I wrote Zoom off last year after the local webserver nonsense. Any company that can convince itself that is a good idea doesn't deserve my business. There's no path to redemption. Game over.
In the post Covid world I was forced to compromise a bit and I will join a Zoom call in a browser (when it works) or install the app on my phone if I have to. I trust iOS to not get totally owned by a rogue app more than anything else I have available. Although recently that's not an entirely safe bet either.
Keybase was not critical to my daily life so it will not hurt to get rid of it. It's about risk management. There are no upsides to Zoom and almost no upsides to Keybase (for me). With the growing list of downsides it's an easy choice to make.
It could be argued that acquiring a whole security-focused company is a signal they’re seriously reconsidering their approach to security and deserve a benefit of the doubt.
They also lied about having end-to-end encryption. The awful security practices could be chalked up to incompetence but the fact that they lied has taken it too far, in my opinion. I too have deleted by Keybase account because of this.
Zoom is, or was, collecting a list of running applications on machines. Keybase requires that you run it on multiple devices for security. It would be reasonable to expect that Zoom would love to embed such data harvesting in the Keybase client.
Do you have a reference for this? Were they confirmed to be sending the info to the server? I would note that it wouldn't be uncommon for a program like zoom to have the relevant api calls in it to allow the user share a specific app with the conference call.
Hear hear. It really is an absurd world we live in, and I had a good chuckle about that - just before I deleted my Keybase account.