More and more of life leaves bits of digital information about us on numerous devices and services. This may include cloud services. Keybase is a service I’ve been checking out as way to securely save and share information, encrypted.
Sell it to me Goz
Keybase provides messaging services, cloud storage, and team messaging services, along with encryption to support everything. Nothing leaves your machine unencrypted. There is no way for anyone at Keybase to look at anything you’ve said or stored in Keybase.
The cloud storage shows up as a drive on your operating system of choice (Windows, macOS, and Linux). Inside of this storage is a private area for your use, or there can be shared folders. Files placed in the drive are encrypted before leaving your machine. No one can read your data, not even anyone at Keybase.
The public folder in your Keybase drive is available over
https://. Files placed in the public can be shared with a simple web link. You can even host full websites.
Even if you don’t use Keybase, you can use the website to encrypt data meant for my eyes only. On the Keybase website there is a form that allows you to encrypt data for a Keybase user.
Once the data is encrypted you can safely email it or send it through a messaging service. Only the recipient will be able to decrypt the message. No one else will be able to read it.
I am Spartacus!
A key piece of Keybase is the ability to authenticate people. Well, you’re not guaranteed that the person you are talking to is who you think it is, but it is pretty close. A user of Keybase can prove to Keybase that the user is in control of various accounts and domain names (or websites). If you visit my profile on Keybase, you can see that I verified several different accounts. For an attacker to masquerade as me, they would have to take over several accounts on different services. I secure most of the sites with two factor authentication, which would make the task even harder.
After installing the software, you can immediately start using it for chatting and storage. Be sure to save your pass phrase somewhere safe. If you lose it, you will lose your account and everything in it. Keybase cannot restore any information because all of your data is encrypted. Additional devices can be approved from any device that is already signed in. You can set up the software on your desktop, and then approve your smartphone from the desktop.
Files can be stored securely in the mounted drive. I’ve started to use this storage for sensitive documents such as tax returns and medical forms & bills.
There isn’t a search function to find others, you’ll have to know their name to add them and start chatting.
Everyone talks about Slack and Discord, but Keybase also lets you set up teams and channels. The teams also can share data.
I haven’t played around with the Git features. Git is a distributed version control system, and with Keybase, you can store your repository in an encrypted form and share it with your team or selected others.
This seems complicated
Security is tough, and encryption adds another layer of complexity. Keybase takes away a lot of the difficulties on staying safe and secure. Also, any security assumes your machine is not infected with any sort of malware or viruses. If someone has control of your machine, then all bets are off.
Feel free to shoot me a message if you sign up. Even if you’re not going to use it for chatting the other encrypted features make Keybase useful.