I don't quite know how to feel about this. Perhaps it is my mistrust against Zoom, but I did enjoy the run Keybase had as a semi-independent key and ID manager.
Yeah, with the recent issues they had after doing the cryptocurrency stuff (which didn't really bother me, but it definitely seemed to generate some negative feelings in general), this feels like a poorly-timed move.
Zoom is presumably going for "look, we are bringing on-board this team of trusted people who understand privacy", but I think most are just going to assume it'll work the other way and Zoom's culture of poor security practice will bleed into Keybase over time.
Why? Keybase's product is team chat. Zoom wants to kill Slack. Seems perfect.
(Keybase's crypto stuff is nifty, but we all know there is no money in that. They tried to make money by integrating cryptocurrency, and people did NOT seem to like that. So here we are.)
Isn't the point of Keybase that they let you control the private keys? I don't use it so I don't know, but my impression was that they were trying to make encryption and key management easy.
Eric Yuan is at least socially vulnerable to the PRC, before the question of whether he is collaborating. Zoom is mostly developed in PRC, and they were found to have architected their system in an impractical way which “just happened to” expose customer secrets to the PLA.
I just don't find it that plausible that Zoom was accidentally architected in the singular boneheaded way that could send the only keys necessary to decrypt sessions, to servers in a country where those keys can be, and regularly are, secretly compelled from the people transporting them (inb4 somebody plays whataboutism with NSA, yes, it's bad when the U.S. does it too, but NSA doesn't mean to compromise U.S. national security).
That country happens to be the PRC, which is seemingly on the verge of an aggressive war with the U.S. over, among other things, their insistence on illegitimate claims to international waters in the South China sea.
This is precisely why Zoom is acquiring Keybase. Zoom seeks to become the single "remote work tool", challenging Dropbox, et al. directly.
I'm particularly disenchanted with the growth of these multipurpose tools, but I am not their target audience. (Nor, I suspect, are many HN participants, but this is a baseless guess.) I suppose I'm more of an adherent to so-called "UNIX philosophy"--the best, single-purpose tool for each task, preferably that can be combined with its like for a solution customizable to how a specific user gets work done.
> Zoom seeks to become the single "remote work tool", challenging Dropbox, et al. directly.
Maybe they should work on the fact I can run Zoom in screen share and just about nothing else. Just entering a call for me takes ~75% of my CPU and I beach ball regularly when screen sharing lightweight text editors doing barely more than scrolling and typing.
Likewise. My friends and I have been using it throughout the pandemic to chat, I've been using it for years, but we're all deleting our accounts this morning. All around unsettling news as far as keybase software goes. Congratulations keybase team, though.
I used to use Telegram and I really enjoyed it, but it's a bit limited in its professional uses. I'd use it for chat again for sure. I'd love to find something a little more 'work friendly', though.
I use it for shared network storage, frictionless private git repoisitories, basic static web hosting, personal and work chat, and I make heavy use of the teams feature. Not a day goes by I don't use it for something.
Looks like it wasn't a good idea to leave your private keys in Keybase's servers was it?
Perhaps the moment that Keybase took VC funding a while back, it was over to begin with and the principles of being a "Slack competitor" and respecting their users privacy went straight out of the window and into the bin.
I really had high hopes for Keybase as a Slack competitor, the cryptocurrency stuff I actively ignored, but this is a disaster.
It was well-intentioned. For a time, Keybase provided users the option to upload their private keys so they didn't have to maintain them themselves. You could just log into Keybase and send signed messages, decrypt messages, etc without the hassle of managing your keys locally. It was definitely a bad idea and I think they dropped it a few months/years later, but it at least wasn't totally out of left field.
They don't have access to your unencrypted private key, it's just a backup of your private key which is encrypted by (hopefully) a very strong password.
I believe the argument is that a private key encrypted with a password is not cryptographically different from a plaintext private key. The password is more of a "keeping honest people honest" kind of thing, than true security. If it was truly secure, then you'd be using a new private key to encrypt your real private key, and then you're back to where you started. Cryptography is hard, which is why I was such a big fan of Keybase trying to fix it for real people :)
Edit: This has a received a few downvotes. If I'm wrong here, I'd really like to know why! I thought this explanation was correct and clear.
> I believe the argument is that a private key encrypted with a password is not cryptographically different from a plaintext private key.
You have it backwards. On principle an encrypted anything (key in this case) is of zero value to anyone. It does’t matter if you tweet encrypted messages every 30 seconds to millions of followers or not: they're encrypted.
When you use a password to encrypt, and you (or your client/agent) selects an appropriately sophisticated suite, you end up seeding a KDF with your password and then using the resulting data as the actual “private key” (its just a symmetric key, no public/private). If your password has enough entropy, then the resulting key is perfectly secure.
In practice people are paranoid. “If the key is on Keybase’s servers, someone could get it and brute force decrypt it.” It’s almost pop culture fallacious, though, because if you believe someone can do that, then they can just as easily brute force the actual key. In practice people use shitty passwords, and crypto weakens as time moves forward, there are good and bad algorithms, and the whole point of a public key infrastructure is to keep private keys off the wire. So it’s generally seen as bad form to copy private keys around, even if they're encrypted. We’re still pretty far on the spectrum here because if your crypto breaks you have to rey key everything anyway. Not just re-encrypt unchanged private keys.
At the end of the day you're either copying a private key around or you aren't. And you should probably avoid situations where you need to do that because there are better ways to PKI. If your threat model can tolerate encrypted key backups and key sharing, then go for it. But that should be something you control.
Hmmmm... so wouldn't you agree that a percentage of keys would be decryptable by iterating over all encrypted files of all accounts using password dumps? Seems like a good way to decrypt maybe 10%. Still sounds like a major problem, though.. not at the individual level, but at the systems level.
If people have bad passwords, that makes brute force recovery of the private key on a Keybase server plausible, right? At least a lot more so than the whole key from scratch. I'd assume that a machine generated key has more entropy than any password that a human can memorize.
If sharing a password-protected private key is perfectly safe, why bother having them? Why don't PGP users just password protect everything?
Above all else though, is there an authoritative source that can answer these questions? As a run-of-the-mill programmer, I don't really understand how crypto works well enough to trust my own common sense here. It's been drilled into my head that there are certain rules to follow set out by people who do know what they're doing. And when people say "it's all good, it's password protected", and I'm not sure what their credentials are, I get a little nervous. I did notice that Werner Koch uses Keybase, but if they could simply point to an "okay" from him or Zimmerman explaining the situation, it would be settled. To me anyway, it's not simply an abundance of caution ("paranoia"), it's that something seems fundamentally wrong with the approach and I just don't know the actual cost.
> If sharing a password-protected private key is perfectly safe, why bother having them? Why don't PGP users just password protect everything?
What’s “sharing” here? You “share” an encrypted private key with Keybase so you yourself can recover it back from anywhere using the password that you know. PGP, meanwhile, is used for communication with people who are not you.
> If people have bad passwords, that makes brute force recovery of the private key on a Keybase server plausible, right? At least a lot more so than the whole key from scratch.
Yes. If you want to upload an encrypted copy of your key to someone you wouldn’t trust with the key, you should use a strong password.
> I'd assume that a machine generated key has more entropy than any password that a human can memorize.
That’s not a correct assumption, but your password doesn’t have to be more complex than the key to be safe against brute force anyway, especially when work is added with scrypt (which is what Keybase uses).
I think people are confusing things a bit here. Sure, you can protect your pgp key with a password, but I don't think that adds a whole lot of security to your uploaded private keys. When you upload a pgp key to keybase, it encrypts the key again, using your keybase device key. So its double encrypted, basically.
The keybase model revolves around devices. Device keys are private keys that are tied to a particular device (your phone, pc, etc) and never leave that device (unless it gets compromised somehow). The only way you can decrypt your data on another device is by registering it using another authenticated device. These keys don't have passwords.
Its basically like encrypting a pgp key with another pgp key, and uploading it somewhere, like people upload all manner of secrets to github or s3 or whatever.
Keybase just provides an easier flow to register new devices and to import and decrypt your secrets (like via a QR code scanned by your phone, for example). Your private keys are as secure as any private, encrypted piece of data that you might send out over the wire, so long as your devices are secure, that is.
If one or more of your devices gets owned, all bets are off, AFAIK. Even if you set a passphrase on your pgp key, all it takes is a key-logger to get it. And since your device is already compromised...
This is where hardware keys win out (yubikey, etc), that require a physical touch to unlock.
DISCLAIMER: I really only have a layman's understanding of crypto.
Thank you. If that's true I wish they would have just said so when people started complaining about it on Github. Everybody seems to have a different take on this.
Assuming what you're saying is correct, it seems much more sensible. It almost makes the PGP key seem superfluous, though I suppose it help with legacy this way.
It still seems not ideal, in that having one device compromised would give away your main private key and thus your whole identity. It would be nice to have it be some sort of subkey situation. I'd have to think about how that would work.
>It almost makes the PGP key seem superfluous, though I suppose it help with legacy this way.
This is actually one of the best "features" of keybase. They've backed everything by some strong pgp crypto roots, but none of their stuff really "operates" using pgp. The fact that they have abstracted it, in my opinion, is part of why people have adopted it so easily.
At the end of the day, your keybase device key is, itself, simply encrypted with your keybase password. The point I've been trying to make clear is:
> Your private keys are as secure as any private, encrypted piece of data that you might send out over the wire, so long as your devices are secure, that is.
> When you upload a pgp key to keybase, it encrypts the key again, using your keybase device key.
Except that long time ago, when device keys didn't even exist, there was a feature on Keybase website that allowed to upload a PGP private key encrypted only by your account password (which was never transmitted to Keybase in plaintext though – it was scrypted in browser when logging in, too – but this still means your private key was as secure as your password, which isn't a good practice in my opinion).
Well, you still have to trust them not to ship a website update where the client side scripts would leak your decrypted private key :)
To be fair, you also have to trust native apps and browser extensions the same way. But with websites, the risk of a sudden and targeted (not noticed by the general public) update is much greater!
Which is why they push you towards not using the website, and also explain how they (through some steps) put their application version's hashes into the bitcoin blockchain.
And the client is open source, which iirc includes being built by distribution's maintainers/build servers instead of Keybase.io.
No, they didn't. There is an option to have Keybase sync a [backup] copy of your private key(s) between your devices for you but the key is encrypted by you. And, none of their stuff like chat or git etc. depends on using/accessing those keys in anyway (they built out their own domain-applicable pki for that—in other words, chat doesn't use pgp). It’s just a convenience option for those who want it and it’s not the default.
Or, maybe Keybase needs video, and Zoom needs chat and security, in order to compete with the new wave of “productivity” suites. Why would Keybase suddenly be a failure or get worse in the security department because they are owned by a successful video conferencing company?
It's deeper than "Chat Security". There is current litigation against Zoom marketing of the misuse of 'end to end' encryption. This is the best way forward of claiming ineptitude and their path to rectify.
honestly the real security fail in keybase seemed to be users flocking to add every single social media identity to their keybase account, allowing anyone using the public API to remove all doubt that greg1234 on twitter == karl5912 on reddit == john1005 on HN, etc.
scrape all those social media posts, reddit subs, etc. and you've probably got a solid idea of who that user is. all under the guise of public FLOSS stuff.
> Zoom does not and will not proactively monitor meeting contents, but our trust and safety team will continue to use automated tools to look for evidence of abusive users based upon other available data.
> Zoom has not and will not build a mechanism to decrypt live meetings for lawful intercept purposes.
> We also do not have a means to insert our employees or others into meetings without being reflected in the participant list. We will not build any cryptographic backdoors to allow for the secret monitoring of meetings.
One court + gag order and all of these promises are out the window.
warrant canaries must be written in the past tense. This is future tense. So they can monitor millions of calls, and give your information away at every second. This text only tells you about the next second (a promise they will break too, but then the text will be about the next second)
I think yes: they lack the technical infrastructure to decrypt the meeting in real time (which totally makes sense), rather than they have no plans to buid any infrastructure to decrpyt it afterwards (which cannot be guaranteed against a hostile actor).
And how long of a delay counts as no longer "live"? After the meeting ends? Five seconds? A millisecond? Does the latency to the server mean it's not "live", since it happened in the past?
I thought warrant canaries had to be in financial reports because those are one of the documents where companies are legally cannot lie under SEC rules?
The statement about lawful intercept can only be considered a blatant lie. It’s a requirement in China and CALEA applies in the US. Europe, India and Australia have their own laws around this.
What do you expect them to do? Hire a PMC and fight a war with the police when they come around to raid the server room? Go into hiding so that the security agency can't steal the upgrade signing key from them?
We can't expect all of the internet to operate like Wikileaks and The Pirate Bay. If the justice system is broken, then the people aren't safe.
>What do you expect them to do? Hire a PMC and fight a war with the police when they come around to raid the server room? Go into hiding so that the security agency can't steal the upgrade signing key from them?
No, we want them to assume the same thing we are assuming. That if their service becomes successful, they will be coerced to compromise their users, regardless of how frequently they promise that they would never do so.
If they are even bothering to make public announcements like this, then that means they believe the security of their system can be founded on the honor of their employees. It's important to recognize that this isn't even true if you assume every member of their team is an uncorruptible seraphim.
Instead, where possible, the service should be zero knowledge, where not possible, it should be considered insecure.
Building reasonable end-to-end encryption in the first place isn't rocket science. In fact, Keybase have done just that. As well as WhatsApp, Signal, and many others.
It also does not say that they have not provided key material or RNG output, or that they have not deliberately weakened any aspect of their design other than "cryptographic backdoors" to accommodate law enforcement desires.
These kinds of statements are typically most usefully interpreted as a template for the kinds of things they plan to do, just maybe not exactly in that way.
Given the security concerns around Zoom, and the apparent lack of QC that might have prevented those concerns, this news is appalling. I love Keybase, it's used by many people, but I suspect it will now die a quick death. More accurately I suspect it will slide into a coma - not quite dead, but not in wide use anymore either.
Yeah holy crap. I've been a big fan of Keybase since they launched, but this is a deathknell. I guess I'm not too surprised, Keybase didn't seem to have a business model, but still, disappointing that they're going to go into death this way.
Attention people starting businesses: VC funding is fun and all, but please, have a business model. Your users and employees depend on it.
The plan was to get acquired. As much as I've liked Keybase the product, their steadfast refusal to ever come up with a way to make money has always made me suspect they were doing the typical Silicon Valley thing: just burn funding until a bigger company notices and buys you.
> So perhaps better advice is, start a business even if you don’t have a plan and someone may buy it anyway.
A better world for your personal pocketbook maybe, but certainly a worse world for the rest of us. I wouldn't characterize that as "better" in any general sense.
Sometimes, acquihire is the business model. It makes money for the VCs and money for the founders. It's just the fools^wconsumers who bought in early (and the non-essential employees) who get the shaft.
What's our business model, how are we making money? Umm... don't ask me - I'm just the founder!
The sad thing is that you need to remind people of it. I would never start a business without an idea of a viable business model for it. What do they expect? Growing until they are too large to fail and then ... Godot arrives and everything is fine?
I don't have much respect for zoom's security practices, while I do have much respect for the keybase team.
Perhaps this is Zoom's way of admitting that there is no way they can just solve the problem internally by keeping doing what they're doing and they need to get some fresh blood and build upon good practices designed outside their current culture.
That, and this is probably in large part a marketing/PR move.
Public perception of zoom/security is "beyond horrible", thus visibly spending lots of money on an acquisition of a very well respected name in security helps them polish that image at least a little.
And who knows, maybe they'll even work on actually improving security. Always the hopeless romantic/optimist, me. ¯\_(ツ)_/¯
I'd say you overestimate that. Perhaps 0.01% of the public knows that Keybase exists and has a bad opinion of Zoom security. Expert's opinion is important, but does not automatically become general perception.
(Anecdatum, I'm far from a security expert. I know that Keybase exists, even have an unused account; I use Zoom for work and don't blame them for not locking up tighter. Their blog post on the topic sounded reasonable to me.)
> Perhaps 0.01% of the public knows that Keybase exists and has a bad opinion of Zoom security. Expert's opinion is important, but does not automatically become general perception.
This is true, but perhaps a bit short-sighted. Expert opinion on Zoom is "avoid it like the plague". This does not automatically become general perception, true, but:
- Over time, expert opinions have a marked effect on adoption by non-experts in their vicinity. See the adoption of Firefox, or Google Chrome, for example.
- For a social networking platform, powerful well-connected never-adopters can pose a problem both to growth and to a budding monopoly. If CIOs and CISOs say, "Zoom over my dead body", that will tend to discourage adoption and encourage development of good alternatives.
Zoom may be also managing the perceptions. Some users will jump to conclusions that the aquisition means integration, like an plug-in, bam! the bad part swapped with a good one.
Hiring consultants may be perceived like starting an investigation, not getting the fix now.
The question remains how soon and how true this will translate to the stated goal of true end to end encryption.
It seems that we live in an era where if you made bad decisions in the past, you can never be trusted to make good decisions ever again. Even if you own your bad decisions and show lots of improvement.
Zoom's decisions did not feel like mistakes so much as an expression of their values. The company repeatedly prioritised ease of use while doing the absolute minimum on the security front. Are there any grounds to believe that that calculus has changed?
No, but now they see that the minimum is not where they had thought. As someone who does security professionally, of course a business wants to do the minimum necessary for security. The point of security systems is to break things that would otherwise work.
TLS is there to break sessions that would work under TCP. GPG is there to tell you to discard some mail.
Zoom is getting the shining light of attention globally. Even human beings, in these situations, start to act more conscientiously, and then believe their own morality after the fact!
I believe the keybase acquisition demonstrates this a bit - because they will get zero public goodwill from this - nobody on Main St. knows are cares what Keybase is, this won't be on CNN so they are probably very much trying to make things better.
Owners of the company want money - now they are popular, they have to behave well to get that money. Wanting money usually transcends everything else including loyalty to state. A Chinese CEO with a popular Western product is going to realize that if his customers are way for CCP grabbing their data, it's a problem to his business. He doesn't want CCP snooping and one of the better ways to do that is to have better encryption as well.
Doing slightly suspicious things doesn't matter if nobody is watching and therefore nobody cares, now that people care ... it matters. Just as a matter of pragmatism.
The fact that they hired Alex Stamos and probably just spent a bunch of money on buying Keybase seem like a sign that things are changing.
They prioritized ease of use above all to get adoption before. This is appalling to me, but I believe they are seeing enough pressure to change course. It’s believable to me that they would intend to as they have already captured much of the consumer (non-B2B) market mind share and can afford to invest in this area.
Will I be using it now? Still a no. Maybe I’m time though.
Call my cynical, but "hiring" a bunch of infosec celebrities and critics as part-time consultants or contractors should be considered nothing but a (brilliant and silencing) PR move until the day that product updates and analyses reveal otherwise.
> until the day that product updates and analyses reveal otherwise.
The product (and their poor installer practice) has been updated several times in the past few months alone, and each move has made Zoom a more secure product, with the vast majority of the hubbub having been addressed. So are you simply ignoring that, or are you setting your own personal goalposts?
I'm doing neither. I'm pointing out a logical fallacy in the parent comment. Hiring people part-time and buying a company does not, on its own, convey anything about improvements to product quality, security, or the corporate culture of either. I can only infer from your comment that you might think I have some beef or issue with Zoom. I said no such thing.
At this point, I'm confused, and I'm not sure what point you or the other commenter are looking for me to concede. Zoom is paying some security consultants, pushed out some product updates, and bought Keybase, so it's a story book ending?
Just as your comment was aiming to narrowly point out a logical fallacy in the parent comment, I'm pointing out a flaw in your own: I disagree with your claim that investing in security practices is just theater, and that more concrete efforts in the same direction are irrelevant. The concrete efforts are Bayesian evidence that the newer investments are more than theater.
You said that those things are theater until the day the product updates. We are beyond the day when that happened. So for it to be a fallacy you have to reject the context in which it was presented, which nobody but you is doing.
I am not looking for you to concede anything. You said nothing has been done to show you that the calculus of their priorities has changed and I listed some things that could possibly show that. It’s up to you if you believe that is significant enough to convince you.
Frankly, I don’t care if it does or not. I was just providing some visible signs of investment.
Calling it an interpretation is nothing short of revisionism. Nobody considers the hidden web server to have been an oversight. It required forethought and effort. It's not as if they didn't know what they were doing.
You're absolutely right that past decisions focused on ease-of-use over security.
For evidence that they've changed their focus you can see their April 1 blog post[1] and the weekly video AMAs they do that are summarised in their "90-Day Security Plan Progress Report" blog posts.[2]
They're making a lot of progress.
The Keybase acquisition is about building out a strong security team that will help them implement end-to-end encryption in 1,000 person meetings, which currently isn't possible anywhere.[3]
“Microsoft sexually discriminated in executive hires because ‘women will get pregnant and quit’, stifled completion in multiple categories, expected free overtime or you’d be stack-ranked out of a job. Be careful before trusting.”
I agree that there should be opportunity for individuals to learn from mistakes and improve. People can be stubborn and slow to change, but they should be given a chance. It seems reasonable that the same courtesy should be extended to organizations. However, organizations are an order of magnitude slower to change than individuals.
Ultimately, an organization's policies are a reflection of the policies of its leaders. The bigger the organization, the more leaders have to change before the organization itself can truly change. It's much more likely that those who change just move on to another organization instead.
Besides, the end-to-end encryption incident wasn't a "mistake". Zoom's response was to say that their definition of end-to-end was just different from everyone else's. They clearly knew exactly what they were doing.
Zoom can change, but given their size and past I want more than a corporate apology and pinky swear before I trust them. They are making plenty of money and aren't going anywhere. There's plenty of time for them to earn my trust. However, they haven't yet earned enough of my trust to make me comfortable with this acquisition.
> It seems that we live in an era where if you made bad decisions in the past, you can never be trusted to make good decisions ever again. Even if you own your bad decisions and show lots of improvement.
I've seen this turn out for the best literally one time, and that was Microsoft.
All the other times the bad company just continues its horrible slide into madness. It doesn't die either, just silently keeps churning out billions of dollars of shareholder value.
You see Microsoft’s mediocre reliability making its way into GitHub. Has MSFT changed or are things breaking on the web just more accepted than your desktop?
Organizations are not people. It is very straightforward for an individual to change their ways from bad to good. We should have mutual empathy and forgiveness towards each other. Conversely, it is typically very difficult for organizations to change course (keep in mind the spokesperson has no real power and a strong incentive to lie) and there is zero reason to feel bad if people abandon them. The people who work there perhaps, but there should be no mourning for an entity that exists only as a legal construct.
In general, when it's between fresh blood and old management, old management will win every time.
If Zoom is acquiring Keybase because the C-suite is pivoting culture around security, then it'll probably work. Otherwise, not much will change. So until I see more evidence that Zoom's upper management had a change of heart (creating a CISO council is a good start), I'm going to be skeptical that this will actually move the needle.
I really hope that's the case, for Zoom's sake. Unfortunately, that means less than nothing to me; I don't use Zoom, whilst I do use Keybase.
I don't trust Zoom to be custodians of the Keybase company or software. This has been a real blow to my confidence in them and I'm not sure I'll continue to use Keybase :(
I actually love Zoom as a product - far and away the best product in its class and this move likely makes sense for Zoom.
The disappointment comes from the loss of Keybase and what it could have been.
The main problem is Zoom having most of its development done via companies based in China. This means it is no longer possible for Keybase to achieve its original goal (and whatever encryption they add cannot fix this core problem).
It's one thing to accept the risk for video conferencing, but it's another to accept for an encryption ID standard.
I agreed with Chris Coyne's comments on HN a while back when he argued that the closed source server code didn't matter because of how they handled the encryption (when compared to Signal). While that's still true from a technical security standpoint, it looks like it does matter in a larger sense because this kind of sale shows that you can't really trust a company to act in its user's interests long-term.
You are probably right but I wouldn't discount the keybase server/client IP and user base completely. If Zoom could use keybase for identity verification and adding participants to a call via social graph connections of everyone on the call that could radically improve the UX of onboarding and securing a meeting to only approved participants.
It's possible, though I think it's optimistic. Nobody really has a problem with Zoom's UX as it is now. The only people complaining about Zoom are us techies who know about the security issues. So my guess is they're just gonna quietly work on the security stuff in the background with this new team, and leave the UX largely as-is.
Yeah for the few people in the world who actually used Keybase and understood (at least partially) why it was a neat thing... most of those people are also those who have been following the Zoom debacle, and will likely consider abandoning the platform.
Even as an information security practitioner that cares a great deal about privacy I am just not willing to jump on this "Zoom is bad" band wagon. "Zoom is bad" is a tech media narrative largely driven by the large players that have something to gain by seeing Zoom stumble. There may be QC concerns, but in general the product has been great for our team and our consensus was to give them some time. Their response has been positive and they seem to have handled it transparently. Reality says this: Zoom works well enough. When we started using it several years ago it was far ahead of the competitors. Maybe they are catching up? Anyhow, I will give Zoom a chance to do the right thing over the next 6-12 months regarding Keybase, and their product in general.
So if I'm reading this right... the participants of the DAO can band together and sell their company to a company as well? It looks like a DAO just requires some kind of cryptocurrency to participate, and then the participants get control over the operations of the DAO. So ownership is transferable at any time by these parties.
That definitely cannot be acquired. No sane business would want to convert actual money into fun bucks and put those into a buggy script that would lock everyone out if someone pwns it.
What is more 'fun'? USD in bank account, USD as cash, DAO, or gold? I would think those are monotonically decreasing in 'fun'-ness. "Actual" money is not a good word for printable items of arbitrary scarcity. Not arguing for or against GP, just saying.
Ghost (blogging software) chose to incorporate as a Company Limited by Guarantee [1], which doesn't have shares and can't be acquired that way: https://ghost.org/changelog/moving-to-singapore/
It only really works for bootstrapped non-profits, and for projects that are entirely volunteer-driven. No VC would be able to invest in something like this (unless it's a grant like what YC does for non-profits [1]).
Even Mozilla Foundation [2] was spun off from Netscape, and heavily supported by AOL in its early years.
Wait what? That's called PGP. And people like to hate on it because it's a decentralized web of trust. The whole point of Keybase is to pave over the problems with web of trust by creating a social identity layer that more accurately reflects how trust relationships actually form.
An open source social identity attestation layer that people can operate and federate. Now that sounds cool!
This outcome is almost certainly seen as a failure by the VCs. It looks like an acquihire. If so, it's quite possible that the VCs didn't even get their money back. Acquihires generally do not return money to VCs -- obviously, given that the employees are free to work anywhere, the acquirer's interest is in paying as much as possible to the employees and as little as possible to the now-worthless acquired company.
It's likely the employees are the ones benefiting most from this outcome, in that their pay has probably gone up considerably and they are no longer nervous about their job security, after many years of high stress and low pay.
It's possible the VCs were even offering some more cash to keep going, but at unfavorable terms, and the team said: "No, we'd rather take the big paychecks from Zoom."
Given Keybase has only had one funding round (according to crunchbase), the founders certainly still had a controlling stake in the company and the VCs couldn't force them to sell or not sell.
You can blame VCs for a lot of things but this kind of outcome is just not one of them (except insofar as that it allowed a company with little viable business strategy to exist in the first place).
(I am the founder of a failed startup. We had multiple "acquihire" offers, none of which offered any money back to investors.)
My two cents: that's part of the game in today's marketplace. It's pretty difficult to 'disrupt' firmly cemented market footholds and play with the big boys with seemingly endless streams of capital (though it certainly is possible, tech is more notorious for this than most industries, though highly improbable).
You really want to lock down some strategic IP that stands in the path of a behemoth and hope they'll want to aquire it under their growth goals or attempts to stomp out potential competitors (by throwing money at them and not through litigation or other paths). The big boys win because they buy out proven effective solutions/IP and models while failed startups eat the market high-risk exploratory costs.
The fact that the ultimate goal of most startups is to "exit" says an awful lot. It's an obvious signal that they are not prioritizing your needs in the long-term.
First, a huge congratulations to the founders of Keybase! Running a self-founded messaging company can't be an easy feat.
For me personally, this is of course worrying news. I'll suspect that Keybase will die a rather quick death, as most of it's users are security minded that wouldn't ever trust Zoom.
> Initially, our single top priority is helping to make Zoom even more secure. There are no specific plans for the Keybase app yet. Ultimately Keybase's future is in Zoom's hands, and we'll see where that takes us. Of course, if anything changes about Keybase’s availability, our users will get plenty of notice.
> So, our shortest-term directive is to significantly improve our security effectiveness, by working on a product that's that much bigger than Keybase. We can't be more specific than that, because we're just diving in.
They’re not oblivious but two things; you don’t bite the hand that feeds and it’s easier to get someone to see your side of things when you agree with them. Confrontation will not help to fix Zoom’s culture of insecurity.
They aren’t. They are making a lot of money which is what the business was made for.
The post is actually refreshingly honest that keybase is now abandoned and will probably die at some point.
The idea that companies were stupid enough to place their internal identity on some random 3rd party is so incredibly stupid that it’s hard to feel too bad for anyone.
Thank you. Keybase had investors and I’m sure the premium Zoom offered was unbeatable. Zoom can effectively pay infinity with equity. Those investors knew that this was the best way they’d ever have to realize gains. That’s why they invested in the first place.
Well, when FB bought WhatsApp, its founders stayed on for a bit to vest his shares then founded Signal with his "screw you" money. Maybe some of Keybase's founders can do the same thing.
> They are making a lot of money which is what the business was made for.
I miss the days when businesses existed not just to serve investors but also their employees and the common good. It's like a 1%-er meta profit model where the actual business is in buying and selling the business and the core business is really just a temporary front that is designed to never make a profit, just create fancy looking charts and eventually bait and switch consumers when it is sold to the highest bidder and the employees all eventually lose their jobs.
One day, VC funding will either be illegal or required. considering the flow of money in this exchange, I'm betting on the second.
> I miss the days when businesses existed not just to serve investors but also their employees and the common good
Uh when was this? For-profit businesses have always been created for the primary purpose of making money. Any side effect like employee well being happened to coincide with what maximized profits at the time or due to regulation.
Pre-1970 or so. Before Milton Friedman, there was a general sense that companies existed to fulfill some mission, with profit as a means. The CEO of Kellogg commented on this in an interview ca. 1980, that money for a business is like a gasoline for a road trip. You need it to get where you're going, but the point of a road trip is not to accumulate as much gasoline as possible.
Is this a joke? The bulk of the labor movement happened before 1970, and it was not because workers were so well-treated and well-compensated that they had a lot of free time on their hands.
I'm a big fan of business and entrepreneurship, but let's be clear here: there is a reason we invented government. There was never a time when we could 100% count on the beneficence of business leaders to advance social goals.
Edit to add: I'm not trying to demonize all business leaders here. There are some bad actors, but even business leaders who desire to do well have to succeed in the marketplace--even against bad actors. Unfortunately, doing bad things in business often confers the benefit of lowering costs, which is a competitive advantage. This is a known structural issue with a marketplace economy and why we need more than just business to have a good society.
Of course, there have always been bad businesses. The difference between pre-1970 and now, is that we've not only socially legitimized the maximization of profit, we've also all but legally mandated it. Now even "decent" business leaders like the CEO of Costco have to continually answer to their shareholders as to why they're not lowering wages and reducing benefit--and in Costco's case, the shareholders may try to take legal action to force them to lower costs, even though Costco the business is already quite profitable. Due to lack of labor regulation and the mantra that "business are required to maximize shareholder value", Costco's decency is fully dependent on its CEO's (unusual) fortitude to fend off those shareholder demands. When its leadership changes, its ability to care for its employees will likely revert to the mean, which as we see in today's environment is abysmal.
So really, it's not that "there are some bad actors", but that "the system strongly encourages businesses to install these so-called bad actors as their leaders". I agree with you, that we need strong government labor regulations to counter this mentality, but this mentality is why these regulations have deteriorated over the past 50 years.
> The difference between pre-1970 and now, is that we've not only socially legitimized the maximization of profit, we've also all but legally mandated it.
I'm sorry, but this is just not true. If it was legally mandated, then the Costco CEO would not have been able to resist such shareholder demands. Your example proves the opposite of what you think it does.
Nothing has changed in the legal structure of corporate governance since 1970. Do you think that investors never demanded greater returns from business leaders prior to 1970?
They can still demand all they want, but the law remains clear today that corporate directors and managers have the power to run the business as they see fit, and shareholders' sole remedy for their disappointment, in the absence of outright fraud or gross negligence, is to sell their stock.
In February 2014, Tim Cook was the CEO of one of the most valuable companies in the world. At Apple's shareholder meeting, he directly told his shareholders that he does not even consider ROI in some of his decisions. Legal consequences to Apple and Tim Cook for this statement? Zero. He's still CEO. Because there is no legal mandate to maximize corporate profits.
Honestly, by buying into this myth that the law changed in the 1970s, you're lending power to a fake idea that you seem to be opposed to. There is a group of people who wish such a mandate existed, and by acting like they're right, you're kind of helping them.
Business leaders might make anti-social decisions because they feel competitive pressure to succeed in a marketplace where customers are free to choose and are price-sensitive. That's not nearly the same thing as saying that corporate governance law forces them to make such decisions. It doesn't.
I know, that's what I'm trying to say: it's not true that CEOs are "almost but not quite" legally mandated to maximize profit or shareholder value. The law says plainly that they are not.
"All but" is handy phrasing if you're trying to create the impression that something you prefer is true. If you don't prefer it, I think that using that phrase is like shooting yourself in the foot rhetorically.
I think it's more constructive to point out that such a mandate does not exist (regardless of what some shareholders seem to believe), and there are good reasons it doesn't.
This a perfect example of how mythical history of the left totally distorts peoples view of history.
Kellogg also burned girls clitoris away because he was against masturbation. Other then he had incredibly toxic fights about the right to the IP and broke his relation with his brother. Clearly he didn't care about profits.
Also a single example doesn't prove that things were structurally different. There are tons of companies now that exist with different goals.
Need to keep in mind we now remember this endeavor as ethically challenged, but was it literally 100% for money or did want of these goods play a role:
> was it literally 100% for money or did want of these goods play a role:
> cotton, silk, indigo dye, salt, spices, saltpetre, tea, and opium. Surely access to those provides some benefit other than making money, which it also did for them.
This is an utterly meaningless distinction. Money is fungible with all of those goods.
I am not sure you are using fungibility completely correctly because the goods have a condition, are perishable, they can be bartered or traded or maybe are fungible with respect to each other but are not literal money and literally interchangeable with money.
Anyway, if you want to go down that path you can easily conclude that literally any good or activity is just money, that you live a money-dominated life and we all exist for money all the time and while useful in some contexts I don't think it's particularly apt, but I hope you enjoy it.
In the grand context of life, no (despite the vast majority of large scale events that we learn about in history being usually a result of conflict over money/power) , but in the context of business, as this thread is, yes in a for-profit business literally every good and activity is about money.
Some businesses may choose to sacrifice money for things like employee well-being or community contribution, but that's a choice they make, or more likely are forced to make.
Yes, that's exactly the point...it's meaningless to say (as you did) that the EIC wasn't motivated by money but instead motivated by goods. Even leaving aside that they sold those goods for money....the distinction is meaningless, as money is just a store of value and lubricant for the exchange of goods (and services).
It's not a meaningless distinction. The goods are consumable. The British public didn't want access to spices as an investment vehicle. Using them was a quality of life improvement.
No, when businesses were owned primarily by single individuals, their priorities were much more aligned with the goals of a single individual. The owners cared not only about profits but respect in the community, influence over politics, etc. and made choices that today’s publicly traded companies would and do not.
> The owners cared not only about profits but respect in the community
I think you need to read a little more history. People haven't changed their core nature in the past 40 years. Look at Carpetbaggers, the Triangle Shirtwaist company, and William Hearst for relatively recent examples. Further back you can look at The Dutch East India Company, the Knights Templar, and the various and sundry monopolies that have arisen throughout history.
People are driven to acquire capital initially to meet their own needs, then for power. There always have been people and groups of people who strive for the latter, not being satisfied with the former. Romanticizing long dead business owners may play well in movies and books, but it isn't reflective of human nature.
I miss the days when businesses existed not just to support free users but also their revenue model and profits. It's like the 0%-er meta profit model where the actual business is in building and marketing the userbase and the core business is really just a temporary front that is designed to never make a profit, just create fancy MAU charts and eventually bait and switch free users when it is sold to the highest bidder and the free users all eventually lose their service.
One day, revenue models will either be illegal or required. Considering the outflow of users in this exchange, I'm betting on the second.
I think you have a rose-tinted view of what old-timey businesses looked like. We moved past mom-and-pop subsistence industry like 400 years ago. No one ever said “I’m going to create a sheet metal production company for the common good.”
No you’re confused. He’s asking for a history in which there is no company motivated by anything other than profit. Since there exist many companies motivated by things other than profit, no such history can be provided. Hence the GP is wrong. Hence the irrelevance of downvotes on this cunty website
Software exists for its users business exist for its owners more precisely its stakeholder, further divide stakeholders into the various rights, control, claims on cash flow, claims on assets, give users the first then watch what happens.
Unless I imagined it, they previously said publicly that they were unlikely to pursue a sell like this because they had succeeded at previous companies and cared more about the impact this product could make than the profit they could make from selling it. I based my decision to agree to the terms of Keybase around this statement which I can conveniently no longer find. I suspect it was in one of their airdrop announcements, and conveniently those links don't work in the Wayback Machine.
"Yes, we sold our previous 2 businesses. But I want to point out that (1) neither of those sales ever hurt (and arguably both sales greatly helped) our users, (2) Keybase deserves special consideration which we are aware of, and (3) both Max and I are happy in a world where we never try to sell a company again, and only build things we like."
I feel silly for falling for it too. Even very wealthy people enjoy extra money.
>How can they be so obvlivious though? Their own blog post doesn't even mention the tarnished reputation Zoom has acquired lately
I'd say, don't overestimate the tarnished reputation (= some news stories for a while, most didn't read or care about -- including corporate users).
And of course they wouldn't get into it in a press release/blog post for an unrelated to the issue acquisition! Doesn't make sense to sabotage themselves this way...
> doesn't even mention the tarnished reputation Zoom has acquired lately
I'm interested to know if you thought keybase doing the whole unsolicited Initial Coin Offering was a reputation tarnishing or polishing event for that company. (I'm circumspect about both of these outfits to be honest.)
That's probably why Zoom is buying them, to double down on security and repair their reputation. They genuinely seem to be putting all their focus on improving security. Seems like a smart buy to me.
There hasn't been enough time since the noise about Zoom's security, for a company to inspect the goods, audit the books, negotiate, draft paperwork, share cocktails and all other stuff that come before announcing an acquisition. Especially in the middle of a disruptive situation. The process must had started many months ago.
I don’t necessarily read it that way. Keybase is 100% functional and has worked well for a long time. Zoom needs people who know how to make modern client software and chat if they want to compete with the Slacks and Teams, etc. You can’t even screen share on wayland... it’s that bad. If keybase ultimately gets secure video, and zoom a security architecture overhaul, how is that a bad thing?
Well, it's pretty clearly an aquihire. Zoom gets a team of highly skilled cryptographers and Internet protocol experts. Good for them. But that means the team that created Keybase as an innovate PKI store won't be working on that anymore. That's not Zoom's business, and probably won't be, as Keybase themselves never figured out how to turn it into a business.
Keybase seems like something that should be small, isolated, FOSS, supported by a foundation, etc. They could have built a business _around_ Keybase I'd imagine, but all they managed to do with this is invalidate Keybase and make people like myself, who feared their business motivations, feel vindicated for being paranoid.
I'll never blame anyone for wanting to make money, to make a business, etc. But if you make a product that walks talks and acts like a FOSS project, but keep it to center your business around... I'll always be longing for a real, true FOSS replacement.
In this case a good looking FOSS alternative came out a few months ago iirc. Though for the life of me I can't remember the name.
How was their product ever marketed that way? They have open source clients because that security table stakes. They’re a solution to crypto anarchy because they help link your crypto identities to your social ones. None of that has changed. You talk like all valid software is free of corporate ownership/sponsorship. Why is zoom’s money somehow worse than e.g. softbank’s.
Oh I didn't mean to imply it was, maybe my "walks talks" bit was unfair. Rather I merely meant that Keybase, like Keys.pub, seems like a great isolated tool for the internet. Something exceptionally well suited for a foundation.
As someone who works at an open-source-focused business, I respectfully disagree. Unlike proprietary software, open source software doesn't depend on the broken window fallacy. As a result, it's really hard to make open source profitable. There's lots of different avenues to get there, and I don't like to fault someone for their efforts if the bulk of their work goes towards improving open source software, as I think Keybase did.
Possibly, but in this case I didn't expect them to make Keybase profitable, if anything I expect the opposite. I expect Keybase to be a FOSS, foundation for profitable extensions that the company builds and sells.
Arguably I think they agree with me, about the extensions at least. As seen by their seemingly random directions of feature extensions that Keybase was prone to. My issue is not that they chose random features to try to make profitable, but rather that the core premise, a public keystore, was tied so closely to a for profit company.
It would be like losing Git because Github went under. (Though, terrible example because Git works without a centralized repo, but it's just the first company <-> FOSS relationship that came to mind lol.)
Keybase was a centralized key storage with value-add services such as file storage and chat.
That was absolutely comparable to github, as you could've just gone back to manually syncing pubkeys and encrypting msgs. If github went away, you'd be without a lot of value-add services as well such as wiki, issues user management etc
Realistically speaking, nobody is going to do that... And tbh, it was already dead in the water when they added crypto currencies... Just took a while for their money to run out.
The actual difference is that there are enough competing products for github, not for keybase however, as that is just too niche
Sure! The idea is that each proprietary project is wasting effort implementing their own clones of everyone else's software. To use your example, Google, Microsoft, Yahoo, Yandex etc etc are all developing their own search engines. Instead they could all be contributing to one search engine to push the state of search engine software forward, instead of all spinning their wheels re-doing what everyone else is doing. How many devs are employed doing what someone else in some other company has already done? That's the broken window: someone else has already done the work, but it must be wastefully re-done because of the license. There's a lot of room for profit in all that extra waste.
That's not what the broken window fallacy is though. It references the idea that breaking a window generates economic activity which is good for everyone.
Aside from whether this matches the typical meaning of "broken window fallacy," I think the substance of what you're saying doesn't match reality.
Open source is famous for fostering a bunch of different approaches to the same problem, and slightly different forks of the same concept. That's the "bazaar" in the famous metaphor, as opposed to the "cathedral" of monolithic, hierarchical, linear proprietary development within a closed-source company.
"Everyone working on the same thing" only works well when there is broad agreement on what that thing should be, and strong governance to resolve disputes. National highway systems, militaries, and power grids are good examples.
I don't think search engines are a good example of where this would work; it's not clear in advance what will make a given search engine better. Thus we benefit from a variety of competing approaches, essentially to expand the space in which we're searching for the optimum.
Open source software is (I would argue) even more driven to fragmentation by political, ideological, and personality conflict driven squabbles than proprietary software, as there is no profit motive to also satisfy.
Also, the broken window thing asserts that small amounts of criminal activity lead to larger amounts of criminal activity via signaling that being bad or neglectful is OK, which is both not proven and irrelevant to software writers being prone to reinvent the wheel for whatever reasons they have.
You're describing the broken windows theory. The broken window fallacy is the claim that destruction or waste is good for the economy because the cleanup generates economic activity (with the attendant multipliers). It's a fallacy because it leaves out that the original spender (by the owner of the broken window), on average, displaced other economic activity.
While I'm no fan of these companies, I'm not convinced by that particular argument for FOSS either. Imagine the world where we would be always iterating on one lineage/model of refrigerator, each automobile type etc. instead of many companies rebuilding basic stuff. I don't believe we would be better off. Not all progress can be driven by consensus and iteration, some needs to be done by competition, divergence and outright discontinuing old approaches.
I think you would be right about the greater good being served by everyone being aligned on the same search engine ONLY IF we understood search engines so well that we knew there to be only one mathematically optimal way to build search engines.
Since we don't understand search engines that well, there is a LOT of value in the exploration over the space of search engines that these different companies represent.
The broken window fallacy argument is that those speaking of the benefits of the broken window are mistaking maintenance cost for generated value. That doesn't seem to be the case here. This is society implicitly investing in exploration over exploitation.
Well, in reality there wouldn't be one optimal product, there would be many, for the reason that you said -and for human reasons.
However they would still be able to borrow good bits from each other and gain insight on how things could be done differently, so arguably the end result would be a win. From a technical standpoint that is -I think where it gets messy is when we try to factor in the business implications.
I mean, there's a fatal flaw in the broken window fallacy anyway:
>
It is not seen that as our shopkeeper has spent six francs upon one thing, he cannot spend them upon another. It is not seen that if he had not had a window to replace, he would, perhaps, have replaced his old shoes, or added another book to his library. In short, he would have employed his six francs in some way, which this accident has prevented.[1]
Capitalism is about acquiring capital, i.e. money. There's no such evidence that people with money actually spend it in ways other than investment, and the sole purpose of that isn't to donate to companies that need it, it's to profit off it and essentially hoard more capital. Sure, poor people with either very little or no capital spend that capital on necessities, and thus drive the economy, but there's no evidence that people with large amounts of capital spend that on anything at all, there's more evidence that they hoard it and seek only to acquire more capital. The entire system is built to favour those people.
That feels like strict oposit of the falacy claim, which would hold in case of perfectly stable and suppied currency is employed. Still would be rational to invest research, diversify against theft etc.
We're getting way off topic here, but you have a horribly misguided premise here. A typical shopkeeper is not in the .1% 'cash hoarding' class. Small businesses are mostly run by people with average resources, and their capital is typically spent on their business and personal needs.
If you have to pay to replace a window that should have lasted, say, ten more years, that's money you now cannot spend on improving your factory somehow.
It is still economic activity (and the glazier doesn't mind the work) but it's remedial rather than generative. (The glazier that repairs the window could have been installing a new one in a new factory, eh?)
keys.pub doesn't have the single most useful feature Keybase has: The ability to verifiably establish a secure channel with anyone given their Twitter/Github/whatever username.
Their homepage advertises 'keys pull username@github' as an example. Is the missing piece you describe here simply the command 'keys chat username@github'?
I'm not very familiar with the service, but AFAIK they don't. It would be great if they added it.
EDIT: It looks like it might, from the front page, I will try it out to make sure. If it does, that'll be great!
EDIT 2: It sort of does, but it's on a per-key basis, not an entire identity. You can publish proof on Twitter/Github/whatever, but it's only for one specific key, and it's one key per service, which means you can't only have one identity and multiple services.
The biggest challenge with acquihiring is retention. Allowing the acquired team to continue what they were doing is the only somewhat foolproof strategy to deal with it. It's a question of pocket depth and expectations. How much will the new team contribute to the "home" product? If expectations are too high chances are that much of the team won't stay and the acquisition will turn out to be a waste of money. With lower expectations however, continuing to fund the project in question can be bargain for getting a pool of in-house consultants to occasionally tap into for the "home" product, if they are really as good.
And even if retention wasn't a problem at all, skilled people are not inherently skilled, they need to keep challenging themselves in their area of expertise to stay sharp. If the "home" product was failing to foster in-house expertise before then chances are high that it's a problem based on culture and priorities and experts injected from outside would quickly lose their edge. Keep them on the project they became experts on and they stay experts.
Retention isn’t going to be a problem in this market. Hiring in general has almost disappeared. And if you get hospitalized with coronavirus without health insurance, it will almost certainly lead to bankruptcy. It’s too risky not to have a job right now.
I don’t think hiring has disappeared - I got contacted by four recruiters just yesterday alone asking me to apply to vacancies they’re trying to hire for.
I wouldn’t quit my job (and I’m not looking anyway), but there’s plenty of hiring going on.
My experiences with acquihires have not been good.
People went to work for this company based on the domain, the people, or the culture. With the acquihire they change the domain first, and the culture about a year in. Then the people start to leave, and it's just a job, and one you didn't even apply for.
On my worst days it felt like I was sold like cattle, and I would have seen more upside by hiring on someplace else.
Zoom uses a proprietary gnome API / hack to do it I believe. It works on Gnome only. Note that with pipewire, wayland screensharing already works on Chrome/Firefox (for all of the video chat apps), and it will come to electron eventually. I imagine in a year or two screensharing on wayland will become seamless for most things.
If you know how to make that work I’m all ears. I run Debian testing, wayland, gnome. I tried to screen share yesterday and got a popup about how its not supported. Maybe mu zoom client is out-of-date?
If Keybase acquired Zoom (haha), then, sure. This is a PR move for a public company. They'll probably gut Keybase, move their Chinese server generated AES128 keys to AES256 keys generated by you and uploaded to their Chinese server, then call it a day.
I can't think of a single instance where acquisition of a smaller company like this resulted in an improved version of the original product. How many of us are running RHL? Skype is now close to Microsoft spyware that's impossible to remove from a Windows installation. Facebook purchasing Whatsapp, another service that formerly stressed encryption, resulted in things like plaintext backups of your texts on Facebook servers being aggressively promoted as soon as you loaded the app.
It's pretty much always cheaper to gut the original product, ignore the problems with your software, and enjoy the enhanced price of your shares while effectively spending no more money than you had for the original acquisition. As far as I can tell, Keybase has never had a business model or constant source of revenue.
> Facebook purchasing Whatsapp, another service that formerly stressed encryption, resulted in things like plaintext backups of your texts on Facebook servers being aggressively promoted as soon as you loaded the app.
Ia that the case? AFAIK WhatsApp gained proper end to end encryption after being bought by Facebook and pushes for backups to Google (and maybe iCloud?) servers.
Wikipedia writes:
> WhatsApp was initially criticized for its lack of encryption, sending information as plaintext. Encryption was first added in May 2012. In 2016, WhatsApp was widely praised for the addition of end-to-end encryption
Whatsapp announced encryption to the world in 2012. OWS helped secure their app further after the 2014 acquisition by FB, but encryption was something stressed by Koum and Acton from the get-go. Integration of E2EE into Whatsapp/FB Messaging is one of the few examples of Zuck being on the right side of things.
Long term it ended up pretty good, with Koum and Acton taking their acquisition money bags and pouring them into FOSS projects like FreeBSD and the Signal Foundation. Maybe malgorithms will do the same.
> pushes for backups to Google (and maybe iCloud?) servers.
Yeah, I was incorrect. They backup to Google servers. Not sure if that's better or worse. :)
Since then, FB has offered willingness to cooperate with foreign governments to break encryption. I guess we will see what happens with the EARN IT Act.
Well, my personal experience running the zoom client on Ubuntu was very satisfying. It worked out of the box, just a deb to install. I am on kubuntu 18.04LTS X11 though, not wayland (which I am glad because on 16.04 I was often victim of that stupid copy/pasting bug freezing firefox or the whole gnome env.)
Zoom works without a hitch on Ubuntu here. Even plays nicely with the tiling WM with multiple workspaces (somehow, a thumbnail window follows you through as you flip through workspaces).
Zoom works great on Linux, it's a proper native app and the quality is excellent. Screensharing is notoriously tricky on Wayland and has been a shifting target that is just now starting to settle, I'm sure it'll eventually work.
Who gives a fuck about Wayland, honestly? It seems like it was designed by people who didn't like the few good things about X and wanted something to further fracture the Linux desktop. Well, they got it.
> Zoom needs people who know how to make modern client software
It's the best video client available on Windows / Mac and works acceptably on Linux, what exactly needs to be more "modern" about it? Slack's video call thing is way less featureful, and Teams is still the abortion that is Lync / Skype for Business under the hood which is and always will be shit-tier.
> chat
I don't want my video app to be my chat app. There's any number of reasons why separation there is a good thing. I can start a Zoom call from Slack in 1 second, what more do I really need on that front?
Wayland was designed by people who didn't like the features of X that almost nobody used (X forwarding, for example). And X is still around for those obscure use cases, while Wayland can serve almost everyone with a much simpler and cleaner system.
Now, why Canonical decided to go off and write Mir instead of collaborating on Wayland development, I have no idea.
> people who didn't like the few good things about X
Since these were also pretty much the only people who were putting effort into maintaining X, I think it's reasonable that they decided to replace it instead.
The history of X is a history of forks. But we've not seen another X fork appear to compete against Wayland. Instead we see the people who are writing Wayland continuing to retrofit the new technologies they're able to bring back, back to X.
I remember thinking they were neat a few years ago, I made an account and tried out exchanging some keys. It’s slick but I don’t see how it was ever going to be a mainstream product for non technical users who mostly don’t even understand what encryption is. Haven’t heard anything about them since, I kinda already assumed they were dead.
It doesn’t have to be mainstream. A niche product can be viable.
Unless you begin to accept investors money who want an exponential growth at all cost. But if that’s what you want as an investor, no idea why you would invest in Keybase.
You can also have investors that buy into a company because it is counterproductive to their goals. Not all investments are meant to produce financial profit.
Lucky for us it is open source? I was hoping to use it to replace Dropbox but they kept not taking my money... small wonder they went for the acquisition.
Not exactly. The clients are open source, but the central server isn't. See https://github.com/keybase/client/issues/6374. It might be possible to reverse engineer the server, but it would be a lot more involved than just forking the project.
That's unfortunate. I assume Zoom would have no interest in open sourcing the server software now that they've paid for the cryptographic expertise and code, but I think the previous owners might have been willing to... surprised they never did, maybe they decided they'd never get bought if they did.
A shame, it seemed to work really well. Maybe Zoom will be willing to take my money to be a DropBox end-to-end encrypted cloud sync service instead, they seem to be fairly on the ball with responding to complaints and that they decided it was worth buying Keybase to improve their service maybe they'll come out alright.
Ability to assign roles(groups) to heterogeneous users.
So imagine being able to add user@domainA.com, user@domainB.com, and name@nonprofitname.org to cool-dev-group and them being to instantly be able to access the relevant chat rooms, git repos, shared folders, etc. If password/secret management had been added, then access to that too could have been allowed. If SSO/Oauth had been added, then any service could be covered by this sort of role-based-access-control-for-anyone.
So no user has been created, they're using their existing identity to access new resources. With some extra coding, triggers and events could have been added to do things like auto-sign public keys.
Their original purpose — tying identities to keys — could have been a nice small non-profit. But there aren't fortunes to be made from managing GPG keys, so they had to pivot into shark jumping.
Not to mention it's notoriously slow and has been shown to be an insecure method of distributing keys (due to the fact that anybody can upload any key).
Anyone can upload a key to keybase dot com too. You should never trust a key belongs to someone unless you have verified the fingerprint by other means e.g. speaking to them. This is basic security we have known since the 80s. Keybase dot com is a step backwards if anything because of the false sense of security it creates, as if they don't have a giant attack surface.
The whole point is that you don't just use it to upload a key. You link various verified identifies of yours across the web to your Keybase account so people know the PGP key there is the one of the verified person. It's a way to tie all your verified identifies together.
If someone would manage to compromise a bunch of identities of someone on the internet, and then create a Keybase account with them and then upload a compromised PGP key that would be a problem if you don't verify the key. But that's a bit of a stretch.
In reality: I used keybase for a while. When I allowed a domain to expire and the DNS record disappeared, keybase threw up warning both in cli and their website that my identity verification couldn't be completed. My only problems I ever had with keybase was related to the cloud storage they offer.
My real wish is that keybase supported ssh keys and would provide them as an agent.
You can revoke the DNS signature. I'll assume your keybase account name is the same as on HN.
I do agree on the ssh key feature being nice, and, here's a link: https://keybase.io/blog/keybase-ssh-ca
You could also just use the keybase file system to keep ssh keys around.
Why? PGP works. (That alone puts it above its supposed alternatives.) It has existed for 30 yrs. That's 30 years of being exploited and patched.
PGP (GnuPG at least) is lightweight. I don't need an Electron dependency or a multi-megabyte chat room in the same application (address space too?) that supposedly keeps my private keys safe.
PGP is spoken by everyone, every programming language, having implementations on even ancient operating systems and architectures. Every email client worth its salt can use PGP. Emacs can decrypt and encrypt GnuPG-encrypted files seamlessly; other editors have plugins to do the same.
It sucks because the UX is so bad that people don’t use it, even when their lives depend on it. [0]
Even when they do use it, it’s easy to mess up.
The biggest flaw though is that in person key signing parties were never a viable or realistic thing for identity verification and web of trust based on that works poorly as a result. The use of multiple signed public social media accounts for identity instead as a way to fix this was Keybase’s main innovation.
For UX, even Snowden couldn’t get Greenwald to set up PGP and after multiple attempts Snowden eventually gave up and tried Laura Poitras with better results, the burden on the user is too high.
We have letsencrypt and permanent.org as non-profits. An idea of a identity and key non-profit sounds like another critical piece we would need for a free, open web
That's fair. We'll see how well they execute their vision.
However, after playing with it, checking out their board of directors, and deconstructing their app design, their vision is not really "cloud storage", at least, not the way we typically think of it.
Their long-term mission is preserving a digital legacy, oriented around relationships, families, and organizations. You don't use permanent.org to store things in the cloud that people normally think as "cloud storage", not for the day-to-day stuff. The kind of things you want to store in there are the things you want the world and your descendents to have access to after you die. They won't have to (directly) pay upkeep to keep that legacy preserved. I think that is convincing enough for me to see it as a critical piece of free and open web, even if this doesn't seem obviously connected to the idea of preserving a legacy.
For example, an indie musician wouldn't have to rely on SoundCloud to keep their recorded music around. SoundCloud is not in the business of preserving the creative work; they are in the business of aggregating users and they use user content to do it. Placing those music files in permanent.org has a much better shot of preserving that creative legacy for future generations than leaving it on SoundCloud.
749 comments
[ 4.7 ms ] story [ 447 ms ] threadZoom is presumably going for "look, we are bringing on-board this team of trusted people who understand privacy", but I think most are just going to assume it'll work the other way and Zoom's culture of poor security practice will bleed into Keybase over time.
What’s that open source alternative that someone recently posted here?
https://news.ycombinator.com/item?id=22995792
https://keys.pub/
(Keybase's crypto stuff is nifty, but we all know there is no money in that. They tried to make money by integrating cryptocurrency, and people did NOT seem to like that. So here we are.)
Selfishly hoping the cores service isn't shut down, though. I've been using it authoritatively for 5+ years. Treasuring the username I got too.
I just don't find it that plausible that Zoom was accidentally architected in the singular boneheaded way that could send the only keys necessary to decrypt sessions, to servers in a country where those keys can be, and regularly are, secretly compelled from the people transporting them (inb4 somebody plays whataboutism with NSA, yes, it's bad when the U.S. does it too, but NSA doesn't mean to compromise U.S. national security).
That country happens to be the PRC, which is seemingly on the verge of an aggressive war with the U.S. over, among other things, their insistence on illegitimate claims to international waters in the South China sea.
I'm particularly disenchanted with the growth of these multipurpose tools, but I am not their target audience. (Nor, I suspect, are many HN participants, but this is a baseless guess.) I suppose I'm more of an adherent to so-called "UNIX philosophy"--the best, single-purpose tool for each task, preferably that can be combined with its like for a solution customizable to how a specific user gets work done.
Maybe they should work on the fact I can run Zoom in screen share and just about nothing else. Just entering a call for me takes ~75% of my CPU and I beach ball regularly when screen sharing lightweight text editors doing barely more than scrolling and typing.
Startpage by an ad company.
PIA by an anti privacy malware company.
Keybase being a slack competitor merging with zoom makes much more sense in retrospect. Zoom is insecure while keybase is seen as secure.
Companies are purchasing competitors or revenue stealers.
Discord is a nice solution if proprietary solutions aren't a problem. It's really sad.
I've been using it on and off for years.. I'm still not sure what exactly it is or under what circumstances I should be using it.
Perhaps the moment that Keybase took VC funding a while back, it was over to begin with and the principles of being a "Slack competitor" and respecting their users privacy went straight out of the window and into the bin.
I really had high hopes for Keybase as a Slack competitor, the cryptocurrency stuff I actively ignored, but this is a disaster.
Fission Mailed.
This feature saved my skin on one occasion.
Edit: This has a received a few downvotes. If I'm wrong here, I'd really like to know why! I thought this explanation was correct and clear.
It is different. Keybase could update the app to steal your key, but that’s a visible attack that can’t be done retroactively.
> If it was truly secure, then you'd be using a new private key to encrypt your real private key
There’s no reason to use asymmetric crypto for symmetric encryption.
> I believe the argument is that a private key encrypted with a password is not cryptographically different from a plaintext private key.
You have it backwards. On principle an encrypted anything (key in this case) is of zero value to anyone. It does’t matter if you tweet encrypted messages every 30 seconds to millions of followers or not: they're encrypted.
When you use a password to encrypt, and you (or your client/agent) selects an appropriately sophisticated suite, you end up seeding a KDF with your password and then using the resulting data as the actual “private key” (its just a symmetric key, no public/private). If your password has enough entropy, then the resulting key is perfectly secure.
In practice people are paranoid. “If the key is on Keybase’s servers, someone could get it and brute force decrypt it.” It’s almost pop culture fallacious, though, because if you believe someone can do that, then they can just as easily brute force the actual key. In practice people use shitty passwords, and crypto weakens as time moves forward, there are good and bad algorithms, and the whole point of a public key infrastructure is to keep private keys off the wire. So it’s generally seen as bad form to copy private keys around, even if they're encrypted. We’re still pretty far on the spectrum here because if your crypto breaks you have to rey key everything anyway. Not just re-encrypt unchanged private keys.
At the end of the day you're either copying a private key around or you aren't. And you should probably avoid situations where you need to do that because there are better ways to PKI. If your threat model can tolerate encrypted key backups and key sharing, then go for it. But that should be something you control.
If sharing a password-protected private key is perfectly safe, why bother having them? Why don't PGP users just password protect everything?
Above all else though, is there an authoritative source that can answer these questions? As a run-of-the-mill programmer, I don't really understand how crypto works well enough to trust my own common sense here. It's been drilled into my head that there are certain rules to follow set out by people who do know what they're doing. And when people say "it's all good, it's password protected", and I'm not sure what their credentials are, I get a little nervous. I did notice that Werner Koch uses Keybase, but if they could simply point to an "okay" from him or Zimmerman explaining the situation, it would be settled. To me anyway, it's not simply an abundance of caution ("paranoia"), it's that something seems fundamentally wrong with the approach and I just don't know the actual cost.
What’s “sharing” here? You “share” an encrypted private key with Keybase so you yourself can recover it back from anywhere using the password that you know. PGP, meanwhile, is used for communication with people who are not you.
> If people have bad passwords, that makes brute force recovery of the private key on a Keybase server plausible, right? At least a lot more so than the whole key from scratch.
Yes. If you want to upload an encrypted copy of your key to someone you wouldn’t trust with the key, you should use a strong password.
> I'd assume that a machine generated key has more entropy than any password that a human can memorize.
That’s not a correct assumption, but your password doesn’t have to be more complex than the key to be safe against brute force anyway, especially when work is added with scrypt (which is what Keybase uses).
The keybase model revolves around devices. Device keys are private keys that are tied to a particular device (your phone, pc, etc) and never leave that device (unless it gets compromised somehow). The only way you can decrypt your data on another device is by registering it using another authenticated device. These keys don't have passwords.
Its basically like encrypting a pgp key with another pgp key, and uploading it somewhere, like people upload all manner of secrets to github or s3 or whatever.
Keybase just provides an easier flow to register new devices and to import and decrypt your secrets (like via a QR code scanned by your phone, for example). Your private keys are as secure as any private, encrypted piece of data that you might send out over the wire, so long as your devices are secure, that is.
If one or more of your devices gets owned, all bets are off, AFAIK. Even if you set a passphrase on your pgp key, all it takes is a key-logger to get it. And since your device is already compromised...
This is where hardware keys win out (yubikey, etc), that require a physical touch to unlock.
DISCLAIMER: I really only have a layman's understanding of crypto.
Assuming what you're saying is correct, it seems much more sensible. It almost makes the PGP key seem superfluous, though I suppose it help with legacy this way.
It still seems not ideal, in that having one device compromised would give away your main private key and thus your whole identity. It would be nice to have it be some sort of subkey situation. I'd have to think about how that would work.
This is actually one of the best "features" of keybase. They've backed everything by some strong pgp crypto roots, but none of their stuff really "operates" using pgp. The fact that they have abstracted it, in my opinion, is part of why people have adopted it so easily.
At the end of the day, your keybase device key is, itself, simply encrypted with your keybase password. The point I've been trying to make clear is:
> Your private keys are as secure as any private, encrypted piece of data that you might send out over the wire, so long as your devices are secure, that is.
Except that long time ago, when device keys didn't even exist, there was a feature on Keybase website that allowed to upload a PGP private key encrypted only by your account password (which was never transmitted to Keybase in plaintext though – it was scrypted in browser when logging in, too – but this still means your private key was as secure as your password, which isn't a good practice in my opinion).
To be fair, you also have to trust native apps and browser extensions the same way. But with websites, the risk of a sudden and targeted (not noticed by the general public) update is much greater!
And the client is open source, which iirc includes being built by distribution's maintainers/build servers instead of Keybase.io.
scrape all those social media posts, reddit subs, etc. and you've probably got a solid idea of who that user is. all under the guise of public FLOSS stuff.
you mean... to help you sort out your false advertising.
I just pulled a random page from Dec 25 of 2019 from internet archive where the site says this:
https://d.pr/i/w3Ac0f
Meet securely End-to-end encryption for all meetings, role-based user security, password protection, waiting rooms, and place attendee on hold.
https://web.archive.org/web/20191225055029/https://zoom.us/m...
Fake it til you make it?
> Zoom has not and will not build a mechanism to decrypt live meetings for lawful intercept purposes.
> We also do not have a means to insert our employees or others into meetings without being reflected in the participant list. We will not build any cryptographic backdoors to allow for the secret monitoring of meetings.
One court + gag order and all of these promises are out the window.
warrant canaries must be written in the past tense. This is future tense. So they can monitor millions of calls, and give your information away at every second. This text only tells you about the next second (a promise they will break too, but then the text will be about the next second)
That seems to include past tense.
“...will not build a mechanism to decrypt live meetings...”
So, this means that they can record meetings, then retroactively decrypt and monitor meeting contents :)
IANAL, but I'm reasonably confident that it does not.
[1] - https://www.eff.org/issues/calea
What do you expect them to do? Hire a PMC and fight a war with the police when they come around to raid the server room? Go into hiding so that the security agency can't steal the upgrade signing key from them?
We can't expect all of the internet to operate like Wikileaks and The Pirate Bay. If the justice system is broken, then the people aren't safe.
No, we want them to assume the same thing we are assuming. That if their service becomes successful, they will be coerced to compromise their users, regardless of how frequently they promise that they would never do so.
If they are even bothering to make public announcements like this, then that means they believe the security of their system can be founded on the honor of their employees. It's important to recognize that this isn't even true if you assume every member of their team is an uncorruptible seraphim.
Instead, where possible, the service should be zero knowledge, where not possible, it should be considered insecure.
Why not? That's just what it takes.
> If the justice system is broken, then the people aren't safe.
It is, and they are. After 50 years under the heel of the war on drugs, how is it not 100% obvious?
These kinds of statements are typically most usefully interpreted as a template for the kinds of things they plan to do, just maybe not exactly in that way.
Attention people starting businesses: VC funding is fun and all, but please, have a business model. Your users and employees depend on it.
So perhaps better advice is, start a business even if you don’t have a plan and someone may buy it anyway.
A better world for your personal pocketbook maybe, but certainly a worse world for the rest of us. I wouldn't characterize that as "better" in any general sense.
The sad thing is that you need to remind people of it. I would never start a business without an idea of a viable business model for it. What do they expect? Growing until they are too large to fail and then ... Godot arrives and everything is fine?
I don't have much respect for zoom's security practices, while I do have much respect for the keybase team.
Perhaps this is Zoom's way of admitting that there is no way they can just solve the problem internally by keeping doing what they're doing and they need to get some fresh blood and build upon good practices designed outside their current culture.
Public perception of zoom/security is "beyond horrible", thus visibly spending lots of money on an acquisition of a very well respected name in security helps them polish that image at least a little.
And who knows, maybe they'll even work on actually improving security. Always the hopeless romantic/optimist, me. ¯\_(ツ)_/¯
I'd say you overestimate that. Perhaps 0.01% of the public knows that Keybase exists and has a bad opinion of Zoom security. Expert's opinion is important, but does not automatically become general perception.
(Anecdatum, I'm far from a security expert. I know that Keybase exists, even have an unused account; I use Zoom for work and don't blame them for not locking up tighter. Their blog post on the topic sounded reasonable to me.)
This is true, but perhaps a bit short-sighted. Expert opinion on Zoom is "avoid it like the plague". This does not automatically become general perception, true, but:
- Over time, expert opinions have a marked effect on adoption by non-experts in their vicinity. See the adoption of Firefox, or Google Chrome, for example.
- For a social networking platform, powerful well-connected never-adopters can pose a problem both to growth and to a budding monopoly. If CIOs and CISOs say, "Zoom over my dead body", that will tend to discourage adoption and encourage development of good alternatives.
Hiring consultants may be perceived like starting an investigation, not getting the fix now.
The question remains how soon and how true this will translate to the stated goal of true end to end encryption.
Nope. Once a pariah, always a pariah.
TLS is there to break sessions that would work under TCP. GPG is there to tell you to discard some mail.
But I do think that company values do change.
Zoom is getting the shining light of attention globally. Even human beings, in these situations, start to act more conscientiously, and then believe their own morality after the fact!
I believe the keybase acquisition demonstrates this a bit - because they will get zero public goodwill from this - nobody on Main St. knows are cares what Keybase is, this won't be on CNN so they are probably very much trying to make things better.
Owners of the company want money - now they are popular, they have to behave well to get that money. Wanting money usually transcends everything else including loyalty to state. A Chinese CEO with a popular Western product is going to realize that if his customers are way for CCP grabbing their data, it's a problem to his business. He doesn't want CCP snooping and one of the better ways to do that is to have better encryption as well.
Doing slightly suspicious things doesn't matter if nobody is watching and therefore nobody cares, now that people care ... it matters. Just as a matter of pragmatism.
Source: https://en.wikipedia.org/wiki/Eric_Yuan
They prioritized ease of use above all to get adoption before. This is appalling to me, but I believe they are seeing enough pressure to change course. It’s believable to me that they would intend to as they have already captured much of the consumer (non-B2B) market mind share and can afford to invest in this area.
Will I be using it now? Still a no. Maybe I’m time though.
Call my cynical, but "hiring" a bunch of infosec celebrities and critics as part-time consultants or contractors should be considered nothing but a (brilliant and silencing) PR move until the day that product updates and analyses reveal otherwise.
The product (and their poor installer practice) has been updated several times in the past few months alone, and each move has made Zoom a more secure product, with the vast majority of the hubbub having been addressed. So are you simply ignoring that, or are you setting your own personal goalposts?
Frankly, I don’t care if it does or not. I was just providing some visible signs of investment.
That's an intepretation you're choosing to make.
For evidence that they've changed their focus you can see their April 1 blog post[1] and the weekly video AMAs they do that are summarised in their "90-Day Security Plan Progress Report" blog posts.[2]
They're making a lot of progress.
The Keybase acquisition is about building out a strong security team that will help them implement end-to-end encryption in 1,000 person meetings, which currently isn't possible anywhere.[3]
[1] https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-u... [2] https://blog.zoom.us/wordpress/category/announcements/ [3] https://twitter.com/alexstamos/status/1258405729720918016
“Stove is hot, be careful before touching it.”
“Microsoft sexually discriminated in executive hires because ‘women will get pregnant and quit’, stifled completion in multiple categories, expected free overtime or you’d be stack-ranked out of a job. Be careful before trusting.”
Ultimately, an organization's policies are a reflection of the policies of its leaders. The bigger the organization, the more leaders have to change before the organization itself can truly change. It's much more likely that those who change just move on to another organization instead.
Besides, the end-to-end encryption incident wasn't a "mistake". Zoom's response was to say that their definition of end-to-end was just different from everyone else's. They clearly knew exactly what they were doing.
Zoom can change, but given their size and past I want more than a corporate apology and pinky swear before I trust them. They are making plenty of money and aren't going anywhere. There's plenty of time for them to earn my trust. However, they haven't yet earned enough of my trust to make me comfortable with this acquisition.
I've seen this turn out for the best literally one time, and that was Microsoft.
All the other times the bad company just continues its horrible slide into madness. It doesn't die either, just silently keeps churning out billions of dollars of shareholder value.
They are just very good at putting a dusting of Open Source sugar on things.
The book "The Power of Habit" has some good examples of large organizations changing course.
Leopards can't change their spots.
This phrasing is sophistry: there has never been an "era" where this was not true. Humans suck; humans have never not sucked.
If Zoom is acquiring Keybase because the C-suite is pivoting culture around security, then it'll probably work. Otherwise, not much will change. So until I see more evidence that Zoom's upper management had a change of heart (creating a CISO council is a good start), I'm going to be skeptical that this will actually move the needle.
I don't trust Zoom to be custodians of the Keybase company or software. This has been a real blow to my confidence in them and I'm not sure I'll continue to use Keybase :(
The disappointment comes from the loss of Keybase and what it could have been.
The main problem is Zoom having most of its development done via companies based in China. This means it is no longer possible for Keybase to achieve its original goal (and whatever encryption they add cannot fix this core problem).
It's one thing to accept the risk for video conferencing, but it's another to accept for an encryption ID standard.
I agreed with Chris Coyne's comments on HN a while back when he argued that the closed source server code didn't matter because of how they handled the encryption (when compared to Signal). While that's still true from a technical security standpoint, it looks like it does matter in a larger sense because this kind of sale shows that you can't really trust a company to act in its user's interests long-term.
Isn't this just all inevitable? Aren't all these startups just lining up all in the hopes just to get acquired?
I guess when we see VC Funded™ on any startup what it _really means_ is that:
"We are prioritising a return for our investors even if it means violating our mission statement".
https://en.wikipedia.org/wiki/Decentralized_autonomous_organ...
What is more 'fun'? USD in bank account, USD as cash, DAO, or gold? I would think those are monotonically decreasing in 'fun'-ness. "Actual" money is not a good word for printable items of arbitrary scarcity. Not arguing for or against GP, just saying.
[1] https://en.wikipedia.org/wiki/Private_company_limited_by_gua...
I guess most founders are really just motivated by the pot of gold at the end of the rainbow :/
Even Mozilla Foundation [2] was spun off from Netscape, and heavily supported by AOL in its early years.
[1] https://www.effectivealtruism.org/articles/why-nonprofits-sh...
[2] https://en.wikipedia.org/wiki/Mozilla_Foundation#History
So either you're self-sustaining and are in it for the long haul, or you're looking to get acquired.
For example, if it was optional to connect to the Keybase network to begin with.
Imagine a keybase-type app that is built on web of trust rather than centralized servers.
An open source social identity attestation layer that people can operate and federate. Now that sounds cool!
Hard agree! Let me know what you think of this project Iris. I know it's still early, but the plan is sound imo https://github.com/irislib/iris
This outcome is almost certainly seen as a failure by the VCs. It looks like an acquihire. If so, it's quite possible that the VCs didn't even get their money back. Acquihires generally do not return money to VCs -- obviously, given that the employees are free to work anywhere, the acquirer's interest is in paying as much as possible to the employees and as little as possible to the now-worthless acquired company.
It's likely the employees are the ones benefiting most from this outcome, in that their pay has probably gone up considerably and they are no longer nervous about their job security, after many years of high stress and low pay.
It's possible the VCs were even offering some more cash to keep going, but at unfavorable terms, and the team said: "No, we'd rather take the big paychecks from Zoom."
Given Keybase has only had one funding round (according to crunchbase), the founders certainly still had a controlling stake in the company and the VCs couldn't force them to sell or not sell.
You can blame VCs for a lot of things but this kind of outcome is just not one of them (except insofar as that it allowed a company with little viable business strategy to exist in the first place).
(I am the founder of a failed startup. We had multiple "acquihire" offers, none of which offered any money back to investors.)
You really want to lock down some strategic IP that stands in the path of a behemoth and hope they'll want to aquire it under their growth goals or attempts to stomp out potential competitors (by throwing money at them and not through litigation or other paths). The big boys win because they buy out proven effective solutions/IP and models while failed startups eat the market high-risk exploratory costs.
For me personally, this is of course worrying news. I'll suspect that Keybase will die a rather quick death, as most of it's users are security minded that wouldn't ever trust Zoom.
> What the Keybase team will be doing
> Initially, our single top priority is helping to make Zoom even more secure. There are no specific plans for the Keybase app yet. Ultimately Keybase's future is in Zoom's hands, and we'll see where that takes us. Of course, if anything changes about Keybase’s availability, our users will get plenty of notice.
> So, our shortest-term directive is to significantly improve our security effectiveness, by working on a product that's that much bigger than Keybase. We can't be more specific than that, because we're just diving in.
So, yup, keybase is dead.
A lot of people will stop developing integrations for Keybase because of this. It's sad.
The post is actually refreshingly honest that keybase is now abandoned and will probably die at some point.
The idea that companies were stupid enough to place their internal identity on some random 3rd party is so incredibly stupid that it’s hard to feel too bad for anyone.
Congrats Keybase!
I miss the days when businesses existed not just to serve investors but also their employees and the common good. It's like a 1%-er meta profit model where the actual business is in buying and selling the business and the core business is really just a temporary front that is designed to never make a profit, just create fancy looking charts and eventually bait and switch consumers when it is sold to the highest bidder and the employees all eventually lose their jobs.
One day, VC funding will either be illegal or required. considering the flow of money in this exchange, I'm betting on the second.
Uh when was this? For-profit businesses have always been created for the primary purpose of making money. Any side effect like employee well being happened to coincide with what maximized profits at the time or due to regulation.
I'm a big fan of business and entrepreneurship, but let's be clear here: there is a reason we invented government. There was never a time when we could 100% count on the beneficence of business leaders to advance social goals.
Edit to add: I'm not trying to demonize all business leaders here. There are some bad actors, but even business leaders who desire to do well have to succeed in the marketplace--even against bad actors. Unfortunately, doing bad things in business often confers the benefit of lowering costs, which is a competitive advantage. This is a known structural issue with a marketplace economy and why we need more than just business to have a good society.
So really, it's not that "there are some bad actors", but that "the system strongly encourages businesses to install these so-called bad actors as their leaders". I agree with you, that we need strong government labor regulations to counter this mentality, but this mentality is why these regulations have deteriorated over the past 50 years.
I'm sorry, but this is just not true. If it was legally mandated, then the Costco CEO would not have been able to resist such shareholder demands. Your example proves the opposite of what you think it does.
Nothing has changed in the legal structure of corporate governance since 1970. Do you think that investors never demanded greater returns from business leaders prior to 1970?
They can still demand all they want, but the law remains clear today that corporate directors and managers have the power to run the business as they see fit, and shareholders' sole remedy for their disappointment, in the absence of outright fraud or gross negligence, is to sell their stock.
In February 2014, Tim Cook was the CEO of one of the most valuable companies in the world. At Apple's shareholder meeting, he directly told his shareholders that he does not even consider ROI in some of his decisions. Legal consequences to Apple and Tim Cook for this statement? Zero. He's still CEO. Because there is no legal mandate to maximize corporate profits.
Honestly, by buying into this myth that the law changed in the 1970s, you're lending power to a fake idea that you seem to be opposed to. There is a group of people who wish such a mandate existed, and by acting like they're right, you're kind of helping them.
Business leaders might make anti-social decisions because they feel competitive pressure to succeed in a marketplace where customers are free to choose and are price-sensitive. That's not nearly the same thing as saying that corporate governance law forces them to make such decisions. It doesn't.
"All but" is handy phrasing if you're trying to create the impression that something you prefer is true. If you don't prefer it, I think that using that phrase is like shooting yourself in the foot rhetorically.
I think it's more constructive to point out that such a mandate does not exist (regardless of what some shareholders seem to believe), and there are good reasons it doesn't.
Kellogg also burned girls clitoris away because he was against masturbation. Other then he had incredibly toxic fights about the right to the IP and broke his relation with his brother. Clearly he didn't care about profits.
Also a single example doesn't prove that things were structurally different. There are tons of companies now that exist with different goals.
Here is a link that showed up in google for me when I tried to find support of this claim: https://www.washingtonpost.com/opinions/harold-meyerson-the-...
Literally they bought an army and took over India for money.
> cotton, silk, indigo dye, salt, spices, saltpetre, tea, and opium.
Surely access to those provides some benefit other than making money, which it also did for them.
Also worth noting that not every company is ... that one.
This is an utterly meaningless distinction. Money is fungible with all of those goods.
Anyway, if you want to go down that path you can easily conclude that literally any good or activity is just money, that you live a money-dominated life and we all exist for money all the time and while useful in some contexts I don't think it's particularly apt, but I hope you enjoy it.
In the grand context of life, no (despite the vast majority of large scale events that we learn about in history being usually a result of conflict over money/power) , but in the context of business, as this thread is, yes in a for-profit business literally every good and activity is about money.
Some businesses may choose to sacrifice money for things like employee well-being or community contribution, but that's a choice they make, or more likely are forced to make.
https://en.wikipedia.org/wiki/Shareholder_value
I think you need to read a little more history. People haven't changed their core nature in the past 40 years. Look at Carpetbaggers, the Triangle Shirtwaist company, and William Hearst for relatively recent examples. Further back you can look at The Dutch East India Company, the Knights Templar, and the various and sundry monopolies that have arisen throughout history.
People are driven to acquire capital initially to meet their own needs, then for power. There always have been people and groups of people who strive for the latter, not being satisfied with the former. Romanticizing long dead business owners may play well in movies and books, but it isn't reflective of human nature.
One day, revenue models will either be illegal or required. Considering the outflow of users in this exchange, I'm betting on the second.
Look up Joseph Rowntree[0]
[0] https://en.wikipedia.org/wiki/Joseph_Rowntree_(philanthropis...
"Yes, we sold our previous 2 businesses. But I want to point out that (1) neither of those sales ever hurt (and arguably both sales greatly helped) our users, (2) Keybase deserves special consideration which we are aware of, and (3) both Max and I are happy in a world where we never try to sell a company again, and only build things we like."
I feel silly for falling for it too. Even very wealthy people enjoy extra money.
I'd say, don't overestimate the tarnished reputation (= some news stories for a while, most didn't read or care about -- including corporate users).
And of course they wouldn't get into it in a press release/blog post for an unrelated to the issue acquisition! Doesn't make sense to sabotage themselves this way...
This seems like an extension of that. If anyone has thought a lot about multi-party encrypted communication it is the keybase folks.
I'm interested to know if you thought keybase doing the whole unsolicited Initial Coin Offering was a reputation tarnishing or polishing event for that company. (I'm circumspect about both of these outfits to be honest.)
Keybase seems like something that should be small, isolated, FOSS, supported by a foundation, etc. They could have built a business _around_ Keybase I'd imagine, but all they managed to do with this is invalidate Keybase and make people like myself, who feared their business motivations, feel vindicated for being paranoid.
I'll never blame anyone for wanting to make money, to make a business, etc. But if you make a product that walks talks and acts like a FOSS project, but keep it to center your business around... I'll always be longing for a real, true FOSS replacement.
In this case a good looking FOSS alternative came out a few months ago iirc. Though for the life of me I can't remember the name.
edit: https://keys.pub/ - though I will still miss KBFS
Arguably I think they agree with me, about the extensions at least. As seen by their seemingly random directions of feature extensions that Keybase was prone to. My issue is not that they chose random features to try to make profitable, but rather that the core premise, a public keystore, was tied so closely to a for profit company.
It would be like losing Git because Github went under. (Though, terrible example because Git works without a centralized repo, but it's just the first company <-> FOSS relationship that came to mind lol.)
Keybase was a centralized key storage with value-add services such as file storage and chat.
That was absolutely comparable to github, as you could've just gone back to manually syncing pubkeys and encrypting msgs. If github went away, you'd be without a lot of value-add services as well such as wiki, issues user management etc
Realistically speaking, nobody is going to do that... And tbh, it was already dead in the water when they added crypto currencies... Just took a while for their money to run out.
The actual difference is that there are enough competing products for github, not for keybase however, as that is just too niche
I don't see how Google's proprietary search engine or Facebook's proprietary interface to our social network rely on the broken window fallacy.
Would you mind elaborating?
Open source is famous for fostering a bunch of different approaches to the same problem, and slightly different forks of the same concept. That's the "bazaar" in the famous metaphor, as opposed to the "cathedral" of monolithic, hierarchical, linear proprietary development within a closed-source company.
"Everyone working on the same thing" only works well when there is broad agreement on what that thing should be, and strong governance to resolve disputes. National highway systems, militaries, and power grids are good examples.
I don't think search engines are a good example of where this would work; it's not clear in advance what will make a given search engine better. Thus we benefit from a variety of competing approaches, essentially to expand the space in which we're searching for the optimum.
Also, the broken window thing asserts that small amounts of criminal activity lead to larger amounts of criminal activity via signaling that being bad or neglectful is OK, which is both not proven and irrelevant to software writers being prone to reinvent the wheel for whatever reasons they have.
I think you would be right about the greater good being served by everyone being aligned on the same search engine ONLY IF we understood search engines so well that we knew there to be only one mathematically optimal way to build search engines.
Since we don't understand search engines that well, there is a LOT of value in the exploration over the space of search engines that these different companies represent.
The broken window fallacy argument is that those speaking of the benefits of the broken window are mistaking maintenance cost for generated value. That doesn't seem to be the case here. This is society implicitly investing in exploration over exploitation.
However they would still be able to borrow good bits from each other and gain insight on how things could be done differently, so arguably the end result would be a win. From a technical standpoint that is -I think where it gets messy is when we try to factor in the business implications.
> It is not seen that as our shopkeeper has spent six francs upon one thing, he cannot spend them upon another. It is not seen that if he had not had a window to replace, he would, perhaps, have replaced his old shoes, or added another book to his library. In short, he would have employed his six francs in some way, which this accident has prevented.[1]
Capitalism is about acquiring capital, i.e. money. There's no such evidence that people with money actually spend it in ways other than investment, and the sole purpose of that isn't to donate to companies that need it, it's to profit off it and essentially hoard more capital. Sure, poor people with either very little or no capital spend that capital on necessities, and thus drive the economy, but there's no evidence that people with large amounts of capital spend that on anything at all, there's more evidence that they hoard it and seek only to acquire more capital. The entire system is built to favour those people.
If you have to pay to replace a window that should have lasted, say, ten more years, that's money you now cannot spend on improving your factory somehow.
It is still economic activity (and the glazier doesn't mind the work) but it's remedial rather than generative. (The glazier that repairs the window could have been installing a new one in a new factory, eh?)
EDIT: It looks like it might, from the front page, I will try it out to make sure. If it does, that'll be great!
EDIT 2: It sort of does, but it's on a per-key basis, not an entire identity. You can publish proof on Twitter/Github/whatever, but it's only for one specific key, and it's one key per service, which means you can't only have one identity and multiple services.
And even if retention wasn't a problem at all, skilled people are not inherently skilled, they need to keep challenging themselves in their area of expertise to stay sharp. If the "home" product was failing to foster in-house expertise before then chances are high that it's a problem based on culture and priorities and experts injected from outside would quickly lose their edge. Keep them on the project they became experts on and they stay experts.
I wouldn’t quit my job (and I’m not looking anyway), but there’s plenty of hiring going on.
People went to work for this company based on the domain, the people, or the culture. With the acquihire they change the domain first, and the culture about a year in. Then the people start to leave, and it's just a job, and one you didn't even apply for.
On my worst days it felt like I was sold like cattle, and I would have seen more upside by hiring on someplace else.
I believe it's only enabled for a few distros though
I can't think of a single instance where acquisition of a smaller company like this resulted in an improved version of the original product. How many of us are running RHL? Skype is now close to Microsoft spyware that's impossible to remove from a Windows installation. Facebook purchasing Whatsapp, another service that formerly stressed encryption, resulted in things like plaintext backups of your texts on Facebook servers being aggressively promoted as soon as you loaded the app.
It's pretty much always cheaper to gut the original product, ignore the problems with your software, and enjoy the enhanced price of your shares while effectively spending no more money than you had for the original acquisition. As far as I can tell, Keybase has never had a business model or constant source of revenue.
Ia that the case? AFAIK WhatsApp gained proper end to end encryption after being bought by Facebook and pushes for backups to Google (and maybe iCloud?) servers.
Wikipedia writes:
> WhatsApp was initially criticized for its lack of encryption, sending information as plaintext. Encryption was first added in May 2012. In 2016, WhatsApp was widely praised for the addition of end-to-end encryption
https://en.wikipedia.org/wiki/WhatsApp
Long term it ended up pretty good, with Koum and Acton taking their acquisition money bags and pouring them into FOSS projects like FreeBSD and the Signal Foundation. Maybe malgorithms will do the same.
https://en.wikipedia.org/wiki/Timeline_of_WhatsApp
> pushes for backups to Google (and maybe iCloud?) servers.
Yeah, I was incorrect. They backup to Google servers. Not sure if that's better or worse. :)
Since then, FB has offered willingness to cooperate with foreign governments to break encryption. I guess we will see what happens with the EARN IT Act.
https://www.bloomberg.com/news/articles/2019-09-28/facebook-...
RHL might be a bad example too, since Fedora is still pretty prominent, even if not often used compared to debian or debian-based distros these days.
If.
They're not the only ones though, this is what most companies call "on any device".
Screen sharing only works on Xorg, and screen scaling doesn't work (so it's super blurry on hidpi).
I've never seen that thumbnail window either -- though I don complain on that item, I prefer not having something like that.
And depends on iBus which breaks keyboard input for me.
> Zoom needs people who know how to make modern client software
It's the best video client available on Windows / Mac and works acceptably on Linux, what exactly needs to be more "modern" about it? Slack's video call thing is way less featureful, and Teams is still the abortion that is Lync / Skype for Business under the hood which is and always will be shit-tier.
> chat
I don't want my video app to be my chat app. There's any number of reasons why separation there is a good thing. I can start a Zoom call from Slack in 1 second, what more do I really need on that front?
Now, why Canonical decided to go off and write Mir instead of collaborating on Wayland development, I have no idea.
Plenty of people use this all the time. It's probably the single best thing about X.
Since these were also pretty much the only people who were putting effort into maintaining X, I think it's reasonable that they decided to replace it instead.
The history of X is a history of forks. But we've not seen another X fork appear to compete against Wayland. Instead we see the people who are writing Wayland continuing to retrofit the new technologies they're able to bring back, back to X.
Unless you begin to accept investors money who want an exponential growth at all cost. But if that’s what you want as an investor, no idea why you would invest in Keybase.
Well, shit.
Keybase had an amazing potential. I use it every day to ad-hoc securely share/store stuff. It will be sad to see it wither even more than it has. :(
Not exactly. The clients are open source, but the central server isn't. See https://github.com/keybase/client/issues/6374. It might be possible to reverse engineer the server, but it would be a lot more involved than just forking the project.
A shame, it seemed to work really well. Maybe Zoom will be willing to take my money to be a DropBox end-to-end encrypted cloud sync service instead, they seem to be fairly on the ball with responding to complaints and that they decided it was worth buying Keybase to improve their service maybe they'll come out alright.
Wishful thinking maybe =)
So imagine being able to add user@domainA.com, user@domainB.com, and name@nonprofitname.org to cool-dev-group and them being to instantly be able to access the relevant chat rooms, git repos, shared folders, etc. If password/secret management had been added, then access to that too could have been allowed. If SSO/Oauth had been added, then any service could be covered by this sort of role-based-access-control-for-anyone.
So no user has been created, they're using their existing identity to access new resources. With some extra coding, triggers and events could have been added to do things like auto-sign public keys.
Wow, this means that keybase stuff thinks that Zoom is secure already. Zoom should have hired people who don't think that way.
Their original purpose — tying identities to keys — could have been a nice small non-profit. But there aren't fortunes to be made from managing GPG keys, so they had to pivot into shark jumping.
https://pgp.mit.edu/pks/lookup?search=Satoshi+Nakamoto&op=in...
Not to mention it's notoriously slow and has been shown to be an insecure method of distributing keys (due to the fact that anybody can upload any key).
The whole point is that you don't just use it to upload a key. You link various verified identifies of yours across the web to your Keybase account so people know the PGP key there is the one of the verified person. It's a way to tie all your verified identifies together.
If someone would manage to compromise a bunch of identities of someone on the internet, and then create a Keybase account with them and then upload a compromised PGP key that would be a problem if you don't verify the key. But that's a bit of a stretch.
My real wish is that keybase supported ssh keys and would provide them as an agent.
I do agree on the ssh key feature being nice, and, here's a link: https://keybase.io/blog/keybase-ssh-ca You could also just use the keybase file system to keep ssh keys around.
PGP sucks.
PGP (GnuPG at least) is lightweight. I don't need an Electron dependency or a multi-megabyte chat room in the same application (address space too?) that supposedly keeps my private keys safe.
PGP is spoken by everyone, every programming language, having implementations on even ancient operating systems and architectures. Every email client worth its salt can use PGP. Emacs can decrypt and encrypt GnuPG-encrypted files seamlessly; other editors have plugins to do the same.
Even when they do use it, it’s easy to mess up.
The biggest flaw though is that in person key signing parties were never a viable or realistic thing for identity verification and web of trust based on that works poorly as a result. The use of multiple signed public social media accounts for identity instead as a way to fix this was Keybase’s main innovation.
For UX, even Snowden couldn’t get Greenwald to set up PGP and after multiple attempts Snowden eventually gave up and tried Laura Poitras with better results, the burden on the user is too high.
[0] https://moxie.org/blog/gpg-and-me/
See https://keys.openpgp.org/about for why.
However, after playing with it, checking out their board of directors, and deconstructing their app design, their vision is not really "cloud storage", at least, not the way we typically think of it.
Their long-term mission is preserving a digital legacy, oriented around relationships, families, and organizations. You don't use permanent.org to store things in the cloud that people normally think as "cloud storage", not for the day-to-day stuff. The kind of things you want to store in there are the things you want the world and your descendents to have access to after you die. They won't have to (directly) pay upkeep to keep that legacy preserved. I think that is convincing enough for me to see it as a critical piece of free and open web, even if this doesn't seem obviously connected to the idea of preserving a legacy.
For example, an indie musician wouldn't have to rely on SoundCloud to keep their recorded music around. SoundCloud is not in the business of preserving the creative work; they are in the business of aggregating users and they use user content to do it. Placing those music files in permanent.org has a much better shot of preserving that creative legacy for future generations than leaving it on SoundCloud.