Zoom has acquired Keybase

Techcrunch: Zoom acquires Keybase to get end-to-end encryption expertise

Keybase never really developed an actual business model from what I can tell, so this is not all that surprising in some ways.

This seems like it must be a direct response to the very public security issues they've had. It's rare you see such direct cause and effect with this kind of thing.

About Zoom's issues...

A semi technical explainer of all known Zoom issues

rhymes ・ Apr 5 '20

#healthydebate #zoom #security

Comments

[🦄N B🛡]

Filed under Our Incredible Journey.

Vene in pacem, requiescat in pacem.

These guys have a history of selling out.

[N3U2O]

W T F O _ O

[Michiel Hendriks]

👎 is all that I can say about this. I have zero trust in Zoom as a company, and thus this will not bode well for keybase. It basically became terminal.

[Pankaj Sharma]

This was always coming for keybase

[Madza]

Seems like Zoom has been the biggest winner from lockdown-case.

[emTr0]

No way! Not cool at all.

[emTr0]

FYI Zoom says the product update (for Zoom) that includes encryption will be a paid product, which most likely means they'll be shutting down Keybase.

[rhymes]

According to former Facebook's CSO Alex Stamos (who's now consulting for Zoom), they plan to add end to end encryption for all paid users:

“The truth is that what Zoom wants to do with end-to-end encryption, nobody’s really done, so there’s no product that you could just slap onto Zoom to turn it into key encryption. That’s going to have to be thought out from the beginning for the specific needs of an enterprise,” Stamos told TechCrunch.

He says that the first goal is to come up with a more highly secure version of Zoom meetings with end-to-end encryption enabled. At least initially, this will only be available for people using the Zoom client or Zoom-enabled hardware. You won’t be able to encrypt someone calling in, for instance.

As for folks who may be worried about Keybase being owned by Zoom, Stamos says, “The whole point of the Keybase design is that you don’t have to trust who owns their servers.”

from techcrunch.com/2020/05/07/zoom-con...

I'm personally lukewarm about Keybase (the company) due to some choices they made in the past:

the intrusive behavior, and harassment even, has only escalated. and then, of course, keybase adds cryptocurrency to the equation, which only drew in more strangers with unsavory social behaviors.

from jenngineering.glitch.me/hello-worl...

Laura

@alicetragedy

Hi @KeybaseIO, I’d love to know what you’re actively doing to prevent spam, abuse, and stalking on your platform. I’ve seen a giant increase in spam followers and dudes “chatting me up” over the last few months and you don’t seem to have a system in place to report any of this.

11:50 AM - 21 Nov 2019

39 109

Anil Dash 😷

@anildash

Hey @KeybaseIO, when you bribe people with your altcoin to join your app, you don’t get a community — you get the kind of people motivated by the idea they might see a payout on some iffy cryptocurrency. Guess what the overlap is with that & dudes who harass or annoy others?

17:49 PM - 01 Dec 2019

19 72

[Thai Pangsakulyanont]

I think it is great to see Zoom investing more on security.

I am quite surprised to see many people reacted as if scrypt, Salsa 20, AES (which forms Keybase’s TripleSec) has been simultaneously cracked the moment the acquisition was announced and the encrypted keys are no longer safe and suddenly reverted to plain text.

I don’t think Zoom has any malicious intent (I think recent security news more likely has to do with negligence rather than malice).

I don’t think I need to delete my Keybase account, because although I don’t necessarily trust the company, maybe I can trust their algorithm.

[Ryan Collins]

These are exactly my thoughts too. Keybase encryption is built on sound principles, it would be hard to break that. I'll wait and see if I need to move off of it.

[Yufan Lou]

Zoom has been very aggressively investing in security after the scandals. They have hired Trial of Bits and some others to do a full security audit, and now this. Since Zoom will definitely become more integrated into more people's lives, I very much look forward to the improvements they will make.

We can be cynical all we want, but I keep being reminded that good people vastly outnumber bad ones. There was much pessimism when Microsoft acquired GitHub, but now we've got GitHub-wide CodeQL analysis! Without GNU we'd not have open source and GitHub in the first place, but without Microsoft we'd not benefit from open source as much, either.

[🦄N B🛡]

And I keep being reminded that nice herds of good, ordinary, credulous people are vastly out-manipulated by bad ones.

[Ben Sinclair]

I was reading their blog post last night. It's full of all the standard things, like how they're a great fit and they wouldn't normally do something like that except it was a great opportunity and they won't abandon their values.

I've heard all that before somewhere... where was it? Yeah, I think it was every company that ever got bought out.

Keybase was heading that way with the cryptocurrency thing already I guess.