recentpopularlog in


« earlier   
See where your calendar overlaps with everyone on your remote team. Integrates with Slack. No time zone math. No more missed meetings. Start for free!
remote  slack  time  meeting  plan  schedule  team  zone 
yesterday by roggedoggelito
What the Slack security incident meant for me, the Keybase CEO • Keybase
Max Krohn was packing for a holiday in January when he got a Slack notification that he had logged in from the Netherlands:
<p>My immediate thoughts, in order:

• Thankfully we don't put sensitive communications (from financials to hiring to shit-talkin') into Slack. We basically just use a #breaking channel in there in case we have Keybase downtime. Phew. I didn't have to worry about being extorted or embarrassed. And Keybase as a company would almost certainly emerge unscathed.<br />• WAIT A SEC. How did this happen? I use strong, secure, distinct, random passwords for all services I log into. Either Slack itself was compromised, my password manager was compromised, or my computers were "rooted" by an attacker.<br/>• Our weekend was hosed.

At risk of getting the car towed, I dashed an email off to Slack's security team, and after a few back-and-forths, received the standard fare. They did not inform me of the directly related 2015 Security Incident but instead implied that I was messy with my security practices and was to blame.

Though I was more than 90% convinced that Slack had been compromised, as the CEO of a security-focused company, I couldn't take any risks. I had to assume the worst, that my computers were compromised.

In the subsequent days and weeks, I reset all of my passwords, threw away all my computers, bought new computers, factory-reset my phone, rotated all of my Keybase devices (i.e., rotated my "keys"), and reestablished everything from the ground up.</p>

Turned out he hadn't been keylogged, but Slack had really screwed up in 2015. Four years ago.
slack  password  security 
2 days ago by charlesarthur
Slack Security Incident for Keybase CEO
It was a cold Saturday New York City morning in January 2019. I was packing the car for a family ski vacation when I received a truly horrifying email: That's interesting, I was just in the middle of loading up the Prius. Certainly, I wasn't using Slack from....
Archive  keybase  slack 
3 days ago by plouf
Slack Security Incident for Keybase CEO
I got the email today that countless other people got. Apparently my account might have been compromised in a previous attack. This corroborates my suspicions - I was never rooted and didn't need to deprovision all that hardware and keys. Still, what's done is done. What's dead can never die. Nonetheless, as the incident comes into focus, things seem worse than previously thought:

The attackers also inserted code that allowed them to capture plaintext passwords as they were entered by users at the time.
slack  security 
3 days ago by micktwomey
What to Know About Slack's Non-IPO Direct Public Listing | Fortune
Ten years after it was founded, Slack Technologies will list its shares on the New York Stock Exchange on Thursday. The ticker symbol? WORK. And the NYSE has set Slack’s stock reference price, which may help determine where it starts trading, at $26 a share, valuing the company around $15.6 billion.
Fortune  Slack  Investing 
4 days ago by GameGamer43

Copy this bookmark:

to read