Zoom's end-to-end encryption isn't actually end-to-end at all

Found on The Register on Friday, 03 April 2020

Most notably, the company has been forced to admit that although it explicitly gives users the option to hold an “end-to-end encrypted” conversation and touts end-to-end encryption as a key feature of its service, in fact it offers no such thing.

E2E ensures all communications are encrypted between devices so that not even the organization hosting the service has access to the contents of the connection. With TLS, Zoom can intercept and decrypt video chats and other data.

Zoom granted itself the right to mine your personal data and conference calls to target you with ads, and seemed to have a "creepily chummy" relationship with tracking-based advertisers.

Personal information gathered by the company included, but was not limited to, names, addresses and any other identifying data, job titles and employers, Facebook profiles, and device specifications. It also included "the content contained in cloud recordings, and instant messages, files, whiteboards ... shared while using the service."

Another day, another failure day for Zoom. Do yourself and everybody else a favor and drop this insecure spyware.

Browse all articles« Previous « » Next »