Enlarge / All scammers, all the time: my Keybase message inbox.
Keybase started off as co-founder and developer Max Krohn's "hobby project"a way for people to share PGP keys with a simple username-based lookup. Then Chris Coyne (who also was cofounder of OkCupid and SparkNotes) got involved and along came $10.8 million in funding from a group of investors led by Andreesen Horowitz. And then things got increasingly more complicated. Keybase aims to make public-key encryption accessible to everyone, for everything from messaging to file sharing to throwing a few crypto-coins someone's way.
But because of that level of accessibility, Keybase faces a very OkCupid kind of problem: after drawing in people interested in easy public-key crypto-based communications and then drawing in blockchain lovers with its partnership with (and funding from) Stellar.org, Keybase has also drawn in spammers and scammers. And that has brought a host of alerts and messages that have made what was once a fairly clear communications channel into one clogged with unwanted alerts, messages, and other unpleasantryraising a chorus of complaints in Keybase's open chat channel.
It turns out there's a reason spell check keeps wanting to tell me that Keybase should be spelled "debase."
Full disclosure: I have been a Keybase user for several years, and fellow Ars editor Lee Hutchinson and I had experimented with using Keybase as a potential way of securing some of our workflow. Not needing anyone to host (and therefore own) our data seemed like a good thing. But Lee recently canceled his Keybase account and says he wont be back because of how annoying it is.
Keybase's leadership is promising to do something to fix the spam problemor at least make it easier to report and block abusers. In a blog post, Krohn and Coynes wrote, "To be clear, the current spam volume isn't dire, YET. Keybase still works great. But we should act quickly."
But the measures promised by Keybase won't completely eliminate the issue. And Keybase execs have no interest in getting involved with additional steps that they see as censorship. "Keybase is a private company and we do retain our rights to kick people out," the co-founders said in the blog post. "That hammer will not be used because someone is mostly disliked, as long as they're playing nicely on Keybase."
Part of the attraction of Keybase is that it allows hassle-free access from the Tor anonymizing network, as well as from VPNswhich makes it harder to track down the source of abusive traffic through the service. But much of the spam traffic is over unobfuscated network connections, and while some of it is coming from Europe and North America, most is coming from Russian and Nigerian IP addresses.
Other platforms have seen the same sort of problem. Romance scammers got their start on instant messaging platforms and quickly moved on to dating apps. Earlier this decade, OkCupid became a den for these scamswhere someone (often in Nigeria) poses as someone looking for love, and then moves the conversation toward pleas for financial support, calling cards, or other investments. And as I've reported earlier this year, these and other scams have taken hold on Twitter.
Right now, it's possible (with some navigation) to block someone from messaging you on Keybase and hiding messages they send. But there's no effective way to report them for abuse other than reaching out to administrators directly. And there's no way to completely filter out the requests in the first place, as anyone can create a Keybase account and send a message to you.
A romance scammer hits me up.
I'm sure this is legit.
Sure you are.
This profile uses a Twitter account to verify, but...
That Twitter account sure is convincing.
As part of the changes to Keybase being pushed out in an upcoming release, users will now be able to report spam or abusive messages straight from Keybase's chat interfaceblocking that user with a click or tap, with the option of reporting the user to Keybase administrators. The report allows for quick classification of the message as spam, harassment, "obscene material," or "other," with a field for additional details. "You'll also be able to send Keybase admins the transcript of your chatsomething we obviously don't normally have access to, sinceKeybase is end-to-end encrypted," Keybase execs explained in their post.
Another measureKeybase calls the "nuclear option" is also in the works. Similar to Twitter's protected account capabilities, it allows users to select a set of rules that determine who can follow or message thembased on whether theyre already connected in some way." These options will create a custom walled-garden experience," the Keybase execs explained. "It won't be necessary for most people -- especially after the blocking features launch -- but it will 100% shut down all unwanted contact."
More fixes are promised in the future. Considering that Keybase already provides ways for people to attest to their identities to provide trust in communications, it would be conceivable that you could filter requests based on the quality and number of those attestationsconfirmations made by posting messages to social media accounts, GitHub accounts, and other accounts that are connected to online identity (mine is tied to Twitter, GitHub, Hacker News, Reddit, and a personal domain name as well as my PGP key). Most fraudulent accounts don't bother with anything more than the free Stellar wallet address, and those that do often attach a fake Twitter account.
None of this is going to bring Lee Hutchinson back. "When a tool that I dont need or think about very often starts spamming me and requires I dig up documentation to make the spamming stop," Lee said, "Im not going to take time out of my [redacted] day to read the docs and screw around with privacy settings. Im just going to delete the tool. Which I did."
- IoT Security Solution For Encryption Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Endpoint Encryption Software Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Global Hardware-based Full Disk Encryption (FDE) Market Report 2020 by Key Players, Types, Applications, Countries, Market Size, Forecast to 2026... - July 6th, 2020
- Explained: WhatApp calls End-to-End Encrypted, but what does it mean for you? - India Today - July 6th, 2020
- The booming business of encrypted tech serving the criminal underworld - Telegraph.co.uk - July 6th, 2020
- Hardware Encryption Devices Consumption Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Network Encryption Market Growth By Manufacturers, Type And Application, Forecast To 2026 - 3rd Watch News - July 6th, 2020
- Encryption Software Market Worth $20.1 Billion by 2025 - Exclusive Report by MarketsandMarkets - Yahoo Finance - June 18th, 2020
- Zoom says free users will get end-to-end encryption after all - The Verge - June 18th, 2020
- Zoom To Offer End-To-End Encryption For Video Calls, Trials To Start In July - NDTV - June 18th, 2020
- Encryption Software Market 2020-2025: Types, Services, Cost Structure, Application, Statistics, Emerging Trends And Regional Analysis - Owned - June 18th, 2020
- Zoom to offer end-to-end encryption for all users, trial to begin in July - Reuters India - June 18th, 2020
- Cloud Encryption Market Will Generate Massive Revenue In Future- A Comprehensive Study On Key Players - Surfacing Magazine - June 18th, 2020
- Global Cloud Encryption Gateways Market Research with COVID-19 After Effects - Cole of Duty - June 18th, 2020
- Encryption Software Market 2020 By Trends, Demand, Business Opportunities, Development Factors, Applications, Overview with Competitive landscape... - June 14th, 2020
- IMPACT OF COVID-19 ON Encryption Key Management Software RESEARCH, GROWTH TRENDS AND COMPETITIVE ANALYSIS 2020-2026 - Cole of Duty - June 14th, 2020
- Move over Zoom, this encryption company just released the first fully end to end encrypted conferencing solution #105518 - New Kerala - June 14th, 2020
- Cloud Encryption Software Market to witness high growth in near future - GroundAlerts.com - June 14th, 2020
- Three secure ways to surf the internet - Gadgets Now - June 14th, 2020
- Will Zoom Bring Encryption to the People Who Need It Most? - EFF - June 13th, 2020
- Encryption Software Market Size Scope and Comprehensive Analysis by 2028 - 3rd Watch News - June 13th, 2020
- Federal-grade encryption from the comfort of home - GCN.com - June 13th, 2020
- Hardware-based Full Disk Encryption Market Growth Prospects, Revenue, Key Vendors, Growth Rate and Forecast To 2026 - Jewish Life News - June 13th, 2020
- Congress introduces EARN IT Act, which would end encryption programs but violates the Constitution - NationofChange - June 13th, 2020
- IBM kit wants to keep your data encrypted while in use - ITProPortal - June 13th, 2020
- Commercial Encryption Software Market Growth Prospects, Revenue, Key Vendors, Growth Rate and Forecast To 2026 - Jewish Life News - June 13th, 2020
- Nearly 500,000 say Congress shouldnt kill encryption with the EARN IT Act - The Daily Dot - June 13th, 2020
- COVID-19, Security and WFH: Myths and Misconceptions - Security Boulevard - June 13th, 2020
- Privacy News Online | Weekly Review: June 12th, 2020 - Privacy News Online - June 13th, 2020
- Global Optical encryption Market Insights and Forecast 2020 to 2025 - Jewish Life News - June 13th, 2020
- Hong Kong is number one in Asia for enterprise encryption, with customer personal information the top data protection priority, reports nCipher... - May 27th, 2020
- Are social giants morally obligated to break encryption? - ACS - May 27th, 2020
- Facebook plot to encrypt ALL chats will help child abusers to hide, former police chief warns - The Sun - May 27th, 2020
- Encryption Software Market To Expand At A Robust 14.27% Cagr Of 2020 | Sophos,McAfee,Check Point Software Technologies,Proofpoint,Trend Micro - 3rd... - May 27th, 2020
- Encryption Software Market Forecast Revised in a New Market Expertz Report as COVID-19 Projected to Hold a Massive Impact on Sales in 2020 | Long-term... - May 27th, 2020
- Global Homomorphic Encryption Market Analysis 2020-2025: by Key Players with Countries, Type, Application and Forecast Till 2025 - Cole of Duty - May 27th, 2020
- COVID-19 Impact ON AES Encryption Software Market: Size, Market Analysis, Application, Growth Drivers, Trends, status and Research Report by 2025 -... - May 27th, 2020
- Cloud Encryption Software Market 2020: Potential growth, attractive valuation make it is a long-term investment | Know the COVID19 Impact | Top... - May 27th, 2020
- Global Encryption Key Management Market 2020 Insights, Key Player's Competition, Trends, Sales, Revenue, Supply, Demand, Growth Analysis and Forecast... - May 27th, 2020
- Starting to look at email security. Looking for guidance - Encryption Methods and Programs - BleepingComputer - May 25th, 2020
- Global Cloud Encryption Technology Market Projected to Reach USD XX.XX billion by 2025- Gemalto, Sophos, Symantec, SkyHigh Networks, Netskope etc. -... - May 25th, 2020
- Impact of Covid-19 on Cloud Encryption Technology Market is Expected to Grow at an active CAGR by Forecast to 2025 | Top Players Gemalto, Sophos,... - May 25th, 2020
- Zoom will seek public feedback on plan for stronger encryption - The Indian Express - May 16th, 2020
- Encryption Software Market Research Report 2020 By Size, Share, Trends, Analysis and Forecast to 2026 - Cole of Duty - May 16th, 2020
- Almost half of organisations have been reported to the ICO for a potential data breach - ResponseSource - May 16th, 2020
- VPN Tunnels explained: what are they and how can they keep your internet data secure - TechRadar - May 16th, 2020
- The Week in Ransomware - May 15th 2020 - REvil targets Trump - BleepingComputer - May 16th, 2020
- WhatsApp Video Calls Will Soon Support 50: This Is Why 8s The Limit For Your Security - Forbes - May 16th, 2020
- How to Use Encryption for Defense in Depth in Native and Browser Apps - InfoQ.com - May 14th, 2020
- Analyzing Encrypted RDP Connections - Security Boulevard - May 14th, 2020
- Analysis on Impact of COVID-19-Global Cloud Encryption Software Market 2020-2024| Increasing Use of In-built Cloud Encryption Solutions to Boost... - May 14th, 2020
- Vcrypt ransomware brings along a buddy to do the encryption - Naked Security - May 14th, 2020
- Move over Zoom, this encryption company just released the first fully end to end encrypted conferencing solution - Yahoo Finance - May 14th, 2020
- GovCon Expert Chuck Brooks: Three Steps for Protecting Data in the Public and Private Sectors - GovConWire - May 14th, 2020
- What is the difference between Symmetric and Asymmetric Encryption? - TWCN Tech News - May 14th, 2020
- Encryption Key Management Software Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - Cole of Duty - May 14th, 2020
- IoT Security Solution For Encryption Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - Cole of Duty - May 14th, 2020
- Mobile Encryption Technology Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - Cole of Duty - May 14th, 2020
- Data Encryption Service Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - Cole of Duty - May 14th, 2020
- Congress May Hand Bill Barr the Keys to Your Online Life - The New Republic - May 14th, 2020
- DataLocker Sentry K300 8GB Encrypted Thumb Drive Review - TweakTown - May 14th, 2020
- Hardware Encryption Technology Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - Cole of Duty - May 14th, 2020
- Global Cloud Encryption Software Market SHARE, SIZE 2020| EMERGING RAPIDLY WITH LATEST TRENDS, GROWTH, REVENUE, DEMAND AND FORECAST TO 2026 -... - May 14th, 2020
- Mobile Encryption Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - Cole of Duty - May 14th, 2020
- Hardware Based Encryption Market Growth by Top Companies, Trends by Types and Application, Forecast to 2026 - Cole of Duty - May 14th, 2020
- Email Encryption Software Market Incredible Possibilities, Growth With Industry Study, Detailed Analysis And Forecast To 2025 - Bulletin Line - May 14th, 2020
- Google Duo is coming to the web via Chrome; features Family mode, end-to-end encryption - Moneycontrol - May 14th, 2020
- Global trade impact of the Coronavirus Commercial Encryption Software Market Applications and Company's Active in the Industry Science Market Reports... - May 2nd, 2020
- Email Encryption Market Growth Opportunities, Challenges, Key Companies, Drivers and Forecast to 2026 Cole Reports - Cole of Duty - May 2nd, 2020
- U.S. Hardware Encryption Market (2019 to 2026) - by Algorithm & Standard, Architecture and Field-Programmable Gate Array, Product, Application,... - May 2nd, 2020
- Innovative Encryption Algorithm Developed in South Korea - BusinessKorea - May 2nd, 2020
- Online course trains students in the bizarre world of quantum computing - Livescience.com - May 2nd, 2020
- Encryption Software Market Growth Opportunities, Challenges, Key Companies, Drivers and Forecast to 2026 Cole Reports - Cole of Duty - May 2nd, 2020
- COVID19 impact: Global Cloud Encryption Software Market Trends (Constraints, Drivers, Opportunities, Threats, Challenges, recommendations and... - May 2nd, 2020
- Review of the iStorage datAshur Pro2, an encrypted thumbdrive for home and work - Neowin - May 2nd, 2020
- Kanguru expands encrypted flash drive range with new 256GB options - Geeky Gadgets - May 2nd, 2020
- Global Encryption Management Solutions Market Size |Incredible Possibilities and Growth Analysis and Forecast To 2026 | Check Point Software... - May 2nd, 2020
- The COVIDSafe app was just one contact tracing option. These alternatives guarantee more privacy - The Conversation AU - May 2nd, 2020
- Data Encryption Service Market Detailed Analysis of Current Industry Figures With Forecasts Growth by 2026| Microsoft, IBM, OneNeck - News Log Book - May 2nd, 2020
- ACLU, EFF still trying to get documents unsealed in Facebook encryption case - CyberScoop - April 29th, 2020