Zoom In To Strengthen Encryption Of Video Calls For Paid Customers And Schools

Zoom In To Strengthen Encryption Of Video Calls For Paid Customers And Schools

Zoom In To Strengthen Encryption Of Video Calls For Paid Customers And Schools

A company official said on Friday that Zoom plans to strengthen the encryption of paid video calls by institutions such as schools and customers, but not by users of its free consumer accounts.

The company, whose business is inundated with a coronavirus epidemic, discussed a move with civil liberties groups and child-sexual abuse fighters on Thursday, and Zoom security consultant Alex Stamos confirmed the same on Friday.

Stamos said in an interview, the plan was subject to change and it was not yet clear whether nonprofits or other users, such as political dissidents, might be eligible for accounts allowing for more secure video meetings.

He said a combination of technical, security, and business factors are considered in the plan, which received mixed responses from privacy advocates.

During the epidemic, Zoom has attracted millions of free and paid customers because users can attend a meeting - nowadays, it happens 300 million times a day - even without registering. But firefighters are getting opportunities to slip into meetings, sometimes pretending to be invited.

Jenny Gebharat, a researcher at the Electronic Frontier Foundation, said she expected the zoom to change and that protected video would be introduced more widely. But John Callus, a technology fellow at the American Civil Liberties Union, said the strategy was a reasonable compromise. Security experts and law enforcement have warned that encrypted communications are progressively used to avoid detection by sexual predators and other criminals.

"Those of us who are making secure communications believe that we need to work on the real horrible stuff," Kailus said.

"Charging money for end-to-end encryption is one way to get rid of Rough-Rough," including spammers and other malicious users who misuse free services.

After a series of security failures, some institutions hired Stamos and other experts to ban its use. Last week Zoom released a technical paper on their encryption plans, without mentioning how widely accessible they would be.

"At the same time that Zoom is trying to improve security, they are also greatly improving their trust and security," said Stamos, a former chief security officer on Facebook. "The CEO is looking at different arguments. The current plan is paid from customers and enterprise accounts, where the company knows who they are."

Stamos said full encryption for every meeting would leave Zoom confident and the security team unable to add themselves as a participant in gatherings to tackle abuse in real time, Stamos said.

The end-to-end model, which means none, but participants and their devices can see and hear what is happening, will also have to exclude those who make calls from a telephone line.

From a business point of view, it is difficult to make money while offering a sophisticated and expensive encryption service for free. Facebook plans to completely encrypt Messenger, but it receives huge sums from its other services.

Other providers of encrypted communications either charge business users or act as nonprofits, such as manufacturers of signals.

Stamos and another person familiar with the matter said that Zoom is also working with regulators such as the US Federal Trade Commission, looking into their previous claims about encryption, which are exaggerated or inaccurate.

With the Department of Justice and some members of Congress condemning secure encryption, Zoom could gain unwanted new attention through a significant expansion in that area, privacy experts said. An outside spokesperson for Zoom, Nate Johnson, said its encryption was "a work in progress," including engineering design and "to which customers it would apply."

Post a Comment