However, by default Keybase Teams messages do not offer perfect forward secrecy, a necessary usability trade-off, the developers argue. Keybase Teams with self-destruct messagesĭespite Keybase's origins in PGP land, crypto (as in cryptography) geeks will be pleased to know that Teams uses NaCl under the hood and not PGP.
And any use now is grandfathered in." Keybase
Adoption has yet to hit critical mass, meaning Keybase is offering early adopters what sounds like a "free forever" plan, writing in their launch blog post, "We eventually want to find a way for actual enterprises to pay, while keeping personal and community use free. CSO took Teams out for a test drive and found it surprisingly mature. Meet the Slack alternativesįirst launched in 2014 in a post-Snowden attempt to bring PGP to the unwashed masses, Keybase now offers a Slack alternative called (wait for it) Teams. But while both offer a desktop client, they are are optimized for mobile, and neither is a good fit for enterprise deployment, where compliance with relevant data retention and deletion laws requires corporate key escrow to be effective. Signal and WhatsApp both use the Signal protocol and offer similar confidentiality guarantees. It is lacking in perfect forward secrecy and is unsuitable for both personal group collaboration and enterprise deployment. Why not Signal? WhatsApp? Or even email?īefore we get to the Slack alternatives, you may ask, “Why not just use Signal or WhatsApp groups, or PGP-encrypted email with a long CC list?” spies will use mass surveillance tools to steal foreign intellectual property and share that IP with companies stateside.Ī breach at Slack of either the technical or legal variety would prove catastrophic to many organizations that rely on the service. Global companies need to consider the real possibility that U.S. spies contemplated "cyber operations" to steal intellectual property (IP) from research and development centers around the world within the next five to ten years. According to a leaked document from the Office of the Director of National Intelligence - the Quadrennial Intelligence Review Final Report, 2009 - U.S. government (think PRISM), not to mention malicious insiders (as Twitter discovered the hard way).Ĭompanies with headquarters, or even employees, outside the United States may have particular cause to worry. It might come as a surprise that Slack, the ubiquitous collaboration tool that found success by slapping a slick GUI on top of IRC, is not end-to-end encrypted, creating a mounting pile of sensitive data on Slack's servers - data that's vulnerable to nation-state hackers, lawfare attacks by the U.S.
0 kommentar(er)
