Implement user blocking #1593
Comments
|
I don't understand what blocking has to do with tracking. Why would you not want somebody to track your proof? |
|
It's mainly an issue of that user appearing on your profile in the list of people who are tracking you and (later, when it's implemented) sending messages via the website or @keybase.io email redirector. |
|
I have no control over who is tracking me. If somebody tracks me and I don't want them to, there's nothing that can be done about it at that point. They are tracking me, they have saved my information, and their tracking me has been recorded in the blockchain. What would blocking do at that point? |
|
If you don't want people to track you, what are you trying to get out of Keybase? |
|
Blocking someone should, at minimum, remove that user from the "Trackers" list on your profile page.
I may not want specific people to track me, message me, or appear on my Keybase profile page. |
I think what @pathawks pathawks is trying to say is it serves no purpose to be able to 'block' someone. These users aren't 'following' you--they're asserting to Keybase that they want updates via the CLI about the validity of your key. To remove this feature would decrease the value that Keybase has--it would be shooting the service in its own foot. |
|
@zQueal Thank you for putting into words what I was dancing around 😃 |
|
@pathawks I think it speaks more for the need to change the word 'tracking' to something more assertive. We've discussed it at length before, but couldn't really decide on a replacement. For posterity sake, I threw my vote in for 'assert'. Seems to work pretty well. |
Sure, it does. I've already listed several purposes but I'll go over them again for posterity:
How, exactly? So far the arguments against having the ability to block seem to boil down to "why would you want that?" and a vague "it may hurt the site". None of those are very compelling IMHO. |
|
thanks, everyone, for opinions on this. @pkirkovsky - your points on blocking are certainly valid. As an aside, we ran a dating site for 10 years. I know that when you don't want to see someone, you really don't want them appearing in your suggestions, in the form of notifications, or in any other way. You also might not want other people making connections between the 2 of you, and that's more subtle...I'll get to that in a sec. @zQueal & @pathawks - your points are valid when looking at tracker statements as a distributed proof verification service. It's definitely one of the roles of tracking. However, it's hyperbole that we're shooting ourselves in the foot to block tracking! The service would not be weakened if someone could magically remove some of the strength of their own proofs by preventing others from tracking them. They'd still have all the power of their own proofs, timestamped, in Keybase's merkle tree, even hashed into the bitcoin blockchain. Everyone: The big problem here is that you never want a person to know you block them. It can incite people further, offend them, or make them think they're successful at getting to you. This adds fuel to the fire, which will make them attack in other ways, outside the controls of the blocking system: on other services, via other accounts, whatever. Or it might just hurt their feelings. Aaand...blocking a tracker statement would be discoverable by the person being blocked. They are signed statements put into a public place, which, by design, is consistent for all users. (more info: https://keybase.io/docs/server_security ) To be clear: to block someone from tracking would require that either (a) they can't write this entry in the merkle tree, or (b) clients all see the entry in the merkle tree, but they've been notified in some way to ignore that one blocked entry. Both expose this info pretty clearly to the person being blocked - far more easily than on services that keep and control their own "follow" graphs and expose them selectively to everyone differently. How to proceed? I think the most logical answer is probably that blocking should happen privately, just from the perspective of the person doing the blocking. In other words, A can still track B, but B can opt never to see that fact. Similarly B will not be notified of anything else A does, including attempts to send messages, files, or anything else we implement. Basically B shadowbans A, a fact which is kept between B and Keybase's servers. Then, Keybase's servers work with B's clients to make sure B is never bothered by A. Does this make sense? I would prioritize this sometime after we get other sharing services done... The one caveat here is that to everyone else in the world, A is still a tracker of B. B might not want this. What if A is an embarassing ex-boyfriend or something? This is tough to resolve for all the reasons outlined above. Again, just thinking out loud here, but a private blocking will be needed eventually if we roll out any kind of communication tools in the future. |
It does! I still, however, have to maintain the opinion that I don't think it serves any logical point--but again, it's just my opinion. I just don't see any situation (or at least I can't think of one) where it would be imperative to a user that another user absolutely not be involved with their public accounts in any way. For example, if you block someone on twitter, but you're authored on Keybase, they can just sign out of their account and view your tweets because they're public. It's a useless endeavor and only causes a slight inconvenience to the other user. As well for Keybase, if a user is blocked that only means that any communique from you cannot be verified by them unless they get your public key from another source. This is why I say you're kinda shooting yourself in the foot--you're ensuring another Keybase user cannot verify your identity. Pretty counter productive considering what Keybase is trying to do. But yet again, this is just my opinion and me trying to contribute positively to the discussion. EDIT:
This makes more sense to me now. But with that being such an incredibly niche case, would it even be worth the implementation? |
|
I find the response to @pkirkovsky 's post disappointing.
What an incredibly awful way of looking at it.
I can see @pkirkovsky's point and I think they're valid as far as the website is concerned. I don't care if a blocked person has access to my public key; it's public. What is someone going to do with it? However, if I want to not be associated with someone on the website, I think that is a perfectly legitimate reason/use-case. Good thing other services don't feel the same way about it. |
|
I deleted my keybase account today because this fundamental block feature has not been implemented, and it created 2 problems for me, both of which @pkirkovsky has already stated
In response to @malgorithms comment I never want a person to know I'm blocking them?
Incite them further?
Adds fuel so they attack in other ways?
Hurt the blocked person's feelings?
I don't like the idea of a keybase side "shadow ban" block where messages are stored on keybase server. Instead, prevent B from messaging, viewing, or following A. I don't think it is a "niche case" to want to be able to control who shows up on your profile page as your follower. Followers should be user controlled through block at least |
|
+1 for having a block feature built in, please! |
|
So, I ended up here because about a week ago I got someone tracking me, which in itself isn't a problem. But I have a problem with their profile picture which is very visible at the top of my followers list. I could not find any sort of report feature so decided to search around if there's any way to hide/block this user from showing up there. It appears not then. Just for reference I've screenshoted the users profile: So, now I've been thinking of closing down my keybase account since it doesn't bring me much value anyways. I manage my gpg-keys the "old-fashioned" way by meeting people, signing keys and uploading to keyservers and have never hosted them at keybase. But it's a project I support and wish to keep using the platform since it may push people to use encryption. So I'm quite a but on the fence there... |
|
+1 for closing your Keybase account because the developers ignore the need for a basic feature like blocking |
|
I have been followed by people that I don't want others to know follows me. I told them about Ok, how do I at least lower the risk of someone who is only looking at my keybase lightly through the web UI seeing that other person's picture and saying "OMG JONATHAN AND XXX KNOW EACH OTHER!" Which I'm sure I could deny by saying "plausible deniability man, it's a public profile, anyone can follow me" but the damage to my reputation is done. With twitter, if I block someone, they don't show up on my followers list, and I don't have to associate with them. With keybase, all I can do is prevent my client from showing / sending notifications from them in direct chats. This is not good. |
|
They say that implementing such a feature would damage the platform. I think we have proof both from me and @junderw that it's the reverse. I'm hoping to get some kind of response from keybase regarding this the coming week. Otherwise I'll just bug out. |
|
I think most of you need to realize that what you're asking for is tantamount to prohibiting users from signing your public PGP key. How, exactly do you propose that happens? Even if it's not done through Keybase, if a user wants to assert your identity it's going to happen. Whether it be via Keybase tracking, or they find your public PGP key, sign it, and release it to a key server. The only safeguard is to not have a key. The only issue here seems to be some sort of social phobia of user Assert(ions), instead of track(ing) has been the best alternative term I've seen or am likely to see. When tracking a user you're asking Keybase to monitor their key for change, and are simultaneously adding to the user WOT by saying "hey, I believe this person is who they say." Tracking a user for any other reason defeats the entire purpose of the feature. So does the interpretation or insinuation that a tracked user must then have a personal relationship with the Keybase user and visa versa. Implementing a feature which would decrease the user WOT (profile blocking) by removing tracked/tracking users from your profile page does nothing but decrease the confidence in a users identity so you can somehow safe face. IMO it make zero sense. Keybase already has the If you don't want to be associated with XX user, then my advice is to not have public profiles.... |
Nope. Just hide them from my followers in the GUI. That's it. Just like how hide works in chat. They can track me and everyone in the world can verify their signature and see their signature in the sigchain... but just don't have their picture and username on the Followers page. |
Well, at least I'm not. Because that wouldn't work, as you say yourself. And sure, someone can download my key from a keyserver, sign it and upload it and there's nothing I can do to stop it. This is a known fact.
Yes, that is correct. And keybase seems to aim to be a social platform, and as a social platform I'd find it important to be able to manage what's visible on my profile. Toggles to hide who's tracking me would be enough because that would allow me to have total control over what's visible.
Then someone comes around and not use it to irritate people.
That would be fine as well. But just hiding the list as a toggle would be easier to implement.
Well... So say I had a public profile, and someone I've never heard about that seems to be a "weird person who I don't want to be associated with" comes around and add their name to my profile and I can't do anything about it because the social provider platform doesn't allow me. That just means that the provider is bad, if you ask me. If you ask me, the "owner" of a profile page should be able to manage what's on it. |
This sums it up, pretty much. This isn't GPG WOT, if some bad guy signs my key and publishes it on a keyserver. "well, anyone could do that." would suffice since only people who understand how gpg works use gpg. Keybase is aiming for solving the key exchange problem using Social Media and hopefully "everyone else" will sign up. Well, "everyone else" will stare at me with a blank look on their face when I say "Anyone can follow me. It's out of my control." many "normal people" will not understand that unless explained to them, and they might not even bring it up and just assume. It's interesting that the whole idea of Keybase was to solve the key exchange problem and bring it to the masses, both accomplished through social media and yet the reasoning behind the pushback on fixing this issue is:
That's what "following" is for on every other social media. If I was followed by 50,000 neo-nazis and made no effort to remove them from my followers, any normal person would just assume "oh, this guy is a neo-nazi" even if I told them "hey, this social site doesn't allow me to block or hide followers." they've probably already made up their mind. |
|
"Toggles to hide who's tracking me would be enough because that would allow me to have total control over what's visible." and ability to block users from being able to send Keybase Chats would suffice. Nothing GPG related at all here, just 2 Keybase flaws. |
|
I see the value in this now.
To somebody unfamiliar with the specifics of how user tracking works, it could appear as though I have a connection with somebody who is following me even if I have never initiated any interaction with them. Their avatar would appear on my public profile, and I currently have no way to hide their avatar from my public profile. |
|
Today, I got a spam message from a random person:
If blocking would be implemented I'd have blocked him already and prevented myself getting more messages, and de-listed this spammer at my followers section. My tweet regarding this: https://twitter.com/ardadev/status/973492565050785792 So please, implement this feature. |
|
I received a spam message nearly identical to @Ardakilic's. My organization has implemented Keybase and uses a number of its communication functions, and I'd be reluctant to migrate the entire team off a solution that has been working for us. I understand that Keybase started out as a tool to share and verify cryptographic identity, and that discouraging user connections made little sense in that context. But since then, the tool has implemented communication and social features – functions inevitably bring unwanted contact and harassment. If my team and I can't manage who's able to message us through Keybase, then the noise/signal ratio of legitimate messages will quickly drop below the threshold of usefulness, and we'll implement other channels for sharing secure files and messages. |
|
Please implement blocking, or at least some way i can control my interactions with other users. I no longer want the man who sexually assaulted me to follow me or be able to interact with me on keybase, but I have no way to prevent it. |
|
I have recently resolved this issue by removing my keybase account. It worked. Maybe not ideal. But it worked. I didn't use keybase for any of it's services in practice anyways. I used it to map my identities on different places to one place. That's it. Which I thought was good in it self. On the GPG-side of things I've used gpg the "classic way" anyways with public keyservers and meeting up for keysigning and such. So it's not much of a loss from my point of view. Can't speak for anyone else though. |
|
|
|
Classic SCAM |
|
I also need to block messages from a user. Is there still no way to do this? Thanks. |
|
This needs to be added immediately so that you can block messages from people and also prevent them from having visibility to your followed contacts. The public nature of the contacts lists has now enabled someone to start harassing me and my contacts simply because Keybase has no user blocking implemented. An encrypted chat service isn't a social media platform. It shouldn't be treated that way. |
Keybase is not an encrypted chat service. Keybase is a public space for verifying identity... the chat service is an extra add-on. The reason Keybase users are able to know with a high likely hood that your public key is your public key and not some impersonator's is because you have all these other Keybase users signing your keys at different times. And their keys are signed too by other people, who's keys are signed by other people. |
|
If suddenly you can block it so that no one can check your pubkey signatures (since they can't see your followers) then you are now the EASIEST person to impersonate on Keybase. PGP web of trust has the same problem. Your PGP keys have your email address embedded in them... and a looong long time ago that made it so some people could find your email to spam you... since everyone uploaded their PGP keys to keyservers and almost all signatures of others' keys was made public as well... so connections / associations could be gleaned. These problems were never solved with PGP and the fact that Keybase is a LOOOOT easier to use than PGP and most scammers are dumb... unfortunately Keybase being easier to use means more dumb scammers can use it too... Just keep hiding chats as they come. Maybe eventually they will add an auto-hide feature that is whitelist based. (You whitelist people to chat with you, everyone else is automatically hidden) |
|
PGP key verification and having a publicly available list of all the people who you talk to are very different. I can easily prove who I am by having my PGP public key on a website and several profiles I own, which I do already. Having my list of contacts essentially be public information is unnecessary. If I want to be able to block someone from following me and communicating with me or finding my contacts, I should be able to do that. I am far less concerned with someone trying to impersonate me by forging a public key that would be useless to them anyway without it's private match. Now I have to deal with the much more obnoxious issue of someone pretending they know me as a pretext to talk to my friends and contacts simply because I have no way to stop them from doing so. Because of one dick who is harassing my contacts, it's more practical for both them and myself to unfollow everybody. If that's the only solution to dealing with someone that is actively damaging my reputation, then it's an issue with the platform itself, hence why I'm bringing it up. At the very least, I should be allowed to hide my contacts except with those who I want to have contact with and build up an internal web of trust rather than having it laid out in the open for people to start harassing my affiliates. |
"The PGP web of trust is useless." is an argument that many people hold. Since Keybase is trying to be PGP but easier, this is why it is the way it is. If you think the PGP web of trust is useless, and don't need the same extra security from Keybase, then don't follow anyone, and tell your friends to not follow you. However, as with PGP web of trust... there should never be a feature to block someone from following you or to block someone from seeing your signature on someone elses pubkey. That breaks the meaning of the web of trust. If you don't want to use it. don't follow. or use the Remember, "follow" in Keybase is just a fancy way of saying "I signed their pubkey with my private key" which is basically the PGP web of trust but using hip new cool words like "follow" from the Social Media age we are in. Technically you are "signing" them, none of their activity is reported to you, like Twitter, so you aren't really "following" them.
You can easily create proofs on your twitter and facebook and website, and just never follow anyone, and if that's enough for you with PGP, then it should be enough for you with Keybase. Back on topic though. I do think that having an ability to hide people that follow you from the UI is a must. (If some people with Nazi symbols as their icons decide to make you look bad by following you with a ton of their accounts, you should be able to hide those people from showing up on the UI, but in the background their signatures are still validated. It's an image problem imo... the "if people can see my followers they can contact them!" is not an issue since that was an issue with PGP web of trust to begin with. (Regardless of whether or not you and your friends signed each others PGP keys, which I am guessing you didn't) |
|
To the Devs: I didn't come here for a debate. I'd much rather contribute directly than have passive-aggressive arguments in the issue comments. I truly believe this can become an abuse problem, so I would like to offer up some ideas for solutions. If you guys want to reach me for anything further on this issue, feel free to @ me. Until then, I'll be unfollowing this issue. Sorry to add to the clutter. Response for junderwGitHub is hardly a place for a debate, but don't put words in my mouth, man. I never said the "web of trust is useless." You can prove your identity two ways. Either you can have enough people vouch for you, or you can provide sufficient evidence that other people consider trustworthy. In the case of keybase, having sufficient proofs attached to various properties (ie: websites, social media profiles, etc) is just as effective and comes with the same flaws. Just like you can falsify profiles, you can falsify signatures. It's a matter of "how much is enough?" How many trustworthy platforms does it take, and/or how many trustworthy people are necessary to validate identity? Regardless, this has nothing to do with my position of valuing privacy over validation (or 'extra security' as you describe). Yes, having enough proofs on my profiles is enough for me, because I am selective enough in who I affiliate with and know where & how to reach them in a way that is trustworthy (and yes, that includes signing their keys.) I would simply like the option to keep my contacts private. My request is that this option be made available in the UI. Why not simply keep "contacts" and "validated signatures" separate? Seems like a perfectly valid and acceptable solution to me. I don't need other people to see who I trust or who trusts me. In my use case, that is unnecessary. Personally, I see keybase as a great service, and I would like to continue using it; however, I am going to critique it and offer solutions to other use cases and improvements. This is one of them. The encrypted services are what attracted me and my colleagues to keybase in the first place, and so I am offering a request for improvement. I'm not here to debate the finer points of validating online identity. I am here to make a valid case that keybase can be used as a tool for harassment because of the way it publicly presents its users list of "followers" which is the functional equivalent to a contact list, as far as the chat service is concerned. Because of that, I see a problem that needs addressing in the form of providing users with the option to conceal or privately maintain a list of contacts that is functional and practical through the UI. If you are on the development team and are trying to quietly tell me that the issue won't be addressed, kindly close it and I'll begin searching for alternatives. Please don't passive-aggressively dismiss me as inept or make rude assumptions about my familiarity with the platform simply because I use it differently from its initial intent. Keybase is, thus-far, the only platform of its kind that offers these services in a single, convenient UI. I would rather contribute to it with feedback than throw it away because it has a problem. Considering the vast changes the developers have made to the platform in order to fit various use-cases, I don't think my request is beyond reason. |
|
@True-Demon Nothing about what I said was passive aggressive, and I am not a member of the Keybase team. I think they would be open to a nuanced feature that addresses some of your issues, but when you make statements like:
You are essentially stating: "I think that my 'Followers' and 'Following' section is equivalent to my 'contacts' in another encrypted chat app ie. Signal etc." or "I think that I must 'follow' someone in order to be able to 'contact' them." (Which might be a UI issue that could be brought up separately (Keybase does encourage people to follow other people they plan on communicating with, just as PGP encourages people to sign friends' keys and publish their signatures on the PGP web of trust.) so that users are not confused into thinking that it is necessary to follow someone in order to chat with them.) If reading "Having my list of contacts essentially be public information is unnecessary." and extrapolating that you view the "followers" as equivalent to "contacts" in your comment is "putting words in your mouth" then I apologize if it was off-putting. I had no intent to offend. Also, in case people reading this issue aren't aware there is a block feature for chats:
Though from reading all the comments thus far it might be better to have a whitelist where all random chats from people are auto-blocked. And a whitelist is managed by each user. |
|
I've also just removed my Keybase account (which I have had for several years now) because of the lack of blocking, and I will be encouraging everyone I know to do the same thing. |
|
I joined keybase few days ago and already want to leave because the lack of user blocking feature. |
|
I have basically had to add. To my bio, purely because some group are trying to tar me by someone who followed me on keybase. |
This happens more than one may think. Last night I had a serial harasser follow me on keybase and I have no way to be able to block them. This is a safety issue. |
|
One other thing: It is cruel to force people to interact with a given harasser via the UI in order to be able to mute correspondence. In some cases, merely seeing the harasser's picture will cause anxiety, PTSD, etc. |
|
This would be great, since I'm getting spammed now and have no way of avoiding it short of shutting down Keybase. This really seems like a huge oversight. edit: Apparently there is a hidden Block button, which is revealed after clicking on the "Info" icon in the top-right. |
|
Keybase is invasive. I trashed it out of my computer. Enough... I'm not using this program anymore except web version. |
This isn't relevant to this thread. Don't like Keybase? Move along. |
|
I'm a new user who joined because of AirDrop. It seems like Keybase has lots of potential to let me create a unified, encrypted hub for my social media accounts. But the unwillingness to fulfill a simple request like "I'd like to be able to remove softcore porn from my profile page" is limiting its appeal. |
|
Blocking a user should remove them from your follow list on your profile. |
|
@heronhaye that is what we have been asking for and wasn't around when posted. |
|
It seems that user blocking has recently been implemented. You can go to someone's profile and block them and/or block a conversation and optionally report it. Blocking a user will remove them from your followers list. So I think this issue could be closed now... |
|
Yeah, it was added sometime in the last year and I for one am extremely glad of it |
|
There's still no command to block users: |
|
I love the smelling Shit emoji on top of the block user profile... very nice touch Now could you highlight their nick as thanks |
and others
Keybase should allow user blocking, which would presently lock out the
trackfunction and prevent the blockee from tracking the blocker.Blocking is especially important since @keybase.io email addresses and web-based messaging are upcoming features and can easily facilitate harassment. At that point, blocking should lock out messages via the website and email redirection from the email addresses attached to the blockee's profile & public key.
The text was updated successfully, but these errors were encountered: