It’s no secret that Zoom is having a moment. While the pandemic has been hard on countless companies, video calling apps have seen an influx of users. In a few short months, Zoom has become nearly synonymous with video calling. All of this attention has not come without its problems, though. Zoom has been heavily criticized for its security issues and now the company has confirmed free users won’t get end-to-end encryption.
Last week, it was reported that Zoom would be adding stronger encryption to video calls for paid customers only. Today, Zoom CEO Eric Yuan confirmed this report, and security consultant Alex Stamos is explaining the company’s position. In short, Zoom wants to be able to stop abuse and prevent harm from people who “use Zoom for bad purpose.”
Yaun said Zoom wants to be able to “work it together with FBI and local law enforcement,” which was a controversial statement. Stamos, however, says Yaun’s statement was not clear and he went on to further explain the company’s decision. He says Zoom is facing a “difficult balancing act” of trying to improve privacy while also “reducing the human impact of the abuse of its product.”
The other safety issue is related to hosts creating meetings that are meant to facilitate really horrible abuse. These hosts mostly come in from VPNs, using throwaway email addresses, create self-service orgs and host a handful of meetings before creating a new identity.
— Alex Stamos (@alexstamos) June 3, 2020
Currently, Zoom’s Trust and Safety team can enter a meeting visibly and report it if it’s abusive. End-to-end encryption would prevent Zoom employee’s from being able to do that. There would not be a backdoor to allow it, either. Stamos also talks about how a large portion of meetings use features that are incompatible with end-to-end encryption.
The current system is to offer end-to-end encryption to business and enterprise users, but there is one important distinction. Organizations that are on business plans but aren’t paying, such as schools, will also get end-to-end encryption. Stamos adds that this stance won’t eliminate abuse, but it will reduce harm. Zoom has not given a release date for the new encryption features.
Some facts on Zoom’s current plans for E2E encryption, which are complicated by the product requirements for an enterprise conferencing product and some legitimate safety issues.
The E2E design is available here:https://t.co/beLdeAwMSM
— Alex Stamos (@alexstamos) June 3, 2020
Via: Engadget
The post Zoom end-to-end encryption won’t be available to free users appeared first on xda-developers.
0 comments:
Post a Comment