[littlestymaar]

That's a fundamental problem with cryptographic security: you cannot trust people to manage your keys for you (because due to lack of regulation preventing that companies have this bad habit of pulling the rug under their customers' feet) but you cannot trust yourself doing that either, because you can, and will, make mistakes.

[patrakov]

It's worse: there are regulations (called "sanctions" and "KYC") that force companies to pull the rug.

[littlestymaar]

Idk if it's “worse” but yeah sanctions are a serious problem for the many people who happen to have family ties with the “wrong” countries.

[prmoustache]

My rule of thumb is if for some reason you need to use crypto keys that can't be easily replaced, you need to have a safe at the bank with the keys stored in 2 differente media formats, that are recreated every year.

I don't trust many people to do that.

I have everything encrypted and self hosted and I sometimes wonder what I would do if I was suffering from amnesia after an accident for example. And having a note somewhere telling me I have a safe in bank X is the only solution I have found.

[gertop]

> I have everything encrypted and self hosted and I sometimes wonder what I would do if I was suffering from amnesia after an accident for example.

Ah! I have the exact same recurring worry, it's very unpleasant. I'd really prefer to keep home media unencrypted, but the thought of a robber seeing my tax returns or photos of my infant daughter is constantly at the back of my mind.

[littlestymaar]

> the thought of a robber seeing my tax returns or photos of my infant daughter is constantly at the back of my mind.

Even worse is the eventuality of them getting their hand of a picture of your ID card or passport, or whatever they can later use to steal your identity. Identity theft is nightmare stuff.

[pydry]

I've always wanted a decentralized solution that lets me trust my friends instead.

[eru]

You can use a threshold secret sharing scheme to distribute your keys amongst your friends (and amongst companies).

This way you don't need to trust any single one of your friends to be 100% honest nor 100% available.

[littlestymaar]

I know how to do that in theory (I've worked with Shamir secret sharing on elliptic curves before) but you don't have the option to do that in LUKS, so in practice you can't use it.

[pydry]

Thats kind of my point.

you could rsync files before you could Dropbox too, but there was still a need for a Dropbox.

[eru]

> [...] you cannot trust people to manage your keys for you (because due to lack of regulation preventing that companies have this bad habit of pulling the rug under their customers' feet) [...]

Huh? There's plenty of already existing legal ways to do that. Just leave your key with your lawyer or a notary, and existing regulation about fiduciary duty handle everything just fine. You can also make normal private contracts that stipulate fiduciary duties, courts will enforce those contracts just fine.

As a technical alternative (or augmentation), you can also use a threshold secret sharing mechanism to store your keys amongst your friends and/or with companies.

Now what you can complain about is that there is no convenient way to do all of this. And that's a very legitimate complaint! Convenience is important.

However, the way to get convenience is not via regulation.

[littlestymaar]

> Just leave your key with your lawyer or a notary > […] > However, the way to get convenience is not via regulation.

Fun fact: the reason why giving it to your lawyer or a notary works is exactly because of regulation regarding these professions. Without regulations, there would be no such alternative.

[littlestymaar]

> However, the way to get convenience is not via regulation.

It is, because no company is ever going to give you the convenience you want at their own expense ;)

[eru]

Well, obviously the customer only gets the convenience they are willing to pay for. Competition should help keep those costs down.

[littlestymaar]

The blind faith some people have in markets and competition despite all evidence always leaves me in awe.

[eru]

I'm not sure what you mean by 'despite all evidence'?

You can also write:

> The blind faith some people have in [regulation and government] despite all evidence always leaves me in awe.

In any case, markets ain't perfect. They are made of people, after all. But they are better than the alternatives. And most importantly: if you don't like what's on offer, you are allowed to get an alternative without going to jail.

[littlestymaar]

> The blind faith some people have in [regulation and government] despite all evidence always leaves me in awe.

The Western world and Asia is a pretty good evidence that government works. If you want the libertarian dream of no government, you can go to Somalia, or South Sudan, or Yemen, or whatever failed states you can think about.

> And most importantly: if you don't like what's on offer, you are allowed to get an alternative without going to jail.

Oh sure you won't go to jail, but the alternative doesn't exists so you can't get it either. Like the convenient safe storage we both wish it existed.

In totalitarian dictatorship, you can't build such a tool without getting murdered or jailed, in totalitarian Capitalism you can build it but it will eventually be blocked from reaching any significant room on the market because of big corps or if you raise money from VC in order to get the marketing you need, it will eventually be bought out by one of the big player who will close or enshitify it.

The good alternative is what's called democracy, where the sovereign people vote for things instead of leaving the power to the party or the market.

[eric_cc]

> Just leave your key with your lawyer or a notary, and existing regulation about fiduciary duty handle everything just fine.

Would you really trust your lawyer with your bitcoin seed? If they stole everything from you, how would you even prove it?

[eru]

I would definitely trust my lawyer with my bitcoin seed.

But the whole thing depends on how much you own in bitcoin.

If it's a whole lot, check how other people in more traditional domains are dealing with their lawyers or notaries handling these sums. (For one, it's a bit easier with bitcoin, because you don't need to tell your lawyer or notary what you are giving them. And you can encrypt the private key data with something derived from an easy to remember password. It doesn't need to be 100% cryptograhpically secure, it just needs to lower the temptation for your lawyer.)

Btw, I think the bigger problem in practice wouldn't be your lawyer stealing from you, but your lawyer somehow losing your data.