I think it is great to see Zoom investing more on security.
I am quite surprised to see many people reacted as if scrypt, Salsa 20, AES (which forms Keybase’s TripleSec) has been simultaneously cracked the moment the acquisition was announced and the encrypted keys are no longer safe and suddenly reverted to plain text.
I don’t think Zoom has any malicious intent (I think recent security news more likely has to do with negligence rather than malice).
I don’t think I need to delete my Keybase account, because although I don’t necessarily trust the company, maybe I can trust their algorithm.
These are exactly my thoughts too. Keybase encryption is built on sound principles, it would be hard to break that. I'll wait and see if I need to move off of it.
// , “It is not so important to be serious as it is to be serious about the important things. The monkey wears an expression of seriousness... but the monkey is serious because he itches."(No/No)
The question is what the new parent company (Zoom) intends to do. They might want to absorb Kaybase strong encryption and social proof features. That would be good. On the other hand, they could make Keybase weaker, which would be not good.
I'm definitely skeptical that this is good for keybase's core product. Zoom is drowning in money and growth from their core video conferencing product right now and really behind on security issues.
I think a public acquisition of a security/privacy oriented startup is as much about PR as anything. Maybe they don't even need keybase. I kind of get the sense that they're a pawn in a bigger chess game.
Zoom has been very aggressively investing in security after the scandals. They have hired Trial of Bits and some others to do a full security audit, and now this. Since Zoom will definitely become more integrated into more people's lives, I very much look forward to the improvements they will make.
We can be cynical all we want, but I keep being reminded that good people vastly outnumber bad ones. There was much pessimism when Microsoft acquired GitHub, but now we've got GitHub-wide CodeQL analysis! Without GNU we'd not have open source and GitHub in the first place, but without Microsoft we'd not benefit from open source as much, either.
// , “It is not so important to be serious as it is to be serious about the important things. The monkey wears an expression of seriousness... but the monkey is serious because he itches."(No/No)
According to former Facebook's CSO Alex Stamos (who's now consulting for Zoom), they plan to add end to end encryption for all paid users:
“The truth is that what Zoom wants to do with end-to-end encryption, nobody’s really done, so there’s no product that you could just slap onto Zoom to turn it into key encryption. That’s going to have to be thought out from the beginning for the specific needs of an enterprise,” Stamos told TechCrunch.
He says that the first goal is to come up with a more highly secure version of Zoom meetings with end-to-end encryption enabled. At least initially, this will only be available for people using the Zoom client or Zoom-enabled hardware. You won’t be able to encrypt someone calling in, for instance.
As for folks who may be worried about Keybase being owned by Zoom, Stamos says, “The whole point of the Keybase design is that you don’t have to trust who owns their servers.”
I'm personally lukewarm about Keybase (the company) due to some choices they made in the past:
the intrusive behavior, and harassment even, has only escalated. and then, of course, keybase adds cryptocurrency to the equation, which only drew in more strangers with unsavory social behaviors.
Hi @KeybaseIO, I’d love to know what you’re actively doing to prevent spam, abuse, and stalking on your platform. I’ve seen a giant increase in spam followers and dudes “chatting me up” over the last few months and you don’t seem to have a system in place to report any of this.
Hey @KeybaseIO, when you bribe people with your altcoin to join your app, you don’t get a community — you get the kind of people motivated by the idea they might see a payout on some iffy cryptocurrency. Guess what the overlap is with that & dudes who harass or annoy others?
I've been a professional C, Perl, PHP and Python developer. I'm an ex-sysadmin from the late 20th century. These days I do more Javascript and CSS and whatnot, and promote UX and accessibility.
I was reading their blog post last night. It's full of all the standard things, like how they're a great fit and they wouldn't normally do something like that except it was a great opportunity and they won't abandon their values.
I've heard all that before somewhere... where was it? Yeah, I think it was every company that ever got bought out.
Keybase was heading that way with the cryptocurrency thing already I guess.
// , “It is not so important to be serious as it is to be serious about the important things. The monkey wears an expression of seriousness... but the monkey is serious because he itches."(No/No)
👎 is all that I can say about this. I have zero trust in Zoom as a company, and thus this will not bode well for keybase. It basically became terminal.
I think it is great to see Zoom investing more on security.
I am quite surprised to see many people reacted as if scrypt, Salsa 20, AES (which forms Keybase’s TripleSec) has been simultaneously cracked the moment the acquisition was announced and the encrypted keys are no longer safe and suddenly reverted to plain text.
I don’t think Zoom has any malicious intent (I think recent security news more likely has to do with negligence rather than malice).
I don’t think I need to delete my Keybase account, because although I don’t necessarily trust the company, maybe I can trust their algorithm.
These are exactly my thoughts too. Keybase encryption is built on sound principles, it would be hard to break that. I'll wait and see if I need to move off of it.
This is kinda depressing. I liked Keybase for their social proofs and the features they did have were pretty nice.
Odds of someone else coming along to build on some of their ideas?
Some people already are: keys.pub/#install
Could be an application for something like 0bin.net/paste/FuAS3IdRoFs8p-CT#wP....
This link will expire in 24 hours due to the sensitivity of the technology discussed.
DM me with your public key if interested.
We shall see. Their client was open source, but the backend wasn’t.
I haven’t seen anything else in the open source community that uses social proofs, though in theory it shouldn’t be too hard to do.
The question is what the new parent company (Zoom) intends to do.
They might want to absorb Kaybase strong encryption and social proof features. That would be good.
On the other hand, they could make Keybase weaker, which would be not good.
I'm definitely skeptical that this is good for keybase's core product. Zoom is drowning in money and growth from their core video conferencing product right now and really behind on security issues.
I think a public acquisition of a security/privacy oriented startup is as much about PR as anything. Maybe they don't even need keybase. I kind of get the sense that they're a pawn in a bigger chess game.
It's sad. I used Keybase. I liked the product. But Im not sure if they were getting the traction needed either.
Yeah, totally agree with you. I guess Keybase is gonna be shutdown.
or abandoned.
Zoom has been very aggressively investing in security after the scandals. They have hired Trial of Bits and some others to do a full security audit, and now this. Since Zoom will definitely become more integrated into more people's lives, I very much look forward to the improvements they will make.
We can be cynical all we want, but I keep being reminded that good people vastly outnumber bad ones. There was much pessimism when Microsoft acquired GitHub, but now we've got GitHub-wide CodeQL analysis! Without GNU we'd not have open source and GitHub in the first place, but without Microsoft we'd not benefit from open source as much, either.
And I keep being reminded that nice herds of good, ordinary, credulous people are vastly out-manipulated by bad ones.
According to former Facebook's CSO Alex Stamos (who's now consulting for Zoom), they plan to add end to end encryption for all paid users:
from techcrunch.com/2020/05/07/zoom-con...
I'm personally lukewarm about Keybase (the company) due to some choices they made in the past:
from jenngineering.glitch.me/hello-worl...
I was reading their blog post last night. It's full of all the standard things, like how they're a great fit and they wouldn't normally do something like that except it was a great opportunity and they won't abandon their values.
I've heard all that before somewhere... where was it? Yeah, I think it was every company that ever got bought out.
Keybase was heading that way with the cryptocurrency thing already I guess.
Filed under Our Incredible Journey.
These guys have a history of selling out.
This is extremely depressing. I’m going to delete my Keybase account.
but give a chance and wait to see how it's going. This was the same thought when MS acquired Github but now the service is even more good.
W T F O _ O
This was always coming for keybase
👎 is all that I can say about this. I have zero trust in Zoom as a company, and thus this will not bode well for keybase. It basically became terminal.
No way! Not cool at all.
FYI Zoom says the product update (for Zoom) that includes encryption will be a paid product, which most likely means they'll be shutting down Keybase.
Heard that they are planning on moving Keybase to there Enterprise offering vi aTechCrunch, poor keybase..
Seems like Zoom has been the biggest winner from lockdown-case.
Works a little both ways. Personally, I found out about Keybase through these news.
Now, if Zoom won't screw up Keybase then seems like a good deal.