Zoom Developing End-to-End Encryption Feature for Paying Users

by

Videoconferencing service Zoom says it is developing end-to-end encryption for the platform, but the feature will only be available to paying users.

zoom logo
Speaking to Reuters, Zoom security consultant Alex Stamos confirmed the plan, which had been based on "a combination of technological, safety and business factors."

Zoom has attracted millions of free and paying customers amid the global health crisis, with stay-at-home measures causing a surge in the number of people working remotely.

However, lax security, such as the ability for unregistered users to join meetings, has led to zoom-bombing pranks and caused alarm amongst safety experts and privacy advocates.

"Charging money for end-to-end encryption is a way to get rid of the riff-raff," Jon Callas, a technology fellow of the American Civil Liberties Union, told Reuters. Callas said it would deter spammers and other malicious users who take advantage of free services.

End-to-end encryption ensures no one but the participants and their devices can see and hear what is happening in a meeting, but it would also have to exclude people who call in to Zoom meetings from a telephone line.

Zoom is currently under investigation by regulators such as the U.S. Federal Trade Commission over previous claims about encryption that have been criticized as exaggerated or false, according to Reuters.

Privacy experts also told the news organization that with the Justice Department and some members of Congress condemning strong encryption, Zoom could draw unwanted new attention by expanding in that area.

Back in April, Zoom was accused of misleading users with claims that calls on the platform are end-to-end encrypted, when in fact videos are secured using TLS encryption, the same technology that web servers use to secure HTTPS websites.

Currently, Zoom's in-meeting text chat is the only feature of Zoom that is actually end-to-end encrypted. But in theory, the service could spy on private video meetings and be compelled to hand over recordings of meetings to governments or law enforcement in response to legal requests.

Apple already uses end-to-end encryption to protect FaceTime users as call data travels between two or more devices. Even Apple can't decrypt the call and listen in to user's conversations.

Tags: Encryption, Zoom

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article136 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article492 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
Apple Watch Series 9

2024 Apple Watch Lineup: Key Changes We're Expecting

Tuesday July 16, 2024 7:59 am PDT by
Apple is seemingly planning a rework of the Apple Watch lineup for 2024, according to a range of reports from over the past year. Here's everything we know so far. Apple is expected to continue to offer three different Apple Watch models in five casing sizes, but the various display sizes will allegedly grow by up to 12% and the casings will get taller. Based on all of the latest rumors,...
Read Full Article38 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments

Top Rated Comments

Sasparilla Avatar
Sasparilla
54 months ago

Is Skype better than them?
From a security standpoint, yes way better. Zoom lied about their encryption multiple times, was caught routing customer calls to China (where their business meetings would be most important), was caught installing a server on the Mac OS application that constantly phoned home information even after you uninstalled Mac Zoom application and the list goes on and on. The execs have most of the development done in China so the devs don't cost anything.
Score: 8 Votes (Like | Disagree)
centauratlas Avatar
centauratlas
54 months ago
“Charging money for end-to-end encryption is a way to get rid of the riff-raff," Jon Callas, a technology fellow of the American Civil Liberties Union

Security only for paying users is a pretty poor model.
Of course the kids use Group FaceTime not zoom except for classes, but it is funny to see the ACLU refer to teachers talking to kids as “riff-raff”.
Score: 5 Votes (Like | Disagree)
Metrosey Avatar
Metrosey
54 months ago
End-to-end encryption with the private key stored in China on Chinese equipment with the CA being Chinese.
Score: 4 Votes (Like | Disagree)
Makosuke Avatar
Makosuke
54 months ago
This is a welcome change, speaking as someone in a small corner of a relatively large organization that pays for Zoom, and therefore is stuck with it. It's been, frankly, embarrassing to have no option but to invite people from other organizations to meetings using the least-secure option on the market--it's so bad that there are some orgs that literally can't join meetings we start because their security bans Zoom entirely.

Several of the large companies I attend meetings with used to use Zoom, and none of them do now. All of them have switched to Microsoft Teams, Cisco Webex, or something else.

I put together a security document as part of the recent work-from-home move, and literally had to tell people to avoid using my org's own video conferencing option when security was important.
Score: 4 Votes (Like | Disagree)
TiggrToo Avatar
TiggrToo
54 months ago

The freedom they stuffed it up in the first place, but now using it to make profits out of.
See above. You must be one of those people who thinks everything should be free, I guess.

So, naturally you work for free, right?
Score: 4 Votes (Like | Disagree)
826317 Avatar
826317
54 months ago

Totally agree. How dare they try to correct the mistakes of the past? And who do they think they are asking users to pay for a service?

/s
If they want to charge for a service, that's fine. If they want to charge for a simple piece of implementation (end-to-end encryption) that's where it becomes an absolute joke for me.
Score: 4 Votes (Like | Disagree)
Read All Comments