Hacker News new | past | comments | ask | show | jobs | submit login

Keybase also silently subverts smartcards for in-memory keys per my findings here: https://github.com/keybase/keybase-issues/issues/1946

In general I find Keybase to be a step forward in user experience and two steps backwards in terms of actual security. They just don't seem to care about the latter at all and have not demonstrated any cooperation with standards bodies like the OpenPGP working group where members have expressed interest multiple times in adding generic URL uids to the openpgp public key itself to replicate and decentralize the idea of social media based trust bootstrapping (the one good idea from Keybase in spite of terrible execution). Instead they insist on their complex proprietary walled garden system that does not integrate with existing keyservers and throws everything on the bitcoin blockchain for reasons.

Keybase has become the IE of crypto and I can't take any security project seriously that even -integrates- with them.

They don't throw everything on the blockchain for no reason. They specifically back up the root of the merkel tree into the blockchain.

Honestly, the OpenPGP world has so competently failed at usability and is only adopted by the most hard core of nerds. Even I have stopped using it for the most part.

And that it is two steps back in security overall is just not true. Maybe in some individual features that you care about, but not in general.

And the same thing counts that always counted, crypto that nobody is using is not protecting anything.

The have mostly moved on from GPG any a different libraries now. The GPG is mostly a legacy feature.

> OpenPGP ... is only adopted by the most hard core of nerds.

This seems pretty inaccurate.

* Lots of software projects sign their releases with PGP.

* Almost all Linux distributions sign their software with PGP. If you use Linux, your security relies critically PGP.

* Github has support for PGP, and I see people use it.

* My random server hoster happens to sign all their emails with PGP.

You could claim that all these systems are run "by the most hard core of nerds", but at that point the statement loses its relevance.

The GP was pretty clearly talking about PGP in the context of ordinary encrypted communication between people (like email). Keybase isn't competing with PGP for signing releases. In the field that we are talking about, PGP has absolutely failed to gain widespread traction outside a certain hard core group of nerds.

Those aren't a representative sample of computer users though. Those are in fact the most hard core of nerds. If you want to take a poll of users, look at even keybase users (already highly biased). How many of them use the PGP key that they had to create when they signed up? I know I don't.

Even Facebook for all their privacy failings supports it. You can add your public key to your profile and they will encrypt all emails to you.

> crypto that nobody is using is not protecting anything.

There's only one thing that's worse. Crypto that people think is protecting them, but which isn't.

Yeah but for the most part Keybase is not that. The person above point out one special case and not for the whole system.

For the most part Keybase crypto is modern, effective and easy to use.

We already have a distributed backup system: the keyserver network. There are also efforts like DANE to put it in DNS. They however refuse to sync with it. They only sync with their own proprietary servers using their own protocol.

Also there are projects in the OpenPGP world making very easy to use workflows and interfaces without centralizing or breaking standards. OpenKeychain for android is a fantastic example of this.

I use OpenKeychain on my phone and can sign files, access passwords, or decrypt email by tapping my yubikey to it. I can tap someone elses key to my phone to import their key to my addressbook. No terminals or fuss and at no point does any key come in contact with system memory of any device involved so I have strong assurances it can't be stolen even if my phone is totally compromised.

A big example of the 2 steps backwards of keybase: they use keys in system memory and abandoned any compatibility with the openpgp smartcard spec, yubikeys, etc. The industry is moving to smartcards for very good reason: malware is a thing and it can use/steal keys from system memory without user interaction. A key stored in a yubikey 4 OTOH never touches system memory and requires a physical touch for each operation.

You can have usability without throwing out security and standards. Keybase is just another in a long line of companies ignorantly throwing out any security features they don't understand using usability as an excuse for bad engineering.

> There are also efforts like DANE to put it in DNS.

It seems GnuPG and "the ecosystem" is slowly moving to WKD (Web Key Directory) as it is easier to deploy (e.g. kernel.org is using it).

If you put your binary key (gpg --export 36C8AAA9) at https://lrvick.net/.well-known/openpgpkey/hu/gfoh5t79df9raqt... tools would retrieve it automatically when using your e-mail address (gpg --locate-key $EMAIL). (I got the hash by running gpg -k --with-wkd 36C8AAA9).

This is supported by GnuPG, OpenKeychain and some e-mail clients: Enigmail, GpgOL (Outlook) would fetch your key in background when someone is writing an e-mail.

For details see: https://wiki.gnupg.org/WKD#Implementations

The spec: https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-s...

> the OpenPGP world has so competently failed at usability

Don't you know? There's a rule that all cryptographic software must be arcane and obscure and virtually impossible to use correctly by anyone other than obsessive nerds.

This description perfectly captures my impression on Keybase too (especially the part on unwillingness to decentralize their social-media based identities).

For the record it soon may be possible to use native GnuPG through the browser extension:

> Installer: New optional module "Browser Integration" to register GnuPG as backend for Mailvelope 3.0.

Source: https://www.gpg4win.org/change-history.html

But given Keybase's track record I already know they're not interested in that.

Any trust went out the window when I realized I could pull out my smartcard and continue signing things. My head exploded.

You just don't seem to understand how the service you are using works and guess what. Its different then pure PG. It was not designed to work with your smart-card as it is not primarily about that.

Guess what, other people like me just realized that Keybase was not designed to be used like that and didn't use the smart-card together with Keybase.

I guess you can fault them for not saying that explicitly but since the made no mention of smart-cards and didn't evolve the security model in that direction it was pretty clear that that was not what they were about and therefore I did not expect it to be optimal to be used like that.

They used my openpgp key to setup my account. They link it on my profile as my key... I guess this gave me some crazy idea this was the key they actually use, not some silently created in memory keys that don't use the openpgp spec at all.

What is up with this issue? https://github.com/keybase/client/issues/13560

Is that a normal thing to do on github?

Changing the title of an issue, presumably so it doesn't show up in search results? Deleting the body of the issue? Not leaving any explanation? Yeah, that doesn't seem normal to me. Can't say I approve.

Looks to me like someone posted spam and it got removed. And yes, unfortunately, that's a thing on github these days.

Unless the title was lifted from another issue for the purpose of spam...

...this actually looks like a potential security weakness that was purged from the public space. (CWE-921)

it wasn't purged, per say. if you click "edited by maxtaco" on KirtiRamchandani's first comment, you get a dropdown to select the versions, and you can still find the original text.

Have you tried / compared Wire[0] by chance? I love Wire cause it's simple, my only recommendation is to register from a browser on your desktop, it asks for your number on the phone app, but you don't need to register like that. I also like that you can delete your account and nuke everything. The back-end is open source as well. Though KeyBase gets the UI / UX factor perfect, I wish some hardcore crypto devs would take KeyBase and make it more rock solid.

[0]: https://wire.com/

Wire's apps feel slow and bloated on both desktop and mobile. Compared to Telegram, Wire is almost unusable.

As a user, Wire has been fast and reliable and usable (even by non-techies) on iOS for several years, across a wide range of network conditions and hostile networks.

They are contributing to an IETF protocol (“MLS”) for E2E messaging, which is a long-term path to messenger interoperability.

I have not had the described slowness on Android and Windows (I think I tried it on Linux too) so I'm not sure what the parent commentator is speaking of.


Relevant: https://tools.ietf.org/html/draft-barnes-mls-protocol-00

a long-term path to messenger interoperability.

I remember when we had that before E2E was popularized, it was standardized, and then walled gardens broke their interoperability in the name of (claimed) better user experience and user numbers.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact