
Keybase 4.0 - tosh
https://github.com/keybase/client/releases/tag/v4.0.0
======
kevinherron
Keybase is a really cool solution to a problem (or problems?) I don't seem to
have.

I've had an account for a while but don't really have any reason to use it.

Seems like they're pivoting towards being a Slack competitor. Maybe if they
open sourced the server portion it could be a chat solution that OSS projects
can feel okay about using.

~~~
ahnick
Keybase is a great way to do company onboarding. Have a new employee setup a
Keybase account (if they don't have one already) and now you have a simple and
secure way to have conversations and exchange files (e.g. W-4 forms,
insurance, etc)

I use it for personal communications too, so it is nice to use the same secure
messaging platform for both work and personal and switch back and forth from
computer to phone easily. I do wish the server portion and apps were
opensource though.

~~~
majkinetor
Hm...

I wonder now could it be used for corporate secret management. I wouldn't like
to use cloud solution for that and on existing on premise solutions do not
cover all scenarios I need (on-boarding one of them, or guests).

~~~
majkinetor
Looks like Keybase Teams is exactly for that:

[https://keybase.io/blog/introducing-keybase-
teams](https://keybase.io/blog/introducing-keybase-teams)

------
781
Uninstalled because on Windows it registers itself to auto-start on boot no
matter what you do. I keep removing it from the autostart places and it keeps
registering back.

I get it that they want to get usage telemetry, but it's ridiculous for a
security focused app to force itself like that.

[https://github.com/keybase/keybase-
issues/issues/2380](https://github.com/keybase/keybase-issues/issues/2380)

[https://github.com/keybase/client/issues/3904](https://github.com/keybase/client/issues/3904)

[https://github.com/keybase/client/issues/5990](https://github.com/keybase/client/issues/5990)

~~~
randy408
They don't seem to prioritize user choice on the linux version either, there's
no snap/flatpak available nor a user friendly option to not mount the FUSE
filesystem.

[https://github.com/keybase/client/issues/8264](https://github.com/keybase/client/issues/8264)

[https://github.com/keybase/client/issues/9191](https://github.com/keybase/client/issues/9191)

[https://github.com/keybase/client/issues/7846](https://github.com/keybase/client/issues/7846)

------
smoyer
Still waiting for 2FA authentication (sigh) ... everyone but Keybase and my
bank seems to know how important this is!

~~~
kokx
2FA is not very helpful if your service relies on encryption for everything
(like keybase). It's not possible to use 2FA without another party verifying
the authentication code. Keybase could include this (then they would have to
verify it), but so far keybase has gone to great lengths to not actually have
to hold any secrets for users. They even perform password hashing in the
browser instead of on their servers. 2FA would force them to do some
processing with secrets on the server side.

Having 2FA with Keybase would be similar to having 2FA with a local password
safe like Keepass. Yes, you could implement 2FA. However, you would have to
rely on an external service, and if people have your password and can modify
the software, they can simply comment out the 2FA check and they can decrypt
your password safe.

The entire security model of Keybase is based on having all data encrypted at
all times. Adding 2FA would add some false sense of security, which doesn't
affect the encrypted data at all.

~~~
viraptor
> It's not possible to use 2FA without another party verifying the
> authentication code.

That's not true. You can verify the time based codes or do u2f yourself. You
don't need a third party for that.

~~~
DuskStar
Right, but there's no way to cryptographically enforce that. All the totp
implementations I've seen are symmetric, with the validating server running
the same calculation from the same seed. You could do that locally - but then
the seed can be extracted or a client can be patched to just not request the
code in the first place.

------
veidr
I really want to love Keybase but nobody (meaning my wife and friends) will
use it because the performance for basic chatting sucks abysmally on mobile
(plain text chat works but things like pasting an image don't work, for any
wife-acceptable value of work).

This means I haven't wanted to even suggest trialling it at work, so I haven't
used the teams feature at all and without that it's basically an encrypted
cloud storage mechanism with an interesting Git integration.

    
    
        T_T

~~~
franzunix
The git integration is indeed something really cool.

------
lousken
did anyone figure out what the arrow on the top does?

[https://i.imgur.com/nqGfSCL.png](https://i.imgur.com/nqGfSCL.png)

~~~
tecleandor
By its looks, it should hide the side bar...

~~~
lousken
except it doesn't, it's actually a back button

------
HNLurker2
I use it with my friend to share ill... No I mean to share stuff like videos
;-)))

