Zoom finally adds end-to-end encryption for all, for free – though there are caveats

2020-10-27 20:09

Zoom has finally added what it says is end-to-end encryption to its video conferencing service at no additional cost for all users, whether they are paying subscribers or not.

"We're very proud to bring Zoom's new end-to-end encryption to Zoom users globally today," said Zoom CISO Jason Lee.

Zoom says its end-to-end encryption will use 256-bit AES-GCM, which we take to mean the data in transit is ultimately encrypted using this algorithm, and some sort of secure public-private key exchange is performed beforehand to ensure only the participants on the call can decrypt each others' part of the conversations - and no eavesdroppers, not even Zoom itself, can listen in and make sense of what's happening.

Zoom already encrypted its communications using AES-GCM-256 though it wasn't truly end to end until now for all.

It's a shame that Zoom hasn't made more of those restrictions because it would help spread broader understanding of what end-to-end encryption really is and how it works: something that is dearly needed thanks to both politicians and law enforcement purposefully muddying the waters out of a desire to have access to encrypted communications.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/10/27/zoom_endtoend_encryption/

#encryption #zoom

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Zoom		54	4	51	80	12	147
Free		9	0	3	1	3	7