Ever since Keybase was acquired by Zoom, a company with a very bad history with security/privacy, people wanted an alternative. There have been a few different alternatives proposed: this is the best mine.
What is Keybase?
Before we talk about replacing Keybase, we should have a good idea of what Keybase actually is. It’s main features are as follows (ordered as on the website):
- E2EE chats and messaging (people and teams).
- Cryptographic identity verification from around the net.
- KBFS (Public signed file hosting, private E2EE file storage w/ sharing, Static site hosting??)
- Git repositories? Crypto? An alternative to PGP?
Previous Attempts to Replace Keybase
I’m not the first person to try this, obviously. Some brave folks have tried to build Keybase alternatives, such as keys.pub and the brand-new Keyoxide. I’ve tried both, but found that though they both are good in their own right, they are not the solutions that I am looking for.
OK Time for the Steps
Step #1: Chat/Messaging
There are a few great pre-existing options for encrypted messaging: Signal, ProtonMail if you want to go full email, Telegram, and WhatsApp. However, they all have their problems (though I use the first two on a daily basis). Signal requires a phone number, and is more of an iMessage/text replacement than a Slack-style chat app. Protonmail is literally not chat – it’s email. Telegram is (debatably) not secure. If you use WhatsApp for security you might be crazy – I only use it because it’s the way to communicate with people in the Middle East and Africa.
Instead, I would recommend you use Matrix. Matrix is an “open network for secure, decentralized communication,” and it’s the perfect replacement for Keybase’s chat and I would argue most other chat apps too. It utilizes E2E encrypted messaging, and can be self-hosted as well or if you’re cheap like me just get your friend to host.
In addition to a Matrix server, you also need a client. For this, I recommend Element – though Nio, once stable, will almost surely be my go-to. Element is a beautiful Matrix client with a bunch of awesome features, including Slack-like integrations, and apps for pretty much every major platform (Linux, MacOS, Windows, iOS, Android, and a web client). Plus it looks a lot like Discord.
Step #2: Identity verification
Replacing Keybase’s original function is probably the most difficult part of this tutorial: cryptographically verified identity proofs is a great and innovative idea. I would swap this out with an IndieWeb profile – one part of the larger microformats HTML structure. There are some pretty great tutorials out there (I would recommend this one by the fantastic Kev Quirk and this one by Brian Wisti), so I won’t go into too much detail about exactly how to do that. However, it’s important to note that though Kev recommends hiding your h-card with the display: none;
property: don’t do that. I just merged my about and contact pages onto my homepage, and added the microformats classes to my existing markup.
Step #3: File Storage
Replacing KBFS is easy to do, but hard to get right. Swapping to Google Drive is probably the move that most people would make, but that abandons the entire security/encryption aspect of Keybase. There’s also Dropbox, but that has the same problems as above. ProtonDrive has potential, but it’s not out yet.
EDIT: ProtonDrive is now in beta for paying subscribers, but I am shifting away from the Proton ecosystem for other reasons and do not recommend it. More in a future blog post.
Enter Syncthing. Nikita Tonsky wrote one of my favorite posts of all time about Syncthing – go read it. One reason Syncthing is so great is that it’s not the same thing as KBFS or any of the other “Drive” solutions. Instead of being a file hosting system, it’s a “continuous file synchronization program” – aka p2p. You have no data limits other than your storage and no third-party to worry about. Plus, sharing folders is also incredibly easy. Just read the article.
Bonus Step #4: Video Calling
It would be a shame to talk about text chat, or really any form of communication, in this new pandemic age without talking about video chat. After all, the whole reason I’m writing this article is because the new videocalling giant Zoom. So, how have I replaced Zoom and how does that relate to replacing Keybase? Well, Matrix happens to have a fantastic Jitsi Meet integration. Plus, the folks over at Jitsi are working on E2E encryption for their calls. I’ve integrated Jitsi Meet into my self-hosted instance of Matrix, and now all my videocalls are just that – mine!
Summary
- Swapped chat to Matrix and Riot.
- Swapped identity verification to Indieweb.
- Swapped file storage/sync to Syncthing.
- Added videocalling to chat program via Jitsi.
Conclusion
Keybase is a great service, and the people who work there should be really proud of what they’ve built. However, given Zoom’s aquisition of the company, the stability and security of the product have been called into question. So, ever one to hop on a hype train, I jumped ship. I’m really happy with my solution, and I’d love to hear your thoughts as well.