Technology Zoom reverses course, will give end-to-end encryption option to all users

20:45  17 june  2020
20:45  17 june  2020 Source:   msn.com

Zoom 5.0 update will bring much-needed security upgrades

  Zoom 5.0 update will bring much-needed security upgrades The coronavirus pandemic has led a surge of workers, learners, family members and friends to connect with Zoom’s video conferencing platform. However, security-conscious users have been hesitant to use the app because of a variety of security concerns. Zoom 5.0 will be out by the end of the week, and the company hopes that the latest version of the software’s new encryption and privacy features will ease those worries, including new encryption standards, more privacy options and more sensible defaults.One of the most important features of Zoom’s 5.

  • Users who wish to enable the higher-grade encryption will be asked to provide additional information.
  • Previously the plan was to provide end-to-end encryption only to two types of paying account holders.
Eric S. Yuan wearing a suit and tie smiling at the camera: Eric Yuan, CEO, Zoom Video Communications © Provided by CNBC Eric Yuan, CEO, Zoom Video Communications

Video-calling software company Zoom said Wednesday it has figured out how to offer stronger encryption for all of its users, rather than only for certain paying users.

The move shows the company continuing to address criticism, which has stepped up in lockstep with the company's sudden popularity as the coronavirus pandemic forced millions to stay home. The change could keep some users from switching to videoconferencing services from competitors like Cisco, Facebook, Google and Microsoft.

Zoom quietly admits its claim of having 300 million daily active users was misleading

  Zoom quietly admits its claim of having 300 million daily active users was misleading A blog post stated incorrectly that Zoom that has 'more than 300 million daily users' and 'more than 300 million people around the world are using Zoom during this challenging time.'According to a report from The Verge, the company has quietly altered a press release containing the figure posted to its blog forum earlier this month.

End-to-end encryption is technology that prevents anybody except the sender and recipient of a call from being able to access any of the information in the call. The technology is generally agnostic -- it not only protects against hackers, but also makes it almost impossible for government agencies or law enforcement to see the content, even if they have a legal right to do so.

Earlier this month CEO Eric Yuan told analysts on a conference call that the company would offer end-to-end encryption only for customers who paid for the company's business and enterprise plans.

Now Zoom has made a U-turn.

"We have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE [end-to-end encryption] as an advanced add-on feature for all of our users around the globe – free and paid – while maintaining the ability to prevent and fight abuse on our platform," Yuan wrote in a blog post.

Zoom buys the identity service Keybase as part of 90-day security push

  Zoom buys the identity service Keybase as part of 90-day security push Keybase serves as a secure home for online identitiesThe Keybase team is supposed to help Zoom build end-to-end encryption for its videoconferences “that can reach current Zoom scalability.” Zoom has been working on building true end-to-end encryption for videoconferences since coming under criticism over the last month for making its calls incorrectly appear to be fully encrypted. The company plans to publish encryption designs on May 22nd, but there’s no specific timeline for when the feature will be finished.

The feature will become available in beta next month. Hosts will be able to enable or disable it for each meeting, and account administrators will be able to enable or disable the feature for groups and individual accounts.

End-to-end encryption won't be on by default. Instead, the default will be what's available currently: 256-bit advanced encryption standard, or AES, encryption, which can protect data from unwanted access while it's moving over the internet.

The service will ask users who want to turn on the higher-grade encryption for additional information, such as a phone number that Zoom can verify.

"Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts," Yuan said. "We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse."

Zoom's revenue grew 169% in the most recent quarter as its usage mounted, and the company's stock price has increased about 250% so far this year. 


Zoom to provide end-to-end encryption after mounting privacy concerns .
The videoconferencing software has seen a boom amid stay-at-home orders. Evan Greer, the deputy director of nonprofit digital rights group Fight for the Future, called the decision "a big victory for grassroots activists who fought hard to make sure that Zoom offers strong encryption to everyone, not just to their corporate clients and those who can pay.

—   Share news in the SOC. Networks
usr: 36
This is interesting!