22 February 2019
Protecting liberty by simplifying security
Recap: Fluidkeys makes PGP simple for engineering teams. It helps you safeguard your source code and protect passwords, secrets and personal data.
fk team createto bootstrap a team
fk team createto bootstrap a team
Wow, what a week. Since we publicly committed to a date for our first teams release, we've been setting tough weekly goals.
We didn't quite define the full scope of the first teams release, partly because the feedback we solicited is still rolling in, and partly because we were too focused on building...
This week we built an MVP version of
fk team create which lets you start defining a team.
Ian went to town on making it help you out by looking in gpg for existing keys you might have for your team. That makes it a little quicker to get started.
There's some important detail which makes teams harder than it sounds: teams are defined in a cryptographically signed file that only you can modify.
The file is hosted in our server, but because a signature is required, it's technically impossible for us to sneak an extra key into your team. Without access to your team admin's private key, we can't create the signature required to change the team.
Of course, we have no plans to backdoor our customers, but we think it's important that the technical design means you don't have to believe that.
We're calling this a signed team roster and we're grateful to Micah and co at First Look Media for inspiring this approach with their Keylist / fingerprints.txt standard.
We chose to use cron to run Fluidkeys regularly (for automatic key rotation) because it exists on Linux and macOS. We understood that Apple advise against this (recommending instead to use launchd) but at the time, a cross platform approach seemed the best compromise.
The macOS update Mojave introduced a new permissions model for any applications wanting to modify a users's crontab.
It's a pretty brutal dialog, and understandably people aren't in a hurry to grant Fluidkeys access to "administer your computer". Unfortunately, if people did click "Don't Allow", Fluidkeys would blow up. Not good.
Now, just before that prompt comes up we hint why it's happening. And if the user denies access, we tell them how to add Fluidkeys to their crontab manually:
Adrian is helping us to explore what legal structure best fits our mission, our goals, our outlook, how we want to be perceived, and so on.
After running through the homework he'd set us, we ruled out a number of structures.
The biggest surprise to us was that our position and narrative against mass surveillance is likely to be too political for a charity or a community interest company. It would be awkward if chose a structure which was incompatible with us running cryptoparties, participating in the Internet Freedom Festival, supporting the Tor network, and so on.
We're happy to announce that we've decided to incoporate as a Company Limited by Guarantee.
We'll use our articles of association to enshrine three essential components, namely:
Considering we spent 90 minutes talking about legal structures, we both emerged extremely positive and fired up.
Forming a non-profit is a powerful way of signalling that our motivations are bigger than money. Or in other words, putting our money where our mouth is :)
Adrian has been brilliant. If you're exploring social enterprises, consider this a strong recommendation.
Next week we will:
Thanks for getting this far!
All feedback is welcome, pop us an email to firstname.lastname@example.org