OP here! I had to trim the post down for brevity, but I thought the HN community in particular might be interested in the API side of things.
Undocumented in the post: you can invent channels for app-to-app communication from the JSON API. For example, it's possible with Keybase chat to have a program posting encrypted messages for another person or program, without cluttering up the visual chat interface.
Also - to test chat we've cut the invitation requirement. You should be able to try the app without anyone inviting you.
This is cool. One thing that keeps me from using Slack, &c is that I don't trust my information to be stored on their servers. Keybase's combination of private keys and open source tools and protocols makes me comfortable with your server-side storage.
Your post does a good job describing what is stored in a readable format on your servers. One thing I didn't understand is where the data sent to users not yet on Keybase is stored. It sounds like my client is responsible for storing this unsent message, either locally or on Keybase's server encrypted for myself, and occasionally querying the DB to see if the target user exists and re-encrypting it. Is that right?
Finally, any thoughts on spam prevention for this protocol?
oh, great question! I wish I'd been clearer in the post.
Encrypted messages waiting for others are stored on Keybase servers. But they're encrypted only for the sender. The important requirement of this protocol is the removal of extra human steps, especially the ones before composing a message. The only thing a person should have to do is (a) write a message and (b) maybe tell the recipient it's waiting for them on keybase.
It's the worst to ask someone for their number or email before you get to compose a message.
There are still computer steps, however, and Keybae hides them from you. If you post an encrypted message for foo@reddit, then you sign a statement to yourself that foo@reddit is an intended recipient. When foo@reddit proves herself by announcing a key, your own client verifies the announcement and rekeys the content for her, assuming her key proof matches your signed assertion. This is no work for you, although it does require that one of your devices comes online. If they try to get to the content and all of your devices are off, they'll see a message that the original sender needs to come online before it's available for the first time.
The story with phones will be even better, as they're easier to reach through push notifications.
As with most large data encryption, this is performed by rekeying a symmetric key. So you can leave a huge attachment for foo@reddit and you don't have to download/upload the data all over again just to make it available.
As for spam prevention...we're still discussing. We obviously don't have the ability to study message contents. At the very least, we will need to have easy/clear blocking features
Thanks for expanding, and I wish you luck on the spam prevention. We often have conversations in the office about implementing a cost-based anti-spam system[1] for email, but I think a lack of universal usage kills that idea before it can begin. Keybase may be in a position to implement it before the protocol and user interfaces have ossified. Something to think about.
I find this stuff fascinating. Deciding not to interview with you guys because I didn't want to move remains one of the biggest "what if"s of my career so far :)
As for spam prevention...we're still discussing. We obviously don't have the ability to study message contents. At the very least, we will need to have easy/clear blocking features
This immediately jumped out at me as a potential problem with the system. I think you had better get jumping on it quickly. Preventing abusive messages is much easier if mitigation is built in from the start.
What prevents hundreds of spam messages hitting a new user as soon as they sign up? An automated system could create a spam message for every github user account (just as a way to get likely signup identities) and keep a client running and they would be delivered to new users as soon as someone verifies themselves. A group of people could target one individual so that they are flooded with unwanted messages upon joining.
I'm entirely unconvinced by your argument regarding backing up a perfect forward secrecy chat. PFS is about preventing any listener of the messages in-transit from ever effectively decrypting those messages - it says nothing about security guarantees once the message is received.
It'd be like arguing that by enabling PFS also creates a social contract that the receiver guarantees that their device isn't compromised. Or that webservers that use PFS in TLS don't log most/all of the details for the requests they receive. I don't believe either of these to be true.
You seem to have extrapolated some social properties from a purely technical property and assumed everyone must think about it in the same way as you. But in doing so, you've made your protocol weaker against realistic attacks.
Oh, and the likelihood of an attacker stealing a device with WhatsApp installed and only being able to extract the identity keys and not the cached messages seems absurdly improbable.
Personally, I wish you'd either tried to work with OWS/WhatsApp/whoever to integrate in what makes keybase.io great (providing identity verification - something that all these could use) and not gone about adding to the already crowded area of chat providers.
In fact, you could even flip it around and let a shared notepad connected to the chat represent what you want to remember permanently, while the chat could remain ephemeral.
This makes for more accurate expectations and less risk of user error.
This is really cool. Question: right now, I have a [deep link to Keybase's encrypt page][1] on my website as "Create encrypted message." Will there be a way to do something similar, but using Keybase Chat(tm)? ("build it yourself" is an acceptable answer in this instance)
Considering that HN does not preserve envelope formatting, that more than one person reads HN, and that scrolling through this on my phone was really fun, perhaps PGP messages are not a good idea regardless of how on-topic or clever they are.
Thank you and the Keybase team for this. Unlike other services, I think KB has solved the online identity authentication issue.
There's one hurdle I need to work through to get going on chat. Thus far I've avoided uploading my private GPG key to my Keybase profile, or even copying it to other devices (call me paranoid). Unfortunately this apparently means I can't authorize any other devices (see error message: http://imgur.com/a/UOftN). I assumed device keys were meant to solve this problem, but maybe not. Is there a supported way to make a subkey (GPG or otherwise) of my primary private GPG keypair, so other devices can securely authenticate against my KB profile?
EDIT: I haven't yet started using device keys. Maybe they would work?
This is answered in the FAQ at the bottom of the post.
You'll see this policy in action when you install Keybase on a 2nd computer. It'll make you either (a) type something on your first computer, or (b) enter a paper key. This isn't just two-factor auth with server trust. The old key is signing a statement about the new key, and the new key is countersigning.
It could be formatted better: it's telling you you have three different options, one of which is,
Install Keybase on a different machine that has your PGP key
I was in the same boat as you, I didn't want to import my private key onto this mac laptop because I don't know how the "Keychain.app" works and don't trust apple to not do something super helpful like store my GPG private key forever and always. I did the login flow on the machine I do trust, and was then able to use that machine to authorize the mac laptop, without moving any GPG keys anywhere.
I interpreted that option as Keybase needing a local copy of the PGP key. Thanks for helping me understand that's not the case.
I've set up Keybase on my trusted machine with my GPG keypair, and now have a device key on that machine. When I go to Devices -> Add new... -> New Computer in the GUI I'm told to "Type in text code" (along with the note "In the Keybase app on your computer, go to Devices > Add a new device"). I find this confusing because I'm already there. I tried using the only paper key I have, the one corresponding to my first device key, but there's no response when I click Continue. This is the Linux client, by the way. I'm guessing this is a bug, but I'm not sure. Can you confirm this is the same process you went through to generate your second device key?
When I try to log in on the secondary computer, which doesn't have the GPG keypair or a device key, I'm brought to the same error shown in the screenshot.
on my trusted computer with my GPG key, I ran 'keybase device add', selected option 1 ("desktop or laptop") and it asked me to enter the "verification code" from the other device. It also said, "to get a verification code, run 'keybase login' on your other device", but I'm certain that I just clicked some buttons in the GUI instead of running that command.
Wondering if you can clarify a bit—what parameters cause a chat to/not to show up in the GUI? Different topics? Different channel names? I have a use for this immediately and am excited to give it a shot!
For program-to-program talking, use the "dev" channel, in a topic of your choice. (By default --topic-type=chat and changing it to dev keeps it out of the GUI)
For example:
keybase chat send friend1,friend2\
--topic-type=dev\
--topic-name=KEYBASE-SYSOPS\
"server-restart [reason:hot and bothered]"
I'll never see this in the GUI but you and your friend1 and friend2, can access the messages through the chat API. The topic-name can be whatever you want, and it allows you to structure messages into channels.
----
If you're using the JSON api - which makes more sense if you're programming it - take a look at `keybase chat help api` to see some examples of how to structure the JSON going in. Anywhere you see a `channel` object, you can add `topic_type` and `topic_name` to them. Both should be strings.
Why is non-PFS the default? You wrote that somewhere in the documentation.
You said something about violating expectations when you sync PFS'd chat contents, but I don't see why that's relevant unless people were promised otherwise.
There's nothing about the encryption algorithm itself that dictates how data going over it should be handled at the endpoints.
Just let users have a regular mode and an off-the-record mode where nothing is kept. Both PFS protected.
One thing I've noticed so far is that with the Keybase desktop client on Windows 10, the "Reddit Form" button for submitting a proof didn't work for me. It just fails silently and doesn't open a browser window or whatever it's supposed to do.
Additionally I am curious why on Reddit people have to post a wall of text, while on Twitter you only have to post a small tweet? Is there some reason people can't just paste the tweet version onto Reddit too?
I just installed the app but still get asked for an invitation code.
The chat sounds great, looking forward to try it out!
edit:
Nevermind, on the website I wasn't asked.
Secondly, I think this is incredibly important moving forward with the proliferation of messaging channels. I want to be able to use one program for all of my different chat sessions. Whether that be adium or pidgin or mIRC or even weechat/bitlebee in a docker container. It would be great if there would be common plugins for common chat clients provided off the shelf. :D
We didn't design Keybase's chat API to match any messaging standard, but the number of calls into it are very few and flexible, and we're open to change.
As it is right now, I imagine it would be very easy to write a library that acts as a bridge to other interfaces, if that's of interest.
There are calls to see into your "inbox" which is the set of conversations, read messages, even peek at unread messages. And of course send messages, too.
"it's possible with Keybase chat to have a program posting encrypted messages for another person or program, without cluttering up the visual chat interface."
Nice. I'll be looking at what source of tools that use this style of communication on github.
Q: group chats? Seems like it could be done by encrypting (and sending) the message to all recipients, so it's not particularly efficient, but it's a valuable UI thing.
I was wondering about that very thing when playing with it; encrypted app-to-app comm via the chat. Maybe something similar for the file system with a pair of pipe files.
Good on them! The rest of this comment is not actually applicable anymore and you should give Keybase Chat a try :)
Original comment:
-----------------
My biggest concern with it, however, is that the Keybase client is now frequently verifying all my contacts' proofs. Many of these verifications are for personal websites and are done over port 80 or involve DNS lookups that my contacts control.
This leaks a great deal of metadata over the network about who my contacts are, and makes it easy for a hostile network to determine who I am if I'm running the Keybase app.
I hope they decide on some sort of fix for this. They could at least not do verifications over insecure connections and arbitrary 3rd party DNS lookups without my explicit approval.
Warning to all OS X users: The Keybase Chat desktop app does a number of shady things that ultimately led me to delete it from my system. I am writing this purely as a public service announcement, to those who worry about installing unknown apps on their Macs. The Keybase Chat app:
(1) Requires administrator privileges to launch on first run, to install a "Helper Tool". The app does not explain what this tool does, where it lives, nor does the Keybase website.
(2) Installs a login (startup) item without asking permission, so Keybase will auto-launch on every boot.
(3) Installs a Finder Favorite in your Finder sidebar, without asking permission.
(4) Installs /usr/local/bin/keybase without asking permission.
(5) Installs /Library/PrivilegedHelperTools/keybase.Helper without asking permission.
(6) Installs /Library/LaunchDaemons/keybase.Helper.plist without asking permission.
(7) Installs ~/Library/LaunchAgents/keybase.* (3 files) without asking permission.
(8) Runs permanently in your menu bar, even if you quit the main app.
These things may all have good reasons and be benign, but they are too shady for me, so I deleted the app and all the files listed above. Apologies to the devs.
Step 2 and 7 are fairly standard behavior for an application that is meant to be running at all times, eg a persistent chat app. Even something like GPG installs files into /Library/LaunchAgents. The location of the directories in question shouldn't set off a warning flag about whether an app is "shady" or not.
I accept your devil's advocacy, but I would argue that the app should have simply asked permission before doing these things, especially installing itself as a startup item and adding a Finder favorite. Also, if the app is going to install things as an administrator, it should tell the user exactly what it plans to do. Just my $0.02. I know that Keybase the company is not shady, but their chat app sure feels off to me.
Note that the app does ask for permission before installing the helper, i.e. via the standard macOS elevation prompt; agreed though that it doesn't actually explain what the helper is for or what it will do.
As far as I know, it asks for root because the Keybase filesystem runs on Fuse, and the menu bar app can be quit from its menu.
It's hard to balance making a simple, self-contained app with providing easy installation, a custom filesystem, automatic updates, and a command line tool… if you have ideas on how to improve things, I think they'd be open to issues/PRs. (I used to work on Keybase. I personally trust the devs, but, really, you can build from source if you want.)
The feeling that the app is shady (because of permission overreach) may stem from the notion that Keybase is a chat app. It is, perhaps in the same sense that a browser running Slack is a chat app. It also includes crytographic key management and message handling via both GUI and command line (the core product), as well as a FUSE-based file system interface that allows transparent encryption/decryption with other users (Keybase FS). Viewed in that light, the installation footprint might be considered more reasonable.
Had an interesting manifestation of this overreach.
I'm using a gulp task to watch for file changes. `gulp-notify` gives me this error. I cleaned up keybase from my system but still getting this:
```
Message:
2017-02-09 11:37:56.154 terminal-notifier[2293:8114763] kCFURLVolumeIsAutomountedKey missing for file:///keybase/: Error Domain=NSCocoaErrorDomain Code=257 "The file “keybase” couldn’t be opened because you don’t have permission to view it." UserInfo={NSURL=file:///keybase/, NSFilePath=/keybase, NSUnderlyingError=0x7ffca345de60 {Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted"}}
```
Ugh. Even if these things are fairly common practice for mac apps, there's no reason that a chat app needs to install a bunch of crap to launch on root.
By default, unless absolutely necessary, your app should install with only user-level permissions and should not attempt to insert itself into the boot process. Just let me click on the app when I want to open it. I don't need toolbars, I don't need a launch daemon, I don't need a global install. If you think those features are really great for some reason, let users opt into them later on.
I'm not qualified or interested enough to investigate this but I can tell you that on Windows Trend Micro have blocked keybase as potential malware. It's reported on github and keybase have requested an exception but reading your post one starts to wonder why Trend Micro would get that idea.
I'm glad you showed me that but unfortunately I'm required to run it by my organisation. And even if I do disable it we have VPN software that requires some sort of AV before you're granted access.
I used the Unix "locate" command-line tool. I just searched for "keybase". Note that you have to build up a locate DB first by calling "sudo /usr/libexec/locate.updatedb". Type "man locate" in Terminal to learn more.
Note you can also use 'mdfind' for this (assuming you haven't disabled Spotlight), no need to build the updatedb. I actually have locate aliased to mdfind in my bashrc.
For those who are curious: To be accurate, locate is a command provided by mlocate package (shipped by most modern distributions) which supersedes GNU slocate.
mlocate is a locate/updatedb implementation. The 'm' stands for "merging": updatedb reuses the existing database to avoid rereading most of the file system, which makes updatedb faster and does not trash the system caches as much.
The locate(1) utility is intended to be completely compatible to slocate. It also attempts to be compatible to GNU locate, when it does not conflict with slocate compatibility.
When providing Keybase or the Service with content, such as your name, username, photos, social media names, data or files, or causing content to be posted, stored or transmitted using or through the Service (“Your Content”), including but not limited to the Registration Data and any other personal identification information that you provide, you hereby grant to us a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, transferable (in whole or in part), fully-paid and sublicensable right, subject to the Privacy Policy, to use, reproduce, modify, transmit, display and distribute Your Content in any media known now or developed in the future, in connection with our provision of the Service. Further, to the fullest extent permitted under applicable law, you waive your moral rights and promise not to assert such rights or any other intellectual property or publicity rights against us, our sublicensees, or our assignees.
That's a bridge too far, and someone needs to dial this back.
> in connection with our provision of the Service.
This is pretty much boilerplate legalese that's generally intended to mean "you can't upload a file to your public folder, then sue us for copyright infringement because that file is in a public folder".
Lawyers seem like to cover their clients' asses as much as possible, but for a service like this that's designed for privacy-conscious people it'd do them well to step back and think about how the license comes across to privacy-conscious laypeople.
From what I've seen of Keybase, from back when they were just an alternative to the PGP Web of Trust to now, I don't think they're genuinely planning anything nefarious (but they'd still do well to have a ToS that reflects that).
What you're describing is "for the sole purpose of proving the service to you". The "in connection with" language is much broader. Whether the license is intended to give them more leeway or not is a different question.
Note the "in connection with our provision of the Service". This largely looks to me like a standard set of terms that they require in order to not get sued for shuffling around your content just to provide the service you're signing up for.
While the rest of the paragraph looks standard to me, I'm not completely sure about that last sentence. Is that what you're wondering about?
there are key additional phrases that subtly make it different, like the fact, that this is transferable.
And though not uncommon, using the term "provision of service" leaves the door wide open to your contents usage, because the lisc. is non-revocable, and perpetual.
If say, in 3 years from now as a provision of their service they offer analytics, or direct marketing. they can use any of your content for that.
I get this is probably just a wide net they are casting to not box themselves in, but it's something that is super restrictive to the user. And being as they also have a section require arbitration, and barring class action suits.
If they are acquired by, or decided become a bad actor, then you are pretty much SOL.
No, from what I can tell it is them asking not to be sued to for providing the service they signed up for. That is, looking at your social media profiles to verify your identity across profiles.
Even if it did mean that, it would be of 0 use to them because they are fully end-to-end encrypted
The continued fragmentation of chat into walled gardens is really annoying. I feel like Matrix has done a good job not only designing their protocol to be open and federated from the start, but also in that they are actively working to provide bridges to other services. It would be really nice if keybase would work to federate with Matrix servers.
(Link to Matrix service, since they have an un-googleable name: https://matrix.org. The only working client that I know of at the moment is https://riot.im)
I am convinced that we are cursed to relive this nightmare once a generation:
1. Some chat application blows up in popularity.
2. Everyone looks around and says "Hey, that's an easy problem, let's build a competitor but with feature X and Y!"
3. We are stuck with a nightmarish number of chat apps until someone reverse engineers the protocols for each.
4. The bubble bursts and everyone realizes there wasn't any money in it anyway and goes off to doing something more interesting (like building better PKI).
5. ~10 years goes by and someone finds a new chat niche and the cycle repeats itself.
Yeah, though IRC seems to have weathered the years fairly well (at least with its core audience), and it's an open and federated protocol. Since Matrix bridges to IRC, and adds some features that you used to need IRC bouncers and such to get, and is federated itself, my (possibly naive) hope is that it can evolve into something at least akin to a "next generation" IRC with first-class support for E2E encryption and various other chat features that people tend to like these days.
Why do all new chat clients look like Slack? We're rapidly moving towards a monoculture of chat UIs.
I'd like to see a return to less intrusive chat apps, with more minimal UIs that don't take up most of the desktop real estate. The most common screen resolution out there? 1366x768. I kid you not. IRC has it's many flaws, but the clients still understood the meaning of good information density.
People seem to forget that chat is a communication medium first and foremost, and not a multimedia based experience.
Electron is the short answer to that. From what I've seen pretty much all the "new wave" cross platform chat apps are based on electron and a lot of the companies are emulating slack. In combination that leads to a lot very similar looking programs.
Laziness so they can use the same styles on all devices. For the same reason many websites have mobile style buttons and fonts that are way too big on desktops.
I disagree with the idea of allowing backup/restore of conversations defeats forward secrecy. There's a big difference between decrypting past conversations and decrypting chat logs. I have full control over my chat logs, I can choose to delete them, not store them with some people, encrypt them with a different password and rotate them monthly, etc.
Even Signal and other apps store all your messages on your device, optionally locally encrypted.
Forward secrecy is so that you can't just steal the key and network traffic and get _all_ past messages, regardless of whether or not I wanted to archive them. And getting my live key doesn't mean getting all my archived logs.
Worst case, make PFS without sync the default, but include a native feature for pasting into a shared document (Etherpad style, hosted by Keybase) for whatever your want to keep. Then you've got two spaces with different expectations, matching their capabilities.
And for attached files, they'd be displayed in a list while the chat is active, asking if you want to keep them in your keybase storage or let them vanish from the servers when you close the chat (delete their session keys).
That's an interesting idea. I think ultimately you need to trust the people you talk to though if you're discussing something private with them.
There's no technical solution to copying and pasting the conversation - try as you may, someone can always get a hook in there and dump the raw text out. Any technical measure you take against this is just as effective as DRM - a total half measure, vulnerable to everything from reverse engineering to the analog hole. The only solution is a social one.
Hey malgorithms, this is great! I check the Keybase website every month or so for updates and discovered yesterday that there's a new logo, replacing the old thieving dog/ferret/raccoon with what appears to be a person's head with their hair in a bun holding a key. Can you give some background on the thinking behind this logo redesign? (Sorry it's not a question about chat, per say)
we knew we needed a logo redesign no matter what; the old didn't scale well. The new one looks good at small sizes - say in a menubar or as a small icon. Of course that's just an opinion, but our team is happy with it. In old displays (think 72dpi), our new one isn't perfect, but most devices in the future will be high dpi.
As for brand messaging: the thieving kangarooster was suggestive of spy-like activity, which was playful but many people thought it sent the wrong message.
I personally like the message of the key in the hair...I mean I haven't thought it through in some deep way, but it's sort of like seeing a pencil in someone's hair: it's suggestive about their personality, and a pencil is an easy-to-use tool. A key in there feels good like that, like you can just grab it and use it easily. But that's just my own personal, previously unshared, take on why I like it.
Not only that - but a "thieving raccoon" helps reinforce the mistaken belief that crypto is only for criminals. While I don't think that had a "serious" effect or that people would read so heavily into a logo - it never sat well with me. While I didn't notice the logo change until the GP post pointed it out, I like the new one better.
That looks spectacular, can't wait to try it tonight. Hope this software can overcome the network effects of existing systems. End-to-end encryption is really, really important, but I feel like the real game changer is being able to instantly chat with anybody online by just typing in their username.
Is it technically possible for Signal/Whatsapp to use Keybase keys in lieu of phone numbers? If so, how practical would it be to add this as an option?
I wonder how that would work with key rotation. Those chat services do a lot of key management for you during a conversation, while Keybase is more focused on long-lived keys.
End-to-end encrypt all messages,
but only "exploding messages" (coming soon) will have FS.
Therefore, your history will survive, encrypted, except for the messages you choose.
No. And even if it were possible they wouldn't allow it. Their servers are designed to forbid anything different from what they already do. Forget about that.
This is fantastic! I've been playing with it for a bit, and I'm loving it.
Question: since (encrypted) chat history is stored on keybase servers, does my chat history count against my KBFS quota? If so, how do I clear it out? If not, how do you mitigate against someone building a pseudo-FS on top of chat messages for free unlimited storage?
Wow, this is awesome! A colleague and I were just recently discussing how badly we feel the need for "encryption-first" chat software is - not tools that sell it as a feature, but tools that make it _the_ feature.
Using all of the associated accounts across services to do user lookup is really quite cool, and the CLI integration and public broadcasts look very fun. Nice work there.
Multi-device key management is one of the hardest tasks for end-to-end, but that's been taken seriously from the beginning by keybase, and I'm leaning toward optimism. The UX decisions for forward secrecy seem pretty reasonable as well.
It'll be interesting to see if I ever receive messages from my fellow HN users now that it's a bit easier to do so without navigating my website to find my email address. I doubt it, but still.
I'll give it a run when I get home today. Since few of my contacts use Keybase, or would have any interest in Keybase, this is less "Wow! Awesome!" for me than the release of KBFS was - but it's still pretty cool.
I love how Keybase is expanding to be more than just a collection of "internet personas verified by a PGP signature" and am interested in what else you guys may have in the works.
E: Updated my profile info to make mention of Keybase Chat. And I don't even have it yet. ;)
* A big part of my motivation to do it was as a toy thing to learn some Rust, so it has all the hall marks of someone kludging around trying to learn something new. Critiques/"WTH ARE YOU DOING"/PRs with style improvements also welcome :)
While I didn't try it myself (I just run my own git server), symlinking the directory of that to kbfs (or maybe just create a git repo there and make some magic to locally push stuff) should work.
I saw that recently, after the post on here about the 'pass compatible password management for teams', I forget what it was called.
It's actually more along the lines of the latter I wanted to do with Passbase - seeing as it's already using KBFS it would be (relatively) easy to do password sharing, just throw it in a shared private folder.
I was thinking more of the shared pizza-order password with room-mates, or groceries, bill-paying - whatever - than professional teams, though.
I digress, yes, I'd definitely recommend using Pass over anything I've cobbled together!
This is the reason I am so excited about Keybase. I can't comment on the integrity of the software but the vision is there. All encrypted everything is where I see the future of the internet.
Does anybody know if they are working on a mobile app for at least the chat system? I don't necessarily need the whole desktop app on the phone but encrypted chat would be fantastic. (Currently using Signal but would be open to using everything keybase in the future)
I've been using the riot.im client over the matrix protocol, and while not yet the most mature comms stack, I appreciate that it is not based on a centralized server (i.e. i can and do self-host). My hope is that keybase can be made to be decentralized and that i can self-host. ..Or that its good features can be merged somehow with the best features of the matrix protocol.
i'm wondering which features would ideally make it over to Matrix? it feels there is parity already (other than perhaps defining PFS messages as 'exploding'?)
Good question/point...I guess I should have dived into the features of both and seen for myself (instead of assuming that the shiny new thing has better features)! ;-)
I don't suppose you could tell us where the version number comes from then? I looked at opt/keybase/version of the 'now' package (20170214-1250 UTC) you host for Linux x64 and it says v1.4.12. What is the git commit reference for that version?
Is there another location for official source releases? The Nix expression [1] builds from source from GitHub releases, but it could easily be modified to point to an different address on the web to stay more up-to-date.
They can't install anything on their computer, so no pidgin. Is it possible to use the web interface with Gtalk without having your personal email open?
I don't use Keybase on a regular basis yet but every time they announce something new I check it out again, and every time I'm impressed. I'm not sure what it will take for me to make the switch and use it regularly but if they keep this up I have no doubt it'll happen.
I'm not really sure about Keybase accumulating more and more services instead of focusing on integrating to existing ones. One of the initial attractions of Keybase (to me at least) was how the system was very simple, transparent, and not really dependent on keybase.io.
Keybase is a VC-funded startup, and this is part of the standard playbook for such companies. Expect more of it from Keybase, and expect it for any other company whose investors are still looking to get a payout on their millions of dollars.
It seems that this app and Slack are hugely influenced from the iPad style of app design. Why can't we have a window per chat session on the desktop and why do desktop users get wrapped apps? Is this an indication of the lack of perceived importance of the desktop?
What if we launch our own apps and websites that would allow users to claim they are X on website Y. Do you have a way for them to use their public/private key pair from their keybase clients, to sign these claims?
I do not necessarily want these claims to be publicly available to everyone on website Y. I want them to be privately transmitted between website A and B, so people can't be tracked between domains.
Shameless plug: Before the Keybase [GUI] Chat was invented I hacked together this simple text-based client that uses twtxt formatted files to store private chats between two keybase users:
Think of this chat system as something similar to whatsapp or telegram. There are groups, and not channels. User limit, afaik, is not hardcoded. Message history afaik, also has no limit.
If you need an invite, hit me up on Twitter! If you're trying to find a random person on the internet to chat with and test this out, hit me up on Keybase! :)
No. The whole point of the app is to have a verifiable chat with people whom you have also verified the identity of. Without an account, this verification is not possible.
But I can still rekey everything using my master password and the encrypted private key is still stored on keybase's servers, right? (or something like that)
I'm going to lose the paper key just like I lost my 5 BTC wallet just before the great Bitcoin boom of 2013.
Depends on how you set up the key initially. I don't know if it's still possible, but at some point in the past you could specify your own master key that isn't stored on their servers. My account was one of those, so once I lost access to my computers/paper key, I also had lost access to the PHP key and therefore had to essentially start fresh.
The only pain is that you have to re-verify all your services.
Undocumented in the post: you can invent channels for app-to-app communication from the JSON API. For example, it's possible with Keybase chat to have a program posting encrypted messages for another person or program, without cluttering up the visual chat interface.
Also - to test chat we've cut the invitation requirement. You should be able to try the app without anyone inviting you.