![]() ![]() ![]() Facing mounting criticism, Yuan announced on April 1 that the company would stop development on all new app features and focus entirely on security.Ī week later, the company hired former Facebook security chief Alex Stamos as an outside security consultant. Zoom was an early beneficiary of the videoconferencing boom spurred by the novel coronavirus pandemic, but the platform's weaknesses were quickly exposed after experts found security flaws in the app's code and privacy issues with user data management. We believe this will provide equivalent or better security than existing consumer end-to-end encrypted messaging platforms, but with the video quality and scale that has made Zoom the choice of over 300 million daily meeting participants, including those at some of the world's largest enterprises. Encryption keys will be tightly controlled by the host, who will admit attendees. Zoom Rooms and Zoom Phone participants will be able to attend if explicitly allowed by the host. These end-to-end encrypted meetings will not support phone bridges, cloud recording, or non-Zoom conference room systems. We are also investigating mechanisms that would allow enterprise users to provide additional levels of authentication. The cryptographic secrets will be under the control of the host, and the host's client software will decide what devices are allowed to receive meeting keys, and thereby join the meeting. This key will be distributed between clients, enveloped with the asymmetric keypairs and rotated when there are significant changes to the list of attendees. An ephemeral per-meeting symmetric key will be generated by the meeting host. Logged-in users will generate public cryptographic identities that are stored in a repository on Zoom's network and can be used to establish trust relationships between meeting attendees. In a blog post Thursday, Zoom CEO Eric Yuan said the Keybase acquisition will allow Zoom to offer an end-to-end encrypted meeting mode to all paid accounts. Zoom's marketing practices suggested that the company used the AES-256 encryption standard to keep video calls secure, but instead, a substandard AES-128 key in ECB mode was actually in use.Įncryption has remained a focal point for Zoom over the last several weeks and is at the forefront of the company's 90-day plan to improve the security and privacy capabilities of its platform. You can also stay up to date using the Gadget Bridge Android App.Zoom came under fire earlier this year for saying that its platform used end-to-end encryption when in fact it did not. Once we have assessed this feedback for integration into a final design, we will announce our engineering milestones and goals for deploying to Zoom users.”įor the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. We will then host discussion sections with civil society, cryptographic experts, and customers to share more details and solicit feedback. ![]() We will not build any cryptographic backdoors to allow for the secret monitoring of meetings,” the company said in a blog post.Įmphasising on its commitment to remain transparent and open as it build the end-to-end encryption offering, Zoom revealed, “We plan to publish a detailed draft cryptographic design on Friday, May 22. “We also do not have a means to insert our employees or others into meetings without being reflected in the participant list. Moreover, Zoom has asserted that it has not and will not build a mechanism to decrypt live meetings for lawful intercept purposes. ![]() This cloud-enabled video meeting app does not and will not proactively monitor meeting contents, but our trust and safety team will continue to use automated tools to look for evidence of abusive users based upon other available data. For this, Zoom will continue to work with users to enhance the reporting mechanisms available to meeting hosts to report unwanted and disruptive attendees. Besides this, Z oom is aware of its goal to prevent the use of its products to cause harm. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |