Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mstdn.social/users/kkarhan/statuses/111628234938402375">Kevin Karhan :verified: (kkarhan@mstdn.social)'s status on Sunday, 24-Dec-2023 01:04:08 JST</a><a href="https://mstdn.social/@kkarhan" title="kkarhan@mstdn.social"><img src="https://gnusocial.jp/avatar/71381-48-20221216082034.webp" width="48" height="48" alt="Kevin Karhan :verified:" style="position: absolute; left: 0; top: 0;">Kevin Karhan :verified:</a><div><a href="https://mstdn.social/@kkarhan/111628191239912732" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/117164" title="protonmail@mastodon.social">Proton Mail</a></li><li><a href="https://gnusocial.jp/user/213068" title="hexaheximal@blob.cat">hexaheximal</a></li><li><a href="https://gnusocial.jp/user/225791" title="hexaheximal@wetdry.world">hexaheximal</a></li></ul></div></section><article><p><a href="https://blob.cat/users/hexaheximal">@hexaheximal@blob.cat</a> <a href="https://wetdry.world/@esm">@esm</a> <a href="https://wetdry.world/@hexaheximal">@hexaheximal@wetdry.world</a> </p><p>So yeah, don't trust any <a href="https://mstdn.social/tags/WebApp" rel="tag">#WebApp</a> where it's trivial to siphon away credentials.</p><p>And don't trust any <a href="https://mstdn.social/tags/Service" rel="tag">#Service</a>, because they WILL LIE TO YOU just like the <a href="https://mstdn.social/tags/Honeypots" rel="tag">#Honeypots</a> of <a href="https://mstdn.social/tags/AN%C3%98M" rel="tag">#ANØM</a> and <a href="https://mastodon.social/@protonmail">@protonmail</a> did/still do.</p><p>Keep your keys in self-custody and encryption as well as decryption locally or don't even bother at all!</p><p>And I'd certainly not do critical comms from an insecure device where I don't have full control!</p><p><a href="http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/547af5650b3853a3b24e" rel="nofollow noreferrer">http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/547af5650b3853a3b24e</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2490956#notice-4929233">In conversation</a><time datetime="2023-12-24T01:04:08+09:00" title="Sunday, 24-Dec-2023 01:04:08 JST">Sunday, 24-Dec-2023 01:04:08 JST</time> <span>from <span><a href="https://mstdn.social/@kkarhan/111628234938402375" rel="external" title="Sent from mstdn.social via ActivityPub">mstdn.social</a></span></span><a href="https://mstdn.social/@kkarhan/111628234938402375">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Karhan :verified: (kkarhan@mstdn.social)'s status on Sunday, 24-Dec-2023 01:04:08 JSTKevin Karhan :verified:
in reply to
@hexaheximal@blob.cat @esm @hexaheximal@wetdry.world
So yeah, don't trust any #WebApp where it's trivial to siphon away credentials.
And don't trust any #Service, because they WILL LIE TO YOU just like the #Honeypots of #ANØM and @protonmail did/still do.
Keep your keys in self-custody and encryption as well as decryption locally or don't even bother at all!
And I'd certainly not do critical comms from an insecure device where I don't have full control!
http://dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion/post/547af5650b3853a3b24e
In conversationSunday, 24-Dec-2023 01:04:08 JST from mstdn.socialpermalink

Public

Embed Notice

HTML Code

Corresponding Notice