![]() A serious flaw in Zoom’s Keybase secure chat application left copies of images contained in secure communications on Keybase users’ computers after they were supposedly deleted. This has caused venture capitalist investors, such as Tyler and Cameron Winklevoss, to call on entrepreneurs to build out censorship-resistant platforms for the Web3 age. Exclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted. News of Keybase’s acquisition comes as discontent with centralized social media and messaging platforms intensifies online, as these networks increasingly move to police their content. Keybase is a communication and collaboration application focused. “We are proud to offer Gab Chat, an end-to-end encrypted alternative to Keybase, and will soon be launching ON-our video conferencing alternative to Zoom,” said Torba. The browser extension for the Keybase app fails to keep the end-to-end encryption promise from its desktop variant. Torba previously told Decrypt last year that Gab, a “free speech software company” that has come under fire for allegedly providing a safe space for hate speech, planned to fork Keybase, remove the “shitcoin” Stellar and replace it with Bitcoin. “It’s disappointing to see Keybase sellout to a company with 700 employees in China that has openly admitted to routing data through Chinese servers among other shady activities,” he said. ![]() Gab CEO Andrew Torba told Decrypt that Keybase sold out for all the wrong reasons. ![]() Other critics, however, were less forgiving. “Users should demand that Zoom makes their client open source to truly mitigate privacy concerns.” “Keybase devs will probably integrate some of their functionality directly into Zoom's closed source apps, while the main Keybase product gets less development resources and is eventually phased out,” Odell said. Odell added that the deal seems to be “mostly an acquihire,” referring to how one company might acquire another primarily to use the skills and expertise of its staff, rather than integrating the acquired firm’s products directly. He told Decrypt that “as a Keybase user this really sucks, but on a positive note, it's good to see end to end encryption becoming a mainstream requirement.” If Zoom basically can take Keybase's architecture and encryption technology and quickly implements it, it's a huge win, says Ian Thornton-Trump, CISO at Cyjax. Privacy expert and Tales from the Crypt podcast host Matt Odell runs the “the largest Bitcoin focused Keybase group,” . MORE FROM FORBES Zoom's 200 Million Users Are Facing A Serious New Threat By Kate O'Flaherty Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted. This is a positive indication of how Zoom is treating Keybase following its acquisition and a step to attenuate the worries that the community had concerning the real intentions of the video conference company.$0.04710071 0.42% Terra Classic (Wormhole) The bug bounty received by the Sakura Samurai team for this finding was $1,000, while the hacking group commented that Zoom was very responsive to their reports. The patched releases came out on January 23, 2021, so it’s been a full month already. If you are using an earlier version, make sure to update your Keybase client immediately. Keybase supports all three major operating systems, and there’s also source. Once you’ve done that, you can run Keybase: Follow the installation instructions for your operating system. A serious flaw in Zoom ’s Keybase secure chat application left copies of images contained in secure communications on Keybase users’ computers after. This confirms we have Keybase ready to encrypt. Security Week Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client. As millions of isolated people have flocked to Zoom to connect with socially distanced family, friends, and coworkers, the company has faced criticism for. ![]() Thus, CVE-2020-23827 has already been reported to the firm and subsequently fixed with the release of Keybase 5.6.0 for Windows and Keybase 5.6.1 for macOS and Linux. Keybase also tries to build this web of trust platform by linking your accounts to your Keybase profile. The Security Ledger Exclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted. The discovery of the flaws came thanks to Zoom's bug bounty hunting program when it acquired the project back in May 2020. These users may have their devices seized by the police for analysis so that the “physical access” part wouldn’t be far-fetched for a significant portion of Keybase’s userbase. This is very bad, especially for users who have picked Keybase specifically to stay safe from authoritarian regimes. Thus, if an attacker manages to establish local access onto the user’s machine, they could potentially access files that have supposedly been securely erased on Keybase. ![]()
0 Comments
Leave a Reply. |