Zoom has acquired Keybase

ben profile image Ben Halpern ・1 min read

Techcrunch: Zoom acquires Keybase to get end-to-end encryption expertise

Keybase never really developed an actual business model from what I can tell, so this is not all that surprising in some ways.

This seems like it must be a direct response to the very public security issues they've had. It's rare you see such direct cause and effect with this kind of thing.

About Zoom's issues...


Editor guide

This is kinda depressing. I liked Keybase for their social proofs and the features they did have were pretty nice.


Odds of someone else coming along to build on some of their ideas?


Some people already are: keys.pub/#install

Could be an application for something like 0bin.net/paste/FuAS3IdRoFs8p-CT#wP....

This link will expire in 24 hours due to the sensitivity of the technology discussed.

DM me with your public key if interested.


We shall see. Their client was open source, but the backend wasn’t.

I haven’t seen anything else in the open source community that uses social proofs, though in theory it shouldn’t be too hard to do.


I think it is great to see Zoom investing more on security.

I am quite surprised to see many people reacted as if scrypt, Salsa 20, AES (which forms Keybase’s TripleSec) has been simultaneously cracked the moment the acquisition was announced and the encrypted keys are no longer safe and suddenly reverted to plain text.

I don’t think Zoom has any malicious intent (I think recent security news more likely has to do with negligence rather than malice).

I don’t think I need to delete my Keybase account, because although I don’t necessarily trust the company, maybe I can trust their algorithm.


It's not that I'm worried about my keys, if I was truly paranoid, I wouldn't upload the private keys to keybase. I just have no faith that Zoom will keep Keybase around, so I would start moving off of the platform because it will likely cease to exist in the near future, not because I think there's any malicious intent by Zoom.


These are exactly my thoughts too. Keybase encryption is built on sound principles, it would be hard to break that. I'll wait and see if I need to move off of it.


The question is what the new parent company (Zoom) intends to do.
They might want to absorb Kaybase strong encryption and social proof features. That would be good.
On the other hand, they could make Keybase weaker, which would be not good.


I'm definitely skeptical that this is good for keybase's core product. Zoom is drowning in money and growth from their core video conferencing product right now and really behind on security issues.

I think a public acquisition of a security/privacy oriented startup is as much about PR as anything. Maybe they don't even need keybase. I kind of get the sense that they're a pawn in a bigger chess game.


Yeah, totally agree with you. I guess Keybase is gonna be shutdown.


It's sad. I used Keybase. I liked the product. But Im not sure if they were getting the traction needed either.


Zoom has been very aggressively investing in security after the scandals. They have hired Trial of Bits and some others to do a full security audit, and now this. Since Zoom will definitely become more integrated into more people's lives, I very much look forward to the improvements they will make.

We can be cynical all we want, but I keep being reminded that good people vastly outnumber bad ones. There was much pessimism when Microsoft acquired GitHub, but now we've got GitHub-wide CodeQL analysis! Without GNU we'd not have open source and GitHub in the first place, but without Microsoft we'd not benefit from open source as much, either.


And I keep being reminded that nice herds of good, ordinary, credulous people are vastly out-manipulated by bad ones.


According to former Facebook's CSO Alex Stamos (who's now consulting for Zoom), they plan to add end to end encryption for all paid users:

“The truth is that what Zoom wants to do with end-to-end encryption, nobody’s really done, so there’s no product that you could just slap onto Zoom to turn it into key encryption. That’s going to have to be thought out from the beginning for the specific needs of an enterprise,” Stamos told TechCrunch.

He says that the first goal is to come up with a more highly secure version of Zoom meetings with end-to-end encryption enabled. At least initially, this will only be available for people using the Zoom client or Zoom-enabled hardware. You won’t be able to encrypt someone calling in, for instance.

As for folks who may be worried about Keybase being owned by Zoom, Stamos says, “The whole point of the Keybase design is that you don’t have to trust who owns their servers.”

from techcrunch.com/2020/05/07/zoom-con...

I'm personally lukewarm about Keybase (the company) due to some choices they made in the past:

the intrusive behavior, and harassment even, has only escalated. and then, of course, keybase adds cryptocurrency to the equation, which only drew in more strangers with unsavory social behaviors.

from jenngineering.glitch.me/hello-worl...


I was reading their blog post last night. It's full of all the standard things, like how they're a great fit and they wouldn't normally do something like that except it was a great opportunity and they won't abandon their values.

I've heard all that before somewhere... where was it? Yeah, I think it was every company that ever got bought out.

Keybase was heading that way with the cryptocurrency thing already I guess.


Filed under Our Incredible Journey.

Vene in pacem, requiescat in pacem.

These guys have a history of selling out.


This is extremely depressing. I’m going to delete my Keybase account.


but give a chance and wait to see how it's going. This was the same thought when MS acquired Github but now the service is even more good.


Heard that they are planning on moving Keybase to there Enterprise offering vi aTechCrunch, poor keybase..


👎 is all that I can say about this. I have zero trust in Zoom as a company, and thus this will not bode well for keybase. It basically became terminal.


This was always coming for keybase


Seems like Zoom has been the biggest winner from lockdown-case.


No way! Not cool at all.


FYI Zoom says the product update (for Zoom) that includes encryption will be a paid product, which most likely means they'll be shutting down Keybase.


Well I hope they won’t absorb and then abandon it... I really like the social proofing part and has a lot of potential. I guess time will tell.


Works a little both ways. Personally, I found out about Keybase through these news.

Now, if Zoom won't screw up Keybase then seems like a good deal.