• 0 Posts
  • 8 Comments
Joined 1 year ago
cake
Cake day: June 17th, 2023

help-circle


  • A pass key is the private key in a private/public key pair. The private key is stored in the TPM on your device. The website contains the public key. When you use your “one password” you’re in effect giving your device permission to access the key storage in your TPM to fetch the private key to present it to the site.

    What this means in practice is that if a website has a data breach they won’t have your hashed password, only your public key which… is public. It doesn’t and can’t do anything on its own. It needs the private key, which again only you have and the website doesn’t store, to do anything at all.

    If you want to read more about it look into cryptographic key pairs. Pretty neat how they work.




  • Worst they can do is deny me entry to the country

    Well the worst they can do is

    Put me on a no-fly list, terrorist watchlist or even arrest me

    Not having jurisdiction has famously never stopped China. Just ask Tibet. Or any country that wants to sail international waters in the south China sea. Or Hong Kong. Or Taiwan.

    Lastly, You are correct about China not sharing data with FVEY countries but don’t think for a second that they are not sharing that info with Russia, Iran, or any other countries that actively seek to harm.

    If a country is going to in some way use my data against me, I’d at least like to know the language and what my rights in that country are.