Buying Guides
by Review Geek

Browse All Buying Guides
How-to Geek Best Of Badge Award

Reader Favorites

8 Best Wireless Mechanical Keyboards
5 Best Places to Buy Vinyl Records Online
8 Best Hot Swappable Mechanical Keyboards
Apps to Share Your Location with Family
The 5 Best Trip Planning Apps
The Best Multi-Device Mice and Keyboards for Power Users
7 LEGO Alternatives That Still Work With LEGO Bricks

More from Review Geek

Browse All Buying Guides
Browse All Latest News

Review Geek Editorials

Why Everyone Needs to Stock up on Power Banks
I Switched to a Galaxy S21 and I Hate It
I Tried Carvana: It Was Worse Than The Dealer
Don't Buy an Electric Riding Lawn Mower
Why We Can't Recommend Wyze or eufy Cameras
Don't Buy This Fake 16TB Portable Hard Drive
You Don't Really Ever Own an EV

More from Review Geek

Browse All Reviews
Browse All Buying Guides
How-to Geek Editor Choice Badge Award

Across LifeSavvy Media

FROM LIFESAVVY
BedJet 3 Review: Personalized Bed Climate Control Made Easy
BlendJet 2 Portable Blender Review: Power on the Go
FROM HOW-TO GEEK
System76 Gazelle (gaze18) Review: A Portable Linux Powerhouse
Poly Voyager Free 60+ Review: Rise of the Enterprise Earbuds
We select and review products independently. When you purchase through our links we may earn a commission. Learn more.
X
Popular Searches
News

Zoom Will Only Offer End-To-End Encryption to Paid Users

Josh Hendrickson
Josh Hendrickson
Editor in Chief

Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read more...

About Review Geek
@canterrain
| 1 min read
A Zoom video call with four people.
Zoom

When you’re on a Zoom video conference all, your data isn’t end-to-end (e2e) encrypted. While Zoom does encrypt the calls, it does so using the same technology as your browser, and the company can decrypt your call at-will. Zoom previously promised to move to e2e encryption, but now the company says it will only do so for paying users.

The difference between e2e encryption and Zoom’s current encryption is pretty stark. With e2e encryption, the company facilitating the call doesn’t have access to your data. Instead, that protection runs from user to user. But Zoom’s use of TLS encryption is similar to what you get with a protected site like Gmail or Twitter, and the company has full access to your data.

When the Intercept first pointed this out, the news spread like wildfire, and Zoom quickly promises to shift to e2e encryption. But now, on an earnings call Zoom’s CEO, Eric Yuan told analysts that only paid users would enjoy that protection. As reported by Bloomberg technology reporter, Nico Grant in a tweet, the CEO stated:

Free users for sure we don’t want to give that because we also want to work together with FBI, with local law enforcement in case some people use Zoom for a bad purpose.

The implication is, bad actors could use Zoom for terrible or illegal purposes, and by not encrypting free users, Zoom can partner with the FBI to track them down. However, Yuan didn’t address the fact that nothing stops those bad actors from merely paying for the service and gaining access to e2e encryption.

Alex Stamos, a security consultant for Zoom, tried to clarify the company positions in a Twitter thread, along with a defense for the company’s use of AES encryption for free users.

https://twitter.com/alexstamos/status/1268061791818403840?s=20

But it didn’t take long for security researchers to come in force against Stamos’s reasoning, and understandably so, since Stamos didn’t address several concerns with Zoom’s choice.

https://twitter.com/kaepora/status/1268091577731293190?s=20

In comparison, Facebook protects its Messenger program with e2e encryption yet still incorporates a built-in abuse report mechanism. Given that fact, it seems Zoom could do more to protect its free users while also preventing its video chat software from being used for malicious means.

via TechCrunch

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »