In a previous post, we discussed Keybase, a clever company that is solving a lot of the classic problems that users have had with PGP: managing keys, verifying identities, trusting third parties, and user experience. I also mentioned that Keybase insures iteself against an attack on its servers by writing the root of its Merkle tree into the blockchain. In this post, we’ll explore what this means, and go through the process of verifying this ourselves step-by-step.
Encryption is a topic that has fascinated me for years, less because of its mathematical basis than its applications, both existing and potential. By far my favourite project in this realm is Keybase. Keybase cleverly solves several major problems with PGP-based encryption technology by taking the attitude that online, your identity is functionally the sum of your online profiles. With Keybase, you can automatically verify that @cjlaing on twitter has a particular key, and can encrypt messages or files for him without having to ascertain and validate his key through some other medium.
Many years ago, I had a blog. Being perfectly honest, it wasn’t a very good blog; it consisted mainly of rants of one kind or another, inane musings, and the occasional photo from my holidays. On the modern web, social media is the default depository for said rants, musings, and photos, and so I had no need of a dedicated space on my website to share them. However, it occurred to me recently that I now share quite a bit of material relating to my work and academic interests; blog posts, interesting new projects, snippets of code, or more general articles related to science and technology.