Tuesday 26 March 2019
TLDR: As engineers we know our team should be encrypting data and signing software. We know this is possible with GnuPG & other PGP tools, but few succeed. Using PGP in a team is painful. Today’s 1.0 release of Fluidkeys makes it painless to use PGP in a team by simplifying verification and automating configuration and key exchange.
Ian and I are trying to make the world safer and more secure.
As engineers, we all know how important it is to protect sensitive data which could lead to a compromise of our users’ personal information.
Strong cryptography is part of the solution—end to end encryption and signing—and powerful tools like GnuPG have been around for decades.
Logically, by now we should be encrypting all our emails, credentials, certificates and backups, and signing all our software to keep our users safe…
Few engineering teams sign or encrypt emails as a matter of course. We share confidential data over Slack, we let our email providers read and archive our emails, we trust in dubious third parties and we release software without signatures, endangering our users.
Given that we have the knowledge, motivation and tools, why aren’t we using them?
From talking to dozens of engineering teams who care deeply about security but struggle to use GnuPG or other OpenPGP tools, we’ve discovered 3 patterns:
Today we proudly announce Fluidkeys v1.0 🙌🏽
Fluidkeys is a command-line application which gives your team PGP superpowers. It’s designed to remove friction, avoid asking difficult questions, and automate team workflows.
With our first teams release, you can:
Along with a flurry of fixes and improvements, the major change in this release is a secure way to create and manage a team.
Your team is defined in a signed team roster. This is a cryptographically signed config file listing the email and key fingerprint of everyone in the team:
It’s not practical for every team member to verify everyone else’s key. (And web of trust is largely irrelevant outside of very specific circles)
Instead, Fluidkeys uses the trusted-admin model. Team members delegate the task of verifying keys to a team admin. Whatever email and key are listed in the team roster is considered the truth.
Only team admins can add people to the team. All updates to the roster are signed, and Fluidkeys won’t accept an update that wasn’t signed. That means only you can add people to the team. Even though we host your roster, we can’t modify it.
Fluidkeys periodically checks and verifies updates to the roster. Any new keys are automatically fetched and imported into GnuPG. The associated email address in the roster is trusted in GnuPG using a non-exportable certification.
That means GnuPG just works if you want to encrypt to that email address (or use any other GnuPG-powered tool, like pass, Enigmail or GPGMail.)
No more emailing keys around the team and searching keyservers. Everyone that joins the team always has up-to-date and trusted keys.
Fluidkeys doesn’t currently use the public keyserver network. We use our own verifying server which protects against spoofed keys.
Fluidkeys server also handles the transfer of encrypted secrets, and hosts team rosters.
Fluidkeys is free for individuals. You get automatic key rotation and you can send end-to-end encrypted secrets to anyone in the world who uses Fluidkeys.
Fluidkeys is better in a team: you’ll get more value from its automatic key exchange and the way it configures tools for use in the team.
For teams of 2, Fluidkeys is free. You can test drive Fluidkeys today with no limitations.
For teams of 3 or more, Fluidkeys is free for 30 days.
If you like it and want to carry on, we’ll ask for a per-user, per-month subscription fee.
We have an honest business model where companies pay us for the service we provide.
We’re in the process of incorporating as a UK non-profit. This compels us to put our social objectives before profit.
Paying for a subscription to Fluidkeys ensures its development continues and supports our social mission.
Fluidkeys command-line application and Fluidkeys server are AGPLv3. You can do whatever you like with the code as long as you respect the licence.
We think being open source is a great way to keep ourselves honest. We hope you’ll agree!
We’d love you to try out Fluidkeys and let us know how you get on.
Please get in touch: we’re excited to hear from you :)
— Paul & Ian