="url" title="Markov Dosto(y)evsky"><span class="fn nickname mention">question</span></a></span>2014-01-13T12:47:27-05:00Erkan Yılmazerkanyilmaz: no and yes. I've decided to not use #dumpio anymore because of the lost #trust to Evan
http://status.hackerposse.com/notice/55748
erkanyilmaz's status on Wednesday, 01-Jan-2014 07:08:17 ESTno and yes. I've decided to not use #<span class="tag"><a href="http://oracle.skilledtests.com/tag/dumpio" rel="tag">dumpio</a></span> anymore because of the lost #<span class="tag"><a href="http://oracle.skilledtests.com/tag/trust" rel="tag">trust</a></span> to Evan2014-01-01T07:08:17-05:00Erkan Yılmazerkanyilmaz: "I don't feel I can #trust #pump.io", probably belongs to: http://soc.tregeagle.com/conversation/55
http://status.hackerposse.com/notice/55588
erkanyilmaz's status on Tuesday, 31-Dec-2013 05:18:47 EST"I don't feel I can #<span class="tag"><a href="http://oracle.skilledtests.com/tag/trust" rel="tag">trust</a></span> #<span class="tag"><a href="http://oracle.skilledtests.com/tag/pumpio" rel="tag">pump.io</a></span>", probably belongs to: <a href="http://soc.tregeagle.com/conversation/55" title="http://soc.tregeagle.com/conversation/55" rel="nofollow external">http://soc.tregeagle.com/conversation/55</a>2013-12-31T05:18:47-05:00Erkan Yılmazerkanyilmaz: so, can we agree on this: #men which have seen other men #naked, #trust each other ?
http://status.hackerposse.com/notice/55164
erkanyilmaz's status on Wednesday, 25-Dec-2013 20:14:11 ESTso, can we agree on this: #<span class="tag"><a href="http://oracle.skilledtests.com/tag/men" rel="tag">men</a></span> which have seen other men #<span class="tag"><a href="http://oracle.skilledtests.com/tag/naked" rel="tag">naked</a></span>, #<span class="tag"><a href="http://oracle.skilledtests.com/tag/trust" rel="tag">trust</a></span> each other ?2013-12-25T20:14:11-05:00Erkan Yılmazrozzin: I wonder whether #captchas actually scale better than #invitation systems and/or #trust metrics....
http://status.hackerposse.com/notice/50962
rozzin's status on Sunday, 21-Jul-2013 11:38:28 EDTI wonder whether #<span class="tag"><a href="http://status.hackerposse.com/tag/captchas" rel="tag">captchas</a></span> actually scale better than #<span class="tag"><a href="http://status.hackerposse.com/tag/invitation" rel="tag">invitation</a></span> systems and/or #<span class="tag"><a href="http://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> metrics....2013-07-21T11:38:28-04:00Joshua Judson Rosenerkanyilmaz: I was thinking of #law in this sense: when you'd post someth. "bad" - somehow illegal - my #server may get stopped perhaps, so needs #trust
http://status.hackerposse.com/notice/8938
erkanyilmaz's status on Monday, 18-Jun-2012 11:53:23 EDTI was thinking of #<span class="tag"><a href="http://identi.ca/tag/law" rel="tag">law</a></span> in this sense: when you'd post someth. "bad" - somehow illegal - my #<span class="tag"><a href="http://identi.ca/tag/server" rel="tag">server</a></span> may get stopped perhaps, so needs #<span class="tag"><a href="http://identi.ca/tag/trust" rel="tag">trust</a></span>2012-06-18T11:53:23-04:00erkanyilmazrozzinJoshua Judson Rosenerkanyilmazerkanyilmaz