Following the unprecedented growth of Zoom in our current home environment, Questions about security and privacy Recommendations have been made for cloud conference services. According to reports BloombergThe CEO of Zoom explains some of the reasons behind certain security decisions at the company’s free service layer. A few months ago, the video conferencing service was under fire Misleading claims about encryption level Can be used for its meetings. Although Zoom promotes “end-to-end encryption” (or E2EE), the company is still told to use its unique definition of terms-meetings are encrypted between Zoom servers, not between individual clients, which means The company can theoretically access any satisfying option. Although Zoom stated that such surveillance will never be carried out, it is reported that it is still working to improve security, Plan to bring E2EE to all paying customers in the near future. Yes, this does not include all free customers, the company has explained that this is done to make it easier to cooperate with law enforcement and authorities.
Quoting CEO Eric Yuan: “It’s safe to say that we don’t want to do this for free users, because we also want to work with the FBI, and if some people use Zoom for malicious purposes, Local law enforcement.” In the past, Zoom had Widely usedFrom harmless but destructive “Zoombombing” to truly harmful purposes, such as hate speech, child abuse and other illegal activities.
Currently, Zoom employees can enter the conference as a fail-safe backdoor to combat abuse of the platform, but it is not possible to use E2E encrypted connections. Therefore, the company limits the availability of enhanced security standards to prevent abuse.
Therefore, this creates a difficult balance for Zoom. The attempt should not only improve the privacy guarantee that Zoom can provide, but also reduce the impact of misuse of its products on people.
-Alex Stamos (@alexstamos) June 3, 2020
Zoom’s security consultant Alex Stamos also tweeted about the situation, explaining that E2EE implementation requires “difficult balancing behavior.” Dividing E2EE to paying users who are more likely to actually need to pay will inevitably help, but Zoom says it will work to provide a more comprehensive solution in the future.
Obviously, the extensive demand for video conferencing solutions and the many complexities of ensuring Internet connection security have complicated the process of moving to a more convenient, secure, and reliable cloud. But hopefully, Zoom’s latest efforts will be able to meet the needs of its growing user base.