Zoom was supposed to deliver a transparency report about governments demanding user data. They didn't. These are the folks who now own your encryption keys.
@yarmo There's a dead canary in your coal mine.
@danuker that's a mental picture I need on paper!
@yarmo what encryption keys? Isn't keybase supposed to be trustless end-to-end encrypted? You never know anyway being the software closed source.
@xorman to get full benefit of keybase, you need to upload your private key to them, otherwise, no decryption, no signing, no identity proofs.
Remember that you as a person can decrypt very private messages with that key. And keybase has that exact key on their proprietary server. That is a risk you really need to think about.
I once had an account, I only uploaded public keys. Functionality was limited due to it.
@yarmo LOL what a joke of a security model. I wonder why the crypto community adopted it.
@xorman the community has been demanding open source servers and keybase refuses. Now with the zoom acquihire, no reason to trust the service at all anymore
@yarmo keybase is just a vague memory to me. Left as soon as the news broke.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.