As millions attempt to work from home during the coronavirus pandemic, some companies are using Zoom teleconferencing software, but that could be a risk: Zoom video calls do not offer end-to-end encryption.
Micah Lee and Yael Grauer for The Intercept:
Zoom… claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video and audio from meetings… The service actually does not support end-to-end encryption for video and audio content, at least as the term is commonly understood.
The encryption that Zoom uses to protect meetings is TLS, the same technology that web servers use to secure HTTPS websites… This is known as transport encryption, which is different from end-to-end encryption because the Zoom service itself can access the unencrypted video and audio content of Zoom meetings. So when you have a Zoom meeting, the video and audio content will stay private from anyone spying on your Wi-Fi, but it won’t stay private from the company…
Matthew Green, a cryptographer and computer science professor at Johns Hopkins University, points out that group video conferencing is difficult to encrypt end to end… “If it’s all end-to-end encrypted, you need to add some extra mechanisms to make sure you can do that kind of ‘who’s talking’ switch, and you can do it in a way that doesn’t leak a lot of information. You have to push that logic out to the endpoints,” he told The Intercept. This isn’t impossible, though, Green said, as demonstrated by Apple’s FaceTime, which allows group video conferencing that’s end-to-end encrypted. “It’s doable. It’s just not easy.”
MacDailyNews Take: True end-to-end encryption is important for sensitive, competitive information. If you’re using Zoom for sensitive information, beware. As Lee and Grauer explain, “Without end-to-end encryption, Zoom has the technical ability to spy on private video meetings and could be compelled to hand over recordings of meetings to governments or law enforcement in response to legal requests.” Read more in the full article.
zoom also tends to run when you think it isn’t, check the Dock if hidden. This company cannot be trusted
deleted it as soon as i found out about despite the fact that zoom stated they have updated their software. can’t trust them.
I agree that Zoom can’t be trusted but I don’t have a choice since my employer uses it and requires it for daily conferences.
Use a work computer and never put anything personal on it.
Why would they lie about updating their software to resolve a security problem, if its going to make people not use them, makes no sense.. Why is anyone using Windows, ever, thats the largest security cesspool on the planet.. and you know you’re out there, even if your sitting on your Mac or iPad right now.