DEV Community

loading...

Zoom has acquired Keybase

ben profile image Ben Halpern ・1 min read

Techcrunch: Zoom acquires Keybase to get end-to-end encryption expertise

Keybase never really developed an actual business model from what I can tell, so this is not all that surprising in some ways.

This seems like it must be a direct response to the very public security issues they've had. It's rare you see such direct cause and effect with this kind of thing.

About Zoom's issues...

Discussion (29)

pic
Editor guide
Collapse
just_insane profile image
Justin Gauthier

This is kinda depressing. I liked Keybase for their social proofs and the features they did have were pretty nice.

Collapse
ben profile image
Ben Halpern Author

Odds of someone else coming along to build on some of their ideas?

Collapse
jdoss profile image
Joe Doss

Some people already are: keys.pub/#install

Thread Thread
v6 profile image
🦄N B🛡

Could be an application for something like 0bin.net/paste/FuAS3IdRoFs8p-CT#wP....

This link will expire in 24 hours due to the sensitivity of the technology discussed.

DM me with your public key if interested.

Collapse
just_insane profile image
Justin Gauthier

We shall see. Their client was open source, but the backend wasn’t.

I haven’t seen anything else in the open source community that uses social proofs, though in theory it shouldn’t be too hard to do.

Collapse
dtinth profile image
Thai Pangsakulyanont • Edited

I think it is great to see Zoom investing more on security.

I am quite surprised to see many people reacted as if scrypt, Salsa 20, AES (which forms Keybase’s TripleSec) has been simultaneously cracked the moment the acquisition was announced and the encrypted keys are no longer safe and suddenly reverted to plain text.

I don’t think Zoom has any malicious intent (I think recent security news more likely has to do with negligence rather than malice).

I don’t think I need to delete my Keybase account, because although I don’t necessarily trust the company, maybe I can trust their algorithm.

Collapse
chiefnoah profile image
Noah Pederson

It's not that I'm worried about my keys, if I was truly paranoid, I wouldn't upload the private keys to keybase. I just have no faith that Zoom will keep Keybase around, so I would start moving off of the platform because it will likely cease to exist in the near future, not because I think there's any malicious intent by Zoom.

Collapse
mrrcollins profile image
Ryan Collins

These are exactly my thoughts too. Keybase encryption is built on sound principles, it would be hard to break that. I'll wait and see if I need to move off of it.

Collapse
nicolasini profile image
Nico S___

The question is what the new parent company (Zoom) intends to do.
They might want to absorb Kaybase strong encryption and social proof features. That would be good.
On the other hand, they could make Keybase weaker, which would be not good.

Collapse
ben profile image
Ben Halpern Author

I'm definitely skeptical that this is good for keybase's core product. Zoom is drowning in money and growth from their core video conferencing product right now and really behind on security issues.

I think a public acquisition of a security/privacy oriented startup is as much about PR as anything. Maybe they don't even need keybase. I kind of get the sense that they're a pawn in a bigger chess game.

Collapse
carloslfu profile image
Carlos Galarza

Yeah, totally agree with you. I guess Keybase is gonna be shutdown.

Thread Thread
carloslfu profile image
Carlos Galarza

or abandoned.

Collapse
nicolasini profile image
Nico S___

It's sad. I used Keybase. I liked the product. But Im not sure if they were getting the traction needed either.

Collapse
louy2 profile image
Yufan Lou

Zoom has been very aggressively investing in security after the scandals. They have hired Trial of Bits and some others to do a full security audit, and now this. Since Zoom will definitely become more integrated into more people's lives, I very much look forward to the improvements they will make.

We can be cynical all we want, but I keep being reminded that good people vastly outnumber bad ones. There was much pessimism when Microsoft acquired GitHub, but now we've got GitHub-wide CodeQL analysis! Without GNU we'd not have open source and GitHub in the first place, but without Microsoft we'd not benefit from open source as much, either.

Collapse
v6 profile image
🦄N B🛡

And I keep being reminded that nice herds of good, ordinary, credulous people are vastly out-manipulated by bad ones.

Collapse
rhymes profile image
rhymes • Edited

According to former Facebook's CSO Alex Stamos (who's now consulting for Zoom), they plan to add end to end encryption for all paid users:

“The truth is that what Zoom wants to do with end-to-end encryption, nobody’s really done, so there’s no product that you could just slap onto Zoom to turn it into key encryption. That’s going to have to be thought out from the beginning for the specific needs of an enterprise,” Stamos told TechCrunch.

He says that the first goal is to come up with a more highly secure version of Zoom meetings with end-to-end encryption enabled. At least initially, this will only be available for people using the Zoom client or Zoom-enabled hardware. You won’t be able to encrypt someone calling in, for instance.

As for folks who may be worried about Keybase being owned by Zoom, Stamos says, “The whole point of the Keybase design is that you don’t have to trust who owns their servers.”

from techcrunch.com/2020/05/07/zoom-con...

I'm personally lukewarm about Keybase (the company) due to some choices they made in the past:

the intrusive behavior, and harassment even, has only escalated. and then, of course, keybase adds cryptocurrency to the equation, which only drew in more strangers with unsavory social behaviors.

from jenngineering.glitch.me/hello-worl...

Collapse
moopet profile image
Ben Sinclair • Edited

I was reading their blog post last night. It's full of all the standard things, like how they're a great fit and they wouldn't normally do something like that except it was a great opportunity and they won't abandon their values.

I've heard all that before somewhere... where was it? Yeah, I think it was every company that ever got bought out.

Keybase was heading that way with the cryptocurrency thing already I guess.

Collapse
v6 profile image
🦄N B🛡 • Edited

Filed under Our Incredible Journey.

Vene in pacem, requiescat in pacem.

These guys have a history of selling out.

Collapse
ender_minyard profile image
ender minyard

This is extremely depressing. I’m going to delete my Keybase account.

Collapse
simo97 profile image
ADONIS SIMO

but give a chance and wait to see how it's going. This was the same thought when MS acquired Github but now the service is even more good.

Collapse
bscott profile image
Brian Scott

Heard that they are planning on moving Keybase to there Enterprise offering vi aTechCrunch, poor keybase..

Collapse
n3u2o profile image
N3U2O

W T F O _ O

Collapse
elmuerte profile image
Michiel Hendriks • Edited

👎 is all that I can say about this. I have zero trust in Zoom as a company, and thus this will not bode well for keybase. It basically became terminal.

Collapse
topitguy profile image
Pankaj Sharma

This was always coming for keybase

Collapse
madza profile image
Madza

Seems like Zoom has been the biggest winner from lockdown-case.

Collapse
emtr0 profile image
Mauricio E.T.

No way! Not cool at all.

Collapse
emtr0 profile image
Mauricio E.T.

FYI Zoom says the product update (for Zoom) that includes encryption will be a paid product, which most likely means they'll be shutting down Keybase.

Collapse
dannysteenman profile image
Danny Steenman

Well I hope they won’t absorb and then abandon it... I really like the social proofing part and has a lot of potential. I guess time will tell.

Collapse
gerka profile image
German Bidzilja

Works a little both ways. Personally, I found out about Keybase through these news.

Now, if Zoom won't screw up Keybase then seems like a good deal.