Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Keybase iOS has a backdoor that signs proofs against my knowledge and consent #3583

Closed
sneak opened this issue Sep 29, 2019 · 1 comment

Comments

@sneak
Copy link

@sneak sneak commented Sep 29, 2019

https://sneak.berlin/20190929/keybase-backdoor/

I don't want XLM shitcoins. I don't want anyone to send me XLM shitcoins thinking I want them. I don't hold any private keys for XLM shitcoins, despite what my keybase profile now fraudulently claims.

Somehow, on the 4th of February, an attestation has found its way onto my profile, signed by one of my devices by the Keybase iOS client (keybase.io go client 2.13.2). I did not want this signature generated with my keys. Indeed, it happened without my knowledge or consent.

I am unable to revoke this from my keybase profile.

@Omeryl

This comment has been minimized.

Copy link

@Omeryl Omeryl commented Sep 30, 2019

The official reply from Keybase:

keybase/client#20022 (comment)

@malgorithms Can we get this one closed too?

@keybase keybase locked as resolved and limited conversation to collaborators Sep 30, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
3 participants
You can’t perform that action at this time.