E2E & Zoom

E2E & Zoom

The Zoom CEO stated at an Analysts Conference that they planned to introduce End to End Encryption (E2E) for their paying customers. At the moment, zoom does not do E2E encryption, they are encrypted between the user device and Zoom’s servers, but zoom’s servers can be tapped. This means that GCHQ can’t see what’s happening, but the NSA & FBI can. (This assumes that GCHQ can’t break properly configured TLS.) In the end, doing zoom rather than skype or google hangouts, if you believe them to be more secure, is like going to a meeting and trying to spot the special branch cop, preferably before you’ve fucked them. The rest of this blog discusses the issues of the device security, technical complexity, and the problem of user identity. See below/overleaf …  …

Why Zoom?

I have posted a blog on Why Zoom? has become so popular in terms of getting consumer mind share.

I wonder if it’s based on Microsoft forgetting its history. I am sure the ultra low cost of using Zoom helps but Microsoft’s entry cost for Skype is the same and at the end, someone has to pay for the server room cycles.

Perhaps in the hypergrowth stage best of breed works but I suspect that an integrated offering will win out in the end.