https://www.reuters.com/article/us-spacex-zoom-video-commn/e…
Excerpt:
The Federal Bureau of Investigation’s Boston office on Monday issued a warning about Zoom, telling users not to make meetings on the site public or share links widely after it received two reports of unidentified individuals invading school sessions, a phenomenon known as “zoombombing.”
More discussion:
SpaceX is following NASA guidelines. Says to use email, text, or phone. NOT a different/competing video conferencing technology! That’s a critical distinction.
Zoom is focusing on resolving security issues:
https://techcrunch.com/2020/04/02/zoom-freezes-feature-devel…
The article ends with:
“Something is wrong at Zoom — there’s a corporate culture issue that leads to all those missteps. It’ll take much longer than 90 days.”
I think that is misleading. It can be interpreted as 90 days is insufficient to address technology issues. Also, earlier posts on this board and statements from MF itself would disagree that there is a culture issue.
Bob
Long ZM
From the ycombinator site:
The IT guys in the industry know very well what constitutes an E2E encryption. Those two ends must be “trusted” which means it’s either you yourself - your computer, or the other party which you want to talk to. Everything in between is third party and must get only encrypted data. If they redefine one of the “ends” as Zoom server, that’s definitely intentional, blatant, and therefore fraudulent.
I am at work. If I was not, I would look around to see if the term “end to end” is a generally accepted term for “only you and the other guy you are talking to can see clear content”. That is what the ycombinator poster is saying.
It appears that Zoom defined it as “you to our server, then our server to your friend”. That means ZM servers have your content unencrypted. If the server-decryption / re-encryption is a technical requirement for their video traffic flow to work as well as it does, their best feature works because of their worst flaw. If that cannot be fixed, they will lose a lot of paid business they otherwise would have.
I don’t know. Network security is not my expertise. Any tekkies here have the time to dig further?