1. 1
    Keybase iOS Has A Backdoor cryptocurrencies sneak.berlin
  1.  

  2. 59

    For someone who previously complained about (alleged) toxic open source culture, you’re being pretty darn toxic in that GitHub issue by referring to Stellar as “Shitcoins”, calling Keybase “fraudulent”, calling on Keybase to “give up and stop existing” (in the article), and uses a rather inflated “backdoor” claim (this is really not a “backdoor” as it’s commonly understood, or if it is, your article doesn’t explain why it is).

    This is a shame because the core point seems like a good one (“Keybase gave me a verified Stellar account that I don’t want”), but you’re not doing anyone – least of all yourself – any favours by making it this way, and you’re only adding to the toxicity.

    1. 37

      Strongly-worded denial from the company here.

      1. 7

        I can’t flag this as “incorrect”, but that’s what it is. I had to explicitly agree to set up a “wallet” in Keybase. I checked some friends’ profiles; I knew one of them hadn’t set up their wallet, and sure enough, they don’t have a Stellar address on their profile.

        This guy is just doubling down. If he’d stuck with “I can’t delete my Stellar attestation” he’d have a story, but this post is just angry nonsense.

        1. 2

          What’s weird is that he waited 6 months to write this.

          1. 3

            Most likely explanation: Idly created a wallet, forgot about it, 6 months later discovered it and assumed malicious behavior.

            1. 4

              Also: the described behavior sounds like it would take a few minutes to reproduce but this post doesn’t include steps to reproduce. @sneak’s rebuttal to the company denial just indicts the company’s motives and links to users who are complaining they can’t remove it, not that it was created for them. There’s no evidence and Keybase would really be foolish to have promoted Stellar as described. Forgetting sounds like the most likely explanation.

              1. 3

                Even by the low, low standards of internet nerd outrage, this is pretty amazingly small-time.

                1. 2

                  Pretty much what I did; I don’t remember setting up a wallet at all, but I have one. This is all normal and fine of course, but the immediate jump to “zomg malicious conspiracy!!111!11!!” is one I don’t quite understand 🤷 I guess some people like being angry.

          2. 17

            This is an unnecessarily sensational article, as others have noted. Personally, the main reason I’m concerned about Keybase’s partnership with Stellar is that it makes me worry the company’s priorities don’t align with mine. I think that’s an entirely realistic fear, and there was no reason to look so hard for a reason to worry. It’s okay to disagree with a company’s product decision because you don’t like the decision, there’s no need to look for technical arguments to justify that disagreement.

            1. 7

              “Personally, the main reason I’m concerned about Keybase’s partnership with Stellar”

              I’m with you on that. I loved the idea of Keybase. It could become a trust broker in many ways with the original product just being infrastructure for things that sell better. What sells better pays for that infrastructure that benefits everyone.

              That they were venture-backed already risked them going bad. Now, partnered with Stellar. I don’t know the incentives or goal posts align well with what many of us wanted them to do.

            2. 16

              Backdoor is a strong word here.This is unexpected behavior. You did not expect for the software to make you a private/public key pair, but it did. And it put it on your sigchain. But your security was in no way compromised. Everything happened on your device without asking the server for anything. It just did what you did not expect.

              Edit: An edit in the post says that this should qualify as a backdoor because it signs a key without your permision, and Keybase said that signing a key without your permision is a backdoor. Now, while technically this is signing a public key, it is not the same. The context in Keybase blog is to sign a key with intention to allow that key to have the same permissions as the signing key, basically a device provisioning in Kebase’s terms. What this is, is a powerless signing of a key, you just say “This is mine”, but you don’t give it any permisions. This is the same as signing a twiter proof. You say “this is mine”, but you still cannot do anything from twitter that could mess with your Keybase account, besides removing the proof. Now you might think that if Keybase would sign a twitter profile without your permision, that is a backdoor. And it would be, because you do not in fact have access to that twitter account. But, it isn’t the same, as in this case Keybase client creates the account for you, gives you the credentials, and signs them to indicate everyone they are yours. Now this isn’t a backdoor, this is just unwanted behavior.

              1. 4

                You’re right, this isn’t a backdoor. The author (and many others who I believe would strongly agree) simply don’t like what the front door is being used for.

                1. 1

                  Unwanted behavior that uses my private keys to generate unwanted signatures in cryptographic software is called a backdoor when those signatures benefit someone who is not me.

                  1. 3

                    Those signatures do not benefit anyone else at all. Those are signing YOUR stellar public keys created in YOUR hardware.

                2. 8

                  I feel genuinely sorry for the Keybase developers for having to deal with this sort of toxic and sensationalist drivel, which sadly reappears every time I begin to think that its rate of occurrence is diminishing in open source security and privacy software development.

                  I’ve been involved in open source efforts for encryption software for a decade, and I can’t wait until this sort of thing is just banned completely from acceptable discourse. I don’t even think it’s fine if we’re discussing a critical vulnerability: you can do what, for example, Project Zero did with the recent WhatsApp RCE and just report it, document it, make sure it’s fixed, publish a CVE and a blog post discussing it, and then move on. Professionally. What makes this style of rhetoric doubly repugnant is when it’s used to describe a non-issue, as we see here.

                  What the hell does anyone gain from this? How are “edginess” and “notoriety” useful properties for anyone to have, and how does this style of writing express a desire for anything else, really?

                  1. 6

                    According to the responses from keybase, this is not really automatic. But it is too easy to accidentally do it (tap the wallet tab and tap through the popups to close them). And the “no way to delete” part is really bad.

                    Keybase also apparently doesn’t give you the ability to restrict messaging to contacts only. I sense a common theme: lack of user control.

                    I have deleted my account. In all these years, I have never actually used it for anything, and this buttcoin-funded stuff in general is annoying.

                    1. 3

                      The chat was pretty convenient. I still have it just in case it’s useful again. Rarely use it.

                      The thing that nags me about it is the sheer size of it every time my software updater runs. And how often it runs just for Keybase. There’s just something about crypto, secure, and 100+MB in same sentence that makes me think one word shouldn’t be in there. Without that word, I start wondering if it should be a point of trust. Then, I don’t actually trust it.

                      1. 1

                        Have you tried matrix/riot for chat? How is keybase better/worse?

                        1. 2

                          All the Matrix threads I see mention a bunch of problems. So, I’ve decided to stay off it until they get it where they want to be. I haven’t tried Riot since I thought it was Matrix, too.

                          Keybase was pretty simple, like an old IM. I haven’t used it for anything other than sending plain text. It’s kind of convenient for the discovery process. There’s people I knew that were on there, I just typed their name into chat, sent a message, and they replied. We went back and forth a bit. There’s some protection built-in to protect the casual conversation. It was good for basic chat in non-paranoid situation. I GPG-encrypt text and zip files that I send for more serious stuff.

                          Main drawback of Keybase was two-fold: it has a strange way of moving to new machines requiring two to make it work; so little use that I totally forgot about it and that when doing a clean reinstall. I copied everything to new system except Keybase. Lost that key which let me see those prior conversations. Now, they’re lost without re-authentication (assuming I understand correctly) with new ones done under new key. Again, Keybase wasn’t useful for anything critical to me so no big deal. Just kind of wish it just had a file for each device that I could use instead of their authentication system over multiple devices.

                          1. 2

                            Riot is a matrix client, yes. Matrix has had lots of problems, but most have been fixed and work is underway to fix the rest. E.g. E2E encryption is not on by default, but should be during this fall. And matrix has (encrypted) key backup to the home server, should you wish to use it.

                            1. 1

                              Some friends and I tried out Riot and there were… a lot of problems. Some of them seemed like simple UI problems that would never have passed UX review (e.g. intermingling personal preferences and room-wide settings in the same dialog box) and others were harder to figure out (random flakiness in message availability that could have been client, server, or even protocol issues). I’ve also heard that enabling federation in the Synapse server implementation causes massive performance issues.

                              I want to like it. It’s just really not there yet.

                              1. 1

                                When was this? Because it improves constantly and fairly quickly.

                                1. 1

                                  Two months ago.

                                  I just fired up Riot to answer that question, and as the history spooled back down from the server to the client, it played a little snippet of ringtone for every voice call I’d ever gotten, with call notifications flashing up and disappearing. -.-

                              2. 1

                                The other solutions I had mostly just worked. That’s why I avoided Matrix with its many problems. I’ll be happy to try it when it’s a fully-working solution. At least for the common uses. Obviously, I don’t need every extra feature to be perfect or anything.

                        2. 2

                          How Keybase was supposed to make money has been a murky area from the start. I’m disappointed they didn’t go with a paid “corporate” tier, or charge a yearly subscription for stuff like the git repos. That would have alleviated concerns about their funding. Airdropping XLM does the precise opposite.

                          1. 3

                            They were pretty clear that they didn’t have a business model: https://github.com/keybase/keybase-issues/issues/788

                            “Dunno lol” seems to be how a lot of startups operate. Seems like a bad idea. :-)

                          2. 2

                            I have deleted my account. In all these years, I have never actually used it for anything, and this buttcoin-funded stuff in general is annoying.

                            I ended up doing the same after years of not using it, despite accumulating a small social graph there.

                          3. 4

                            Don’t give bad actors an out by claiming they’re doing the one thing that they are not actually doing.

                            There isn’t a backdoor in Keybase. Claiming that allows Keybase to justifiably refute that claim, which buries what they are actually doing.

                            1. 2

                              What is the nefarious stuff Keybase are doing?

                            2. 6

                              Why does anyone trust Keybase? They’ve been untrustworthy since they originally suggested uploading private GPG keys for convenience

                              1. 4

                                Exactly! Like hell I’m giving them my private key!

                                IIRC, I created a key pair just for Keybase. Signed it with my key pair. That worked fine since nobody on Keybase checked it that I remember. That just inspires more confidence, right? ;)

                                1. 3

                                  It’s the same as uploading an encrypted key to Dropbox, Google drive, etc. Yes, in theory you lose a tiny bit of security, but realistically your attacker needs to break AES to use your key, and such attacker capabilities usually aren’t included in most threat models.

                                  1. 1

                                    The keys weren’t encrypted with a passphrase for the web stuff to work seamlessly.

                                    1. 1

                                      IIRC web stuff connects to keybase service on your computer to work

                                      1. 5

                                        It originally didn’t at the launch of Keybase. You had the option of cli tools (secure, you control the key) or uploading to their web servers for convenience

                                      2. 1

                                        Odd. The web app does scrypt (even says that on the login button) on the password, I’d be surprised if the derived key wasn’t used to encrypt the keys used for messaging.

                                        1. 2

                                          Unless you have a time machine you won’t be able to see what they used to do with uploaded GPG keys

                                          1. 1

                                            Indeed, because the backend is closed source.

                                            1. 2

                                              And even if it was open, because you can’t know that’s what they were actually running. (This is why E2E encryption and an open client is important, and an open backend is a security red-herring.)

                                    2. 3

                                      This is one of those situations where if you’re a hardcore crypto-head, and have been managing your own PGP/GPG keys for years? You probably shouldn’t, but then it’s not FOR you.

                                      It’s for people who want a reasonably secure, convenient way to use crypto to send/receive email, store files, and chat.

                                      There’s no requirement that you upload your existing keys to them, you can always have them generate a fresh key and use it that way.

                                      1. 1

                                        Yes true but it is misleading to the non-technical users. Compromise of the Keybase servers meant compromise of their private keys, and as there was no forward secrecy in use…

                                        1. 3

                                          I disagree. I don’t think they ever claimed that users keys wouldn’t be compromised if they (Keybase) were.

                                          This is a perfect example of the perfect being the enemy of the good.

                                    3. 2

                                      I’m interested in crypto, but am apparently totally out of the loop here. Why do people hate Stellar? Or do they? https://github.com/keybase/client/issues/19385

                                      1. 7

                                        You have to consider people who don’t want any cryptocurrency in Keybase (or anywhere else, depending), and those who want a specific cryptocurrency to the exclusions of others.

                                        There’s a strand of thought within specifically Bitcoin that’s summarized as “maximalism” - the ideal that only Bitcoin will “win” in the future. Exposure to another cryptocurrency is literally anathema to these people. They are shitcoins, and “hodling” them would be a betrayal of maximalism.

                                        If all of this sounds cult-like, it’s because it’s what it is - at least on social media.

                                        1. [Comment removed by author]

                                          1. 3

                                            It’s a mark of this space that I can’t tell if you’re serious or not…

                                        2. 1

                                          People are weird. I mean, look at what that person is saying:

                                          I do not feel comfortable having any exposure to that token

                                          That does not make any sense. It’s like giving someone an envelope with some foreign currency and them saying

                                          I do not feel comfortable having any exposure to that currency

                                          You can burn it, lose it, give it away, whatever. But complaining about it not being some other currency is just weird.

                                        3. -1

                                          I’ve been meaning to delete my keybase account for some time now. I don’t use it, and last time I tried to, it wanted to add a uid to my keys, which I didn’t want.