SoylentNews is people
SoylentNews
Zoom will provide end-to-end encryption to all users:
Zoom's CEO Eric S. Yuan today announced that end-to-end encryption (E2EE) will be provided to all users (paid and free) after verifying their accounts by providing additional identification info such as their phone number.
"We are also pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform," Yuan said.
"This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe – free and paid – while maintaining the ability to prevent and fight abuse on our platform."
This update in Zoom's plans comes after the company announced on May 27 that E2EE will be available only to paying customers, with free/basic users to only get access to 256-bit GCM encryption.
[...] To provide all Zoom users with access to E2EE, Yuan says that they will have first verify their accounts through various means such as by verifying their phone numbers via text messages.
"Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts," Yuan explained.
"We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse."
An initial draft cryptographic design for Zoom's planned E2EE offering was published on GitHub on May 22 and a second updated version was committed today (a list of all the changes is available here).
According to an update to the company's 90-day security plan, "end-to-end encryption won't be compatible with an older version of the Zoom client, and all participants must have an E2EE-enabled client to join the meeting."
The company also said that it will not force users with free accounts to use E2EE as both free and paid users will have the choice to enable it for their meetings.
Previously:
(2020-06-06) Zoom Says Free Users Won’t Get End-to-End Encryption so FBI and Police Can Access Calls
(2020-05-07) Zoom Acquires Keybase to Bring End-to-End Encryption to Video Platform
(2020-04-21) This Open-Source Program Deepfakes You During Zoom Meetings, in Real Time
(2020-04-20) Every Security Issue Uncovered so far in the Zoom Video Chat App
(2020-04-15) Over 500,000 Zoom Accounts Sold on Hacker Forums, the Dark Web
(2020-04-13) Zoom Admits Data Got Routed Through China
(Score: 2) by jmichaelhudsondotnet on Saturday June 20 2020, @02:50PM
well said, i would upvote but you are already at 5
End to end encryption does not mean what it is most often used to mean.
Like if you think signal and telegram are secure because there are two points in the communication between which it is encrypted, lol.
I expect at this point the display itself on iphone and android phones is able to route the information displayed to another chip in the phone, or everything typed into the touchscreen, so that between your finger and eyeball and the point at which the E2E(tm) begins, you are already hosed.
Real security includes the entire device, the entire signal chain, this is fact. Iphones and android phones will never, ever be this. Your only hope is that you arent interesting enough for anyone to look.
I know I am interesting enough, so I do not bother.
To actually even think at this level of security at this point is considered by the vast majority to be a mental illness, when it is simply understainding the meaning of the words involved beyond their newspeak definitions.
The situation is grim.