Author Topic: Screen Shot  (Read 6409 times)

0 Members and 1 Guest are viewing this topic.

Offline bytemaster

Screen Shot
« on: November 26, 2013, 07:09:44 am »
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline JustHayden

  • Full Member
  • ***
  • Posts: 105
    • View Profile
Re: Screen Shot
« Reply #1 on: November 26, 2013, 07:20:06 am »
Is that all there is at the moment? Is there an ID page that shows your reputation and other things too yet?

Looks really good so far though, I can't wait to see what more keyhotee can become.
PTS: PjUAPsLu76Yi9516zFgHqtFYs2sBbAMwUx
Keyhotee: 7hQmwpf8ujy6h9jRkR7MPFqKNij3DrLifoDaemUUjaHLiUsy4g

Offline bytemaster

Re: Screen Shot
« Reply #2 on: November 26, 2013, 07:26:43 am »
Is that all there is at the moment? Is there an ID page that shows your reputation and other things too yet?

Looks really good so far though, I can't wait to see what more keyhotee can become.

IDs are being mined and you can add contacts by name and communicate with them.  There is a lot of polish left to do in the GUI as most of the work is under the hood.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline bytemaster

Re: Screen Shot
« Reply #3 on: November 26, 2013, 07:31:21 am »
The sad thing is that it doesn't look new and different compared to regular email.

But compare it to:



For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline bytemaster

Re: Screen Shot
« Reply #4 on: November 26, 2013, 07:36:19 am »


For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline fav

  • Administrator
  • Hero Member
  • *****
  • Posts: 4270
  • No Pain, No Gain
    • View Profile
    • Follow Me!
  • BitShares: fav
Re: Screen Shot
« Reply #5 on: November 26, 2013, 07:38:26 am »
looks really good!
Join us on Telegram: https://t.me/btstalk

Offline devilfish

  • Full Member
  • ***
  • Posts: 98
    • View Profile
Re: Screen Shot
« Reply #6 on: November 26, 2013, 09:07:16 am »
Good work guys, can't wait!
BTC: 1MqCxQ2qD7ZuS3ELFY43wfaBTbA2XkYwDP
PTS: PiuFEJHz6zScALgPWzcu2SDKtWJW4cnUFi
XPM: Af5qzgsEwWaHZdGUq8dUoHkhmH4XBmnGW9

Offline Sy

  • Full Member
  • ***
  • Posts: 91
    • View Profile
Re: Screen Shot
« Reply #7 on: November 26, 2013, 10:00:43 am »
Is Keyhotee forked from PTS? And if so, how can you use your PTS to credit your id if you have to mine them aka different private keys...
ptsweb.beeeeer.org Stats

Offline lib

  • Sr. Member
  • ****
  • Posts: 243
  • liberty
    • View Profile
Re: Screen Shot
« Reply #8 on: November 26, 2013, 10:31:54 am »
Thank you guys for the great work!
So excited about the coming holidays!
Forum Donation: PforumPLfVQXTi4QpQqKwoChXHkoHcxGuA
Personal Address: PakhuBkqTu4oTHJ4ZffvzVwCGCMfuqazgm

Offline Stan

  • Hero Member
  • *****
  • Posts: 2905
  • You need to think BIGGER, Pinky...
    • View Profile
    • Cryptonomex
  • BitShares: Stan
Re: Screen Shot
« Reply #9 on: November 26, 2013, 01:31:23 pm »
Is Keyhotee forked from PTS? And if so, how can you use your PTS to credit your id if you have to mine them aka different private keys...

Keyhotee is an application for secure interaction with people and DACs.  It does not have a tradable currency itself, but it will have a wallet for managing other currencies.  Its underlying block chain is for storing free Keyhotee IDs where just a little proof-of-work mining in the  background secures your free ID for a year.  As a user, you don't even have to think about this.  As long as you run Keyhotee about a day per year, your free ID is renewed.  If you get hit by a bus, your free ID name (not your associated private information) becomes available for someone else to claim after one year of no use.  IDs are not transferrable so there is no motivation to reserve names you don't plan to use.  Keyhotee Founder IDs, however, never expire.
Anything said on these forums does not constitute an intent to create a legal obligation or contract of any kind.   These are merely my opinions which I reserve the right to change at any time.

Offline Sy

  • Full Member
  • ***
  • Posts: 91
    • View Profile
Re: Screen Shot
« Reply #10 on: November 26, 2013, 01:33:28 pm »
Thanks for clearing that up :)
ptsweb.beeeeer.org Stats

Offline JustHayden

  • Full Member
  • ***
  • Posts: 105
    • View Profile
Re: Screen Shot
« Reply #11 on: November 26, 2013, 01:42:39 pm »
Is Keyhotee forked from PTS? And if so, how can you use your PTS to credit your id if you have to mine them aka different private keys...

Keyhotee is an application for secure interaction with people and DACs.  It does not have a tradable currency itself, but it will have a wallet for managing other currencies.  Its underlying block chain is for storing free Keyhotee IDs where just a little proof-of-work mining in the  background secures your free ID for a year.  As a user, you don't even have to think about this.  As long as you run Keyhotee about a day per year, your free ID is renewed.  If you get hit by a bus, your free ID name (not your associated private information) becomes available for someone else to claim after one year of no use.  IDs are not transferrable so there is no motivation to reserve names you don't plan to use.  Keyhotee Founder IDs, however, never expire.

How secure will this wallet be? It has to be the most top notch secure wallet you can have. If I were you guys I'd pay a few high end hackers to expose these security breaches (if there are any). Because one hack can completely destroy Keyhotees reputation, and fail.
PTS: PjUAPsLu76Yi9516zFgHqtFYs2sBbAMwUx
Keyhotee: 7hQmwpf8ujy6h9jRkR7MPFqKNij3DrLifoDaemUUjaHLiUsy4g

Offline cass

  • Hero Member
  • *****
  • Posts: 4311
  • /(┬.┬)\
    • View Profile
Re: Screen Shot
« Reply #12 on: November 26, 2013, 02:53:01 pm »
woah - i like it - Nice to see all in progress ...
█║▌║║█  - - -  The quieter you become, the more you are able to hear  - - -  █║▌║║█

Offline phoenix

  • Sr. Member
  • ****
  • Posts: 275
    • View Profile
Re: Screen Shot
« Reply #13 on: November 26, 2013, 05:05:28 pm »
I like what you've shown us so far, looking forward to seeing more screenshots :)
Protoshares: Pg5EhSZEXHFjdFUzpxJbm91UtA54iUuDvt
Bitmessage: BM-NBrGi2V3BZ8REnJM7FPxUjjkQp7V5D28

Offline Financisto

  • Newbie
  • *
  • Posts: 19
    • View Profile
Re: Screen Shot
« Reply #14 on: November 27, 2013, 02:40:49 am »
Nice to see such progress.

Keep up the good work!

Offline testz

Re: Screen Shot
« Reply #15 on: November 27, 2013, 06:18:24 am »
Very nice!

Offline fredafrica

  • Full Member
  • ***
  • Posts: 114
    • View Profile
Re: Screen Shot
« Reply #16 on: November 28, 2013, 02:03:15 pm »
Muito Legal!

Offline Pocket Sand

  • Full Member
  • ***
  • Posts: 118
    • View Profile
Re: Screen Shot
« Reply #17 on: November 29, 2013, 01:16:16 am »
Props to the development team, great job

Offline Lighthouse

  • Sr. Member
  • ****
  • Posts: 376
  • Making a Market in PTS since 11/06/2013
    • View Profile
    • Lighthouse Bulk Orders and Trusted Escrow (Closed)
Re: Screen Shot
« Reply #18 on: November 29, 2013, 01:34:33 am »
Will Keyhotee support Protoshares?  I notice it is missing from the list although Litecoin is there.
Before you say the price of PTS is too high, take a look at theThe Reason.  Protoshares are an entirely new type of Cryptocurrency, one that pays to hold.

Offline bytemaster

Re: Screen Shot
« Reply #19 on: November 29, 2013, 01:37:02 am »
It will support all alts that have the bitcoin API

Initial version will not support any wallet features. But they will be added quickly. 


Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline NineLives

  • Sr. Member
  • ****
  • Posts: 390
    • View Profile
    • BITCOIN TALK PROFILE
Re: Screen Shot
« Reply #20 on: November 29, 2013, 07:45:57 pm »
Looking good.

What kind of authentication are you looking to implement to ensure an account won't get hacked?

Eg:  Google Authentication maybe?
Keyhotee / BTSX:  Merah    PTS:  PskEDN4AeWc1trW4zV7DGGTQi3y5LeVhFR 

BTC Mining Hardware IN STOCK NOW:  http://www.mininghardware.co.uk

Offline bytemaster

Re: Screen Shot
« Reply #21 on: November 29, 2013, 07:50:31 pm »
Google auth is centralized.   I could use it in kehotee but the files would still be protected via aes.   

The only way to compromise your account is to hack your computer and guess your password.   




Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline NineLives

  • Sr. Member
  • ****
  • Posts: 390
    • View Profile
    • BITCOIN TALK PROFILE
Re: Screen Shot
« Reply #22 on: November 29, 2013, 07:58:18 pm »
Google auth is centralized.   I could use it in kehotee but the files would still be protected via aes.   

The only way to compromise your account is to hack your computer and guess your password.   


Sent from my iPhone using Tapatalk

This is the same common problem with all wallets.  It can be hacked.
I'm certain there is lots to do but i like the way Armory Wallet conducts its protection process so malware have a hard time logging..  Something to consider seems security part of Keyhotee's product.
Keyhotee / BTSX:  Merah    PTS:  PskEDN4AeWc1trW4zV7DGGTQi3y5LeVhFR 

BTC Mining Hardware IN STOCK NOW:  http://www.mininghardware.co.uk

Offline bytemaster

Re: Screen Shot
« Reply #23 on: November 29, 2013, 07:59:26 pm »
We want to use best practices. I will look into armory approach. 


Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline HackFisher

  • Hero Member
  • *****
  • Posts: 883
    • View Profile
Re: Screen Shot
« Reply #24 on: November 30, 2013, 01:02:27 pm »
Is Keyhotee possible to send mail to tranditional mail, e.g. Gmail etc? As Keyhotee ID is defferent from mail address?

Or is it use some third party service/plugin to build the communication from Keyhotee and Mail? Some miners provide api proxy service and using keyhotee-mail.org, than people can use Keyhotee to send mails to [email protected](keyhotee -- mail.keyhotee.org as gateway)? and someone at gmail send to someone(Keyhotee ID), by sending mail to [email protected] e.g.?
« Last Edit: November 30, 2013, 01:04:46 pm by HackFisher »
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline bytemaster

Re: Screen Shot
« Reply #25 on: November 30, 2013, 02:18:55 pm »
Some bridges may be possible but your security would be comprised


Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline HackFisher

  • Hero Member
  • *****
  • Posts: 883
    • View Profile
Re: Screen Shot
« Reply #26 on: December 01, 2013, 12:29:31 am »
Some bridges may be possible but your security would be comprised


Sent from my iPhone using Tapatalk

It may not part of Keyhotee, but api should be provided for third-parties(including invictus) to provide these services. Let users to select and trust providers themselves. These service provides belongs to the traditional world, but its ok, helping people circles migrate to the Keyhotee new world.

If Keyhotee can connect to the exsisting world of mail, wide users can easily accept it, help it spread quickly. It should not be an iland in the sea, should keep opened and connected.

Sent from my GT-N7100 using Tapatalk
« Last Edit: December 01, 2013, 12:33:03 am by HackFisher »
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline bytemaster

Re: Screen Shot
« Reply #27 on: December 01, 2013, 12:34:49 am »
We agree and will have a jsonrpc API to allow anyone to do this


Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline Troglodactyl

  • Hero Member
  • *****
  • Posts: 960
    • View Profile
Re: Screen Shot
« Reply #28 on: December 01, 2013, 07:16:05 am »
Are there plans for Keyhotee to support plugins?  My understanding is that a key feature of Keyhotee is directly establishing PKI secured TCP connections between users either through a blockchain or DHT for IP lookups, which could be readily usable for many features, some of which are undoubtedly too obscure to clutter the standard application by default.

Also, has Invictus had any contact with the RetroShare (http://retroshare.sourceforge.net/) team?  The identity and reputation management seems much more elegant in Keyhotee, but I'd love to see forums and even a full p2p social network in Keyhotee eventually.

Offline luckybit

  • Hero Member
  • *****
  • Posts: 2921
    • View Profile
  • BitShares: Luckybit
Re: Screen Shot
« Reply #29 on: December 01, 2013, 06:10:03 pm »
Looking good.

What kind of authentication are you looking to implement to ensure an account won't get hacked?

Eg:  Google Authentication maybe?

Why not use Yubikey? Anyway I think 2FA is absolutely necessary for Keyhotee. I think you would want to give multiple options, such as Yubikey, Google Auth, SMS msg, Email.

But if it is just a password on the computer then a keylogger is all it would take to retrieve the keys to the castle.
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

Offline bytemaster

Re: Screen Shot
« Reply #30 on: December 01, 2013, 06:18:37 pm »
Explain to me how all of those centralized solutions allow you to protect a private key on your computer.  The best approach is a hardware wallet which we will be happy to support.  But we also need recoverability.  Storing your wallet on a USB stick can provide some basic two factor auth. 




Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline JustHayden

  • Full Member
  • ***
  • Posts: 105
    • View Profile
Re: Screen Shot
« Reply #31 on: December 01, 2013, 06:24:25 pm »
Explain to me how all of those centralized solutions allow you to protect a private key on your computer.  The best approach is a hardware wallet which we will be happy to support.  But we also need recoverability.  Storing your wallet on a USB stick can provide some basic two factor auth. 




Sent from my iPhone using Tapatalk

Maybe once you get the ball rolling with Keyhotee after it's release to the public, you can work on releasing a USB stick made special to store your wallet on. Maybe even fit that USB to also mine when plugged in if that's possible? That would almost guarantee constant miners throughout Keyhotee's existence.
PTS: PjUAPsLu76Yi9516zFgHqtFYs2sBbAMwUx
Keyhotee: 7hQmwpf8ujy6h9jRkR7MPFqKNij3DrLifoDaemUUjaHLiUsy4g

Offline bitcool

  • Jr. Member
  • **
  • Posts: 46
    • View Profile
Re: Screen Shot
« Reply #32 on: December 03, 2013, 12:38:52 am »
It's inevitable that somebody will irrecoverably lose his private key or the key gets compromised, the stake can be very high ... so all we can do is say "tough luck"?

Offline bytemaster

Re: Screen Shot
« Reply #33 on: December 03, 2013, 02:26:43 am »
It's inevitable that somebody will irrecoverably lose his private key or the key gets compromised, the stake can be very high ... so all we can do is say "tough luck"?

Your only option is to back it up and risk theft.  IF you trust it to someone else then all you do is transfer the risks and introduce new risks.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline bitcool

  • Jr. Member
  • **
  • Posts: 46
    • View Profile
Re: Screen Shot
« Reply #34 on: December 03, 2013, 04:27:15 pm »
It's inevitable that somebody will irrecoverably lose his private key or the key gets compromised, the stake can be very high ... so all we can do is say "tough luck"?

Your only option is to back it up and risk theft.  IF you trust it to someone else then all you do is transfer the risks and introduce new risks.
So if Bytemaster's private key got stolen and become known by many, what's going to happen? I guess there need to be a public directory for all compromised IDs?

Offline bytemaster

Re: Screen Shot
« Reply #35 on: December 03, 2013, 04:29:51 pm »
It's inevitable that somebody will irrecoverably lose his private key or the key gets compromised, the stake can be very high ... so all we can do is say "tough luck"?

Your only option is to back it up and risk theft.  IF you trust it to someone else then all you do is transfer the risks and introduce new risks.
So if Bytemaster's private key got stolen and become known by many, what's going to happen? I guess there need to be a public directory for all compromised IDs?

The KeyhoteeID block chain allows you to cancel an ID, at which point you would have to rebuild your reputation under a new ID.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline robozombie

  • Jr. Member
  • **
  • Posts: 41
  • Technoholic
    • View Profile
Re: Screen Shot
« Reply #36 on: December 03, 2013, 10:19:37 pm »
Is Keyhotee forked from PTS? And if so, how can you use your PTS to credit your id if you have to mine them aka different private keys...

Keyhotee is an application for secure interaction with people and DACs.  It does not have a tradable currency itself, but it will have a wallet for managing other currencies.  Its underlying block chain is for storing free Keyhotee IDs where just a little proof-of-work mining in the  background secures your free ID for a year.  As a user, you don't even have to think about this.  As long as you run Keyhotee about a day per year, your free ID is renewed.  If you get hit by a bus, your free ID name (not your associated private information) becomes available for someone else to claim after one year of no use.  IDs are not transferrable so there is no motivation to reserve names you don't plan to use.  Keyhotee Founder IDs, however, never expire.
Are the founders IDs the only ones that will be on sale, Stan?
Robozombie

Offline robozombie

  • Jr. Member
  • **
  • Posts: 41
  • Technoholic
    • View Profile
Re: Screen Shot
« Reply #37 on: December 03, 2013, 10:22:45 pm »


Is there a Keyhotee client for the *nix family in the works, too?
Robozombie

Offline phoenix

  • Sr. Member
  • ****
  • Posts: 275
    • View Profile
Re: Screen Shot
« Reply #38 on: December 03, 2013, 10:27:43 pm »
Is Keyhotee forked from PTS? And if so, how can you use your PTS to credit your id if you have to mine them aka different private keys...

Keyhotee is an application for secure interaction with people and DACs.  It does not have a tradable currency itself, but it will have a wallet for managing other currencies.  Its underlying block chain is for storing free Keyhotee IDs where just a little proof-of-work mining in the  background secures your free ID for a year.  As a user, you don't even have to think about this.  As long as you run Keyhotee about a day per year, your free ID is renewed.  If you get hit by a bus, your free ID name (not your associated private information) becomes available for someone else to claim after one year of no use.  IDs are not transferrable so there is no motivation to reserve names you don't plan to use.  Keyhotee Founder IDs, however, never expire.
Are the founders IDs the only ones that will be on sale, Stan?

Only founders IDs will be sold for PTS given in exchange for a donation of PTS to help support the development of Keyhotee and other Invictus DACs. Normal IDs will be mined out for a little bit of CPU power, which any normal user should be able to do on a home computer.
« Last Edit: December 04, 2013, 03:25:56 am by phoenix »
Protoshares: Pg5EhSZEXHFjdFUzpxJbm91UtA54iUuDvt
Bitmessage: BM-NBrGi2V3BZ8REnJM7FPxUjjkQp7V5D28

Offline Stan

  • Hero Member
  • *****
  • Posts: 2905
  • You need to think BIGGER, Pinky...
    • View Profile
    • Cryptonomex
  • BitShares: Stan
Re: Screen Shot
« Reply #39 on: December 04, 2013, 01:43:21 am »
Is Keyhotee forked from PTS? And if so, how can you use your PTS to credit your id if you have to mine them aka different private keys...

Keyhotee is an application for secure interaction with people and DACs.  It does not have a tradable currency itself, but it will have a wallet for managing other currencies.  Its underlying block chain is for storing free Keyhotee IDs where just a little proof-of-work mining in the  background secures your free ID for a year.  As a user, you don't even have to think about this.  As long as you run Keyhotee about a day per year, your free ID is renewed.  If you get hit by a bus, your free ID name (not your associated private information) becomes available for someone else to claim after one year of no use.  IDs are not transferrable so there is no motivation to reserve names you don't plan to use.  Keyhotee Founder IDs, however, never expire.
Are the founders IDs the only ones that will be on sale, Stan?

Only founders IDs will be sold for PTS. Normal IDs will be mined out for a little bit of CPU power, which any normal user should be able to do on a home computer.

Founder's ID's are not sold.  They are small public recognition of people who have made a significant donation to development of Keyhotee - a contribution that goes above and beyond the call of duty.
Anything said on these forums does not constitute an intent to create a legal obligation or contract of any kind.   These are merely my opinions which I reserve the right to change at any time.

Offline Gekko

  • Full Member
  • ***
  • Posts: 84
  • Lunch is for wimps........ Greed is good.
    • View Profile
Re: Screen Shot
« Reply #40 on: December 04, 2013, 05:51:02 am »
Is there a Keyhotee client for the *nix family in the works, too?
Not knowing the answer I would say: it doesn't make sense otherwise, does it?
I couldn't use Keyhotee if it was Windows/Mac only, which would mean I could not be one of those to get the new proclaimed freedom because I use a free and open operating system. :)

Edit:
Wouldn't using a proprietary operating system like Windows make Keyhotee obsolete, because if the NSA controls the OS they also have control over the installed applications?
« Last Edit: December 04, 2013, 07:48:12 am by Gekko »

Offline bytemaster

Re: Screen Shot
« Reply #41 on: December 04, 2013, 03:33:50 pm »
Everything is cross platform based on Qt. 
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline robozombie

  • Jr. Member
  • **
  • Posts: 41
  • Technoholic
    • View Profile
Re: Screen Shot
« Reply #42 on: December 05, 2013, 02:45:00 am »
Nice to know that, Bytemaster! Thank you, Stan, Phoenix, for clearing that idea up :D I'm really excited about all these projects that are coming up! I know this is going to be BIG!
Robozombie

Offline ebay

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: Screen Shot
« Reply #43 on: December 06, 2013, 04:39:26 pm »
wo.......

Offline 0dayZh

  • Jr. Member
  • **
  • Posts: 33
    • View Profile
Re: Screen Shot
« Reply #44 on: December 16, 2013, 06:54:11 pm »
Nice work!
BTS ID: dayzh
keyID: dayzh

Offline earthbound

  • Full Member
  • ***
  • Posts: 120
    • View Profile
    • earthbound.io
Re: Screen Shot
« Reply #45 on: December 26, 2013, 09:03:34 pm »


:o

I'm frankly surprised and a little disappointed to see a screen capture where the profile registration requires that level of real-world information: full name, birthday, and SSN#/Passport#/Driver's License#??

I hope that the only way in which that information is used is as a basis to generate the public/private key pair tied to an identity? And if that is the case, why should the keys necessarily be generated from information which is itself mediated by any nationality? Furthermore, why is the required information given with a bias to the nationality of the United States?

Keyhotee will, I hope and believe, be part of a global information/currency freedom (and security) revolution. I therefore strongly suggest that the information used to create any identity be abstract enough to thoroughly disintermediate the generation of an ID from anything necessarily having to do with any one nationality.

I suggest changing the ID creation mnemonics to three "security questions," and providing a very long list of rather obscure questions which only someone who is not any kind of, uh . . . Superior Sibling . . . :) would know. I also suggest that the name and birthday fields be optional, and that they be labeled "full name OR alias" and "obscure identifying number" (with a suggestion that SSNs, etc. are not obscure enough.)

It should also offer a link to very specific suggested steps for absolutely securing the information provided to generate the ID (e.g. three different digital and three different paper backups, all secured at different physical locations where you can trust them to be absolutely safe), and it should very pointedly demand that this be the case before it will allow the ID to be created. For the paper backups, that should be printouts of the information tied to the id, sent in nondescript envelopes, to three different people or locations (in sufficiently diverse areas of the planet) whom you trust with your life.

(Hint: an internet search for "excellent security questions" offers some really good leads)

I'm also a bit alarmed by the push here in some comments to tie a service which is disintermediated by design into integration with other, mediated services, for "security??"

A good spy can tell you that if any important information of yours is controlled by a third party (in particular companies or organizations), it is not a matter of whether any adversary can cheat or extort to acquire that information, but how motivated and resourceful they are.

If any third party has access to any useful information about you, you should consider that information--and all information which is routed through that party--potentially public, period.

So, at the very least, if this aspect of the design of ID creation goes unchanged, I personally would recommend that anyone creating an ID provide harmlessly false instead of true information, if you want your Keyhotee ID absolutely secured.
I think I'm not alone when I say I'd like to see more and more planets fall under the ruthless dominion of our solar system. -Jack Handey

Offline bytemaster

Re: Screen Shot
« Reply #46 on: December 26, 2013, 09:52:25 pm »
All information is optional and was chosen merely because it is easy to remember for most users

It is used as a salt that makes attackers pick an individual




Sent from my iPhone using Tapatalk
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline earthbound

  • Full Member
  • ***
  • Posts: 120
    • View Profile
    • earthbound.io
Re: Screen Shot
« Reply #47 on: December 27, 2013, 03:25:37 am »
I see.

I didn't understand your second sentence there.  ???
I think I'm not alone when I say I'd like to see more and more planets fall under the ruthless dominion of our solar system. -Jack Handey

Offline bytemaster

Re: Screen Shot
« Reply #48 on: December 27, 2013, 03:43:04 am »
I see.

I didn't understand your second sentence there.  ???

It is one thing to guess all common pass phrases, but if you have to pair that with a name and SSN then your search gets much harder.  The attacker would have to choose to attack your brain wallet rather than 'any brain wallet using supercalifragilisticexpialidocious as a password'.

We also stretch the brain wallet with about 5 seconds of memory intensive computational time upon creation of your profile.
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline super3

  • Sr. Member
  • ****
  • Posts: 260
    • View Profile
Re: Screen Shot
« Reply #49 on: December 27, 2013, 05:13:42 am »
We will have polish that up later, but this is great progress! BitMessage is going to have a very bad day when this is released.

Offline VEscudero

  • Newbie
  • *
  • Posts: 9
  • Trustworthy Bitcoin Trader (https://bit.ly/BTrade)
    • View Profile
    • VEscudero's Blog
Re: Screen Shot
« Reply #50 on: December 27, 2013, 11:36:56 am »
We also stretch the brain wallet with about 5 seconds of memory intensive computational time upon creation of your profile.

Definitely it's good news to know that you are applying some countermeasures against brute force attacks. However in SQRL, as the master key should be rarely used, even importing an encrypted key with the right passphrase is delayed for 1 minute instead of 'just' 5 seconds.

Could it be possible to let users setup their own preferences to truly secure their master keys?

In my opionion, a delay like 5 seconds could be the default, nevertheless if the user choose an advanced or expert view, she should be able to adjust Keyhoote preferences to match her security needs from the very beginning.
« Last Edit: December 27, 2013, 11:42:51 am by vescudero »
★ VEscudero's service for Buying and Selling bitcoins ★
Bitcoins: 1VESCU4YLvNYhmTsJRgFKKn3bLFeeWtJm | PTS: PsxSZXwYw5vh2Nzi6aQvpEumdk8KoZrorz | VEscudero's Blog

Offline sharpayq

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: Screen Shot
« Reply #51 on: December 30, 2013, 11:05:23 am »
 :)

Offline arcke

  • Full Member
  • ***
  • Posts: 115
    • View Profile
    • Diaspora
Re: Screen Shot
« Reply #52 on: December 30, 2013, 04:23:06 pm »
About the year of birth input field. Personally I prefer to see the full year when I am entering this information, so instead of 65, I could choose 1965. Does anyone disagree? It would just have "smoothened" my first Keyhotee GUI impression, so I am bringing it up.
OpenPGP: 0x22d7e9cc35375665
PTS - PawnbhoiXhmkrKJEPAsCiwkpP81nRXJGTD
Diaspora profile - https://pod.orkz.net/u/arcke

Offline rysgc

  • Sr. Member
  • ****
  • Posts: 289
    • View Profile
    • DACZine.com
Re: Screen Shot
« Reply #53 on: December 30, 2013, 05:12:18 pm »
About the year of birth input field. Personally I prefer to see the full year when I am entering this information, so instead of 65, I could choose 1965. Does anyone disagree? It would just have "smoothened" my first Keyhotee GUI impression, so I am bringing it up.

Yeah that's more intuitive 
DACZine.com - Receive all the latest DAC and BitShares community news straight to your inbox. Signup here or Submit news

Offline kmtan

  • Full Member
  • ***
  • Posts: 55
    • View Profile
Re: Screen Shot
« Reply #54 on: December 31, 2013, 05:01:30 am »
not bad design for the UI