It's not immature at all. It's simply common sense. Would you hand some stranger on the Internet the private keys to your bitcoin wallets? Of course you wouldn't. Handing over your steem active key is no different. As for all those other apps which do the "same", none of them require your active key, just your posting key.
You are viewing a single comment's thread from:
Are you telling me that steemit.com, busy.org and esteem don't ask for your active key to transfer money? How do you transfer money on these apps without your active key? You're not making any sense...
Well, for most people, steemit is how they created their account in the first place. It's their wallet and has all their keys. The apps you listed are created by highly respected and trusted members of this community (but I still wouldn't give them my active key). You are neither of those things.
Also, if you'd tried using busy.org, you'd notice it doesn't even ask you for your active key and you sign in with your posting key through SteemConnect. Chainbb uses you posting key as well and they even provide a warning not to use your active key.
How do you transfer money on those apps? I don't know as I don't use them and don't even know if you can. I do use esteem, but only for notifications as the app is too buggy and slow for me to use for anything else.
Just like I wouldn't give people my bitcoin private keys, I sure as hell ain't giving people my steem active key for the exact same reason.
You're not giving me your active key either. You're putting it in a form that is designed the same way steemit.com, busy.org and esteem are designed. If I wanted to steal your key, I wouldn't be an idiot to put my code on github for everyone to see.
Why not? We know know that most users are not going to check the code on github. I'm not going to waste my time checking that code either to see if what you're saying is true. Besides, what's even the point of this service you've created when I can do the exact same thing using steemit anyway?
Here's are the facts:
Not throwing around the private keys that control the funds in your wallets in cryptocurrency security 101.
Ask those who use the service. Doing it manually on steemit.com or busy.org or esteem is going to take you forever. You don't check the code for steemit either yet you trust your active key with it. That's the hypocrisy that I was talking about. I doubt you would understand the code anyway so obviously you wouldn't check it. The point that I was trying to make was that the trust behind apps like steemit comes from the code being visible to the public. You still don't seem to get it... Oh well!