@Bluewall granted, #Ransomware also does and the #neurotypical wording may imply that only that is being accepted.

• Tho granted #DDoS does make a resource inaccessible and #MITM'ing #SSH will act like a #DoS on said connections, as mismatching #Pubkeys rightfully throw an error and cancel the connection attempt…

#Phishing doesn't impact the availability of data directly, so it's the only one where I could reasonably exclude it since phishing is only done as a means to obtain credentials, aka. obtaining access to an entrypoint.

@koenvh #FunFact: THIS is actually real when it comes to #OnionServices on #Tor / @torproject despite (or rather because of) having a self-routing and self-administrating, self-authentificating namespace utilizing #Pubkeys for addressing.

• @alecm / @alecmuffett actually has a pretty substantial list.

Mine merely covers a few #BonaFide ones and there are literal #scam businesses when it comes to the kinds of sites I won't name nor list!

for instance, "shared secrets" are really the key to #identity verification. #pubkeys are excellent, but so is #oauth :-)

@gaba I think it would be even better if we teach #TechLiteracy and spread both @tails_live / #Tails and easy to use tools to do #OpenPGP like #Kleopatra & #enc so people can really do #E2EE and just use #Pubkeys that have been released by the intended recipient...

@jamesh @itisiboller @finestructure

Maybe it's because the entire #TechStack on #WebDevelopment is a cancerous growth which tires to solve serious structural integrity issues with more and more flex-tape?

I think that using proper #E2EE with #PGP #Pubkeys for both Users and Servers would've alleviate the issues.

The whole #SSL fuckshitstack is bad and sadly we failed to teach users basic #TechLiteracy and now we can only broom away the glass shards before the kids trample in them...

@ljrk @lexd0g And yes, I know that #passwords are bad but besides #SSH & #PGP #Pubkeys there is no good way to authenticate that isn't like a #TOTP / #HOTP - like #2FA or some confirmation message...

#Passkey don't make people more #TechLiterate and actually learn how to use a #PasswordManager|s or exercise #SelfCustody of Keys...

Nor do they save the problem that platforms / logins don't do basic behaviour-based protection against just spamming credentials or irregular patterns.

@c3boc Q: Any #Pubkeys for said comms?

@dangoodin I doubt this to be the case - #Fax survive in regulatory bs nieches, and #Passwords will be unremoveable since not every platform & application will allow auth via #X509 certs, #GnuPG# or #SSH #Pubkeys and you can't force everything to be #online or using a centralized server...

@tek @prozacchiwawa Also it's trivial to version #Pubkeys...

If necessary just setup some custom URL/forwarder like keys.domain.example/ssh to wget that stuff post-install...

@kusuriya @mail *nodds in agreement*

#Keybase in it's original form as a means to sync and host #Pubkeys and #verify accounts is good, but them selling out and snitching on users [i.e. #DeterrenceDispensed] is inexcuseable.

OFC a privacy & encrypted-only eMail provicer would've to offer a #Keyserver to provide #Pubkeys for the eMail adresses of users...

Ideally something that literally allows automatic pulling like keyserver.mailprovider.example/emailadress@mailprovider.example.pubkey.

@offenenetze das liegt daran dass die #BNetzA für viele Dinge - wie andere #Behörden (mangels #Digitalisierung und Bereitstellung von #GnuPG / #OpenPGP - #Pubkeys) weiterhin nur #Fax als nachweislich zuverlässige, elektronische Kommunikationsform für meldepflichtige und Fristsachen bedarf.

#Funfact ich kenne sogar #VoIP-Anbieter die sowas [abgesehen von ausgehenden #Fax|en und #Rufnummerportierung] kostenlos anbieten...

Und ja ich brauche das leider auch, weil #EDGEland / #Schlandistan...

@pallenberg
Mangelnde #Digitalisierung fängt ja schon damit an dass man trotz #Pandemie #Endemie nichtmals grundlegenste Dinge remote erledigen kann.

z.B. kriegt es die #Arbeitsagentur bei nem Bekannten problemlos hin #Termine per #SMS zu spammen, erlaubt aber keine #Rückantwort und es gibt auch keine vernünftigen #eMails...

Davon dass man seitens der Behörden und meisten Unternehmen gänzlich unwillig ist #GnuPG-#Pubkeys zu importieren und sicher zu kommunizieren will ich garnicht anfangen.