
Zoom meetings aren’t end-to-end encrypted, despite marketing - tonyztan
https://theintercept.com/2020/03/31/zoom-meeting-encryption/
======
mabcat
End-to-end encryption has been named as a required feature for telehealth in
Australia. Interest in telehealth has gone from zero to infinity over the past
two weeks for obvious reasons. So I've been trying really hard to work out if
Zoom is E2E, and reached the same conclusions as the article. First, it isn't,
and second, Zoom are really going out of their way to obscure that fact.

It's great that The Intercept is taking a look at this, because it's
absolutely beyond the capabilities of healthcare practitioners and the
professional bodies to get to the bottom of. There's a ridiculous amount of
confusion here, compounded by "you need to get the HIPAA version because HIPAA
means privacy".

~~~
SamuelAdams
Hold on, E2E encryption is now required for telehealth in Australia, yet the
Australian government passed laws that required LEO's to have access to E2E
encrypted data [1]? How are tech companies supposed to comply with that?

[1]: [https://www.wired.com/story/australia-encryption-law-
global-...](https://www.wired.com/story/australia-encryption-law-global-
impact/)

~~~
viraptor
It's not incompatible technically. The law requires access on request, not all
the time. If LEO doesn't ask, it may be still E2E.

~~~
Zenbit_UX
A requirement for e2e is that the company doesn't hold the keys, otherwise
it's just regular transport encryption + a promise that they'll never peak at
the your data, even though they can. So yes, it's very much incompatible
technically.

~~~
bscphil
You just have two modes, one with e2e enabled and one not. e2e is enabled
normally but when LE requests access, the user client receives a message
telling it not to use e2e. That may not satisfy you as someone who wants
secure encryption (and it probably shouldn't), but it _is_ e2e when it's
actually enabled.

~~~
SkyBelow
Does it inform the user or otherwise stop functioning for telehealth once the
signal is received? If not, then does that mean that someone is considered e2e
encrypted if it in theory can support e2e encryption even if it isn't using it
right now?

It looks like the situation has not been fully thought through and the
government is creating a Kafka trap when its laws.

~~~
bscphil
> does that mean that someone is considered e2e encrypted if it in theory can
> support e2e encryption even if it isn't using it right now?

No. My assumption is that certain communications are required to be end-to-end
encrypted, unless the individual is under surveillance. All end-to-end
encrypted communications providers are required to have a _mechanism_ in place
for disabling and MITMing e2e communications. It stops being e2e encrypted for
the duration of that surveillance.

I suppose it's possible that a foolhardy government (I'm not Australian, so I
can't say for sure what they've done) would word the laws in such a way that
they can't technically be achieved, but there's no reason why they have to be.
The laws aren't bad laws because they are logically impossible to fulfill (if
they are), they're bad laws because they violate the individual's right to
privacy.

Note that the law might also prohibit the government from surveilling
communications between patients and licensed health professionals. In that
case it would be quite possible to mandate _no-exceptions_ e2e for those
communications, _and_ a mechanism for disabling e2e. e2e that is never
disabled is always e2e.

------
floatingatoll
Zoom’s HIPAA product documentation does define Zoom’s “end-to-end encryption”
as:

[https://zoom.us/docs/doc/Zoom-hipaa.pdf](https://zoom.us/docs/doc/Zoom-
hipaa.pdf)

> _Meeting data transmitted across the network is protected using a unique
> Advanced Encryption Standard (AES) with a 256-bit key generated and securely
> distributed to all participants at the start of each session._

It does not guarantee that the key is withheld from the server, which is
unsurprising given that e.g. the recording and chat history features are
implemented server-side.

EDIT: For comparison, the Australian government provides a telehealth platform
that clearly states it does not allow the server to inspect the call
video/audio:

[https://help.vcc.healthdirect.org.au/about-healthdirect-
vide...](https://help.vcc.healthdirect.org.au/about-healthdirect-video-
call/privacysecurityandscalability)

> _Data shared in actual calls between participants is only ever available in
> decrypted form to the participating endpoints of the call. All other
> intermediaries that forward the call can only see encrypted data._

For those looking to hold Zoom accountable, the question to ask is: “Does your
country’s law permit Zoom’s servers to be considered an ‘endpoint’ capable of
decrypting a telehealth call?”.

~~~
marcinzm
As a note, to be HIPAA compliant you also need to sign a BAA with Zoom. This,
interestingly, disables cloud capture and a bunch of other things.

[https://support.zoom.us/hc/en-us/articles/207652183-HIPAA-
Bu...](https://support.zoom.us/hc/en-us/articles/207652183-HIPAA-Business-
Associate-Agreement-BAA-)

------
crazygringo
This really is false _marketing_ , but technically what they're doing seems
reasonable. Key quote:

> _Matthew Green, a cryptographer and computer science professor at Johns
> Hopkins University, points out that group video conferencing is difficult to
> encrypt end to end. That’s because the service provider needs to detect who
> is talking to act like a switchboard, which allows it to only send a high-
> resolution videostream from the person who is talking at the moment, or who
> a user selects to the rest of the group, and to send low-resolution
> videostreams of other participants. This type of optimization is much easier
> if the service provider can see everything because it’s unencrypted... This
> isn’t impossible, though, Green said, as demonstrated by Apple’s FaceTime,
> which allows group video conferencing that’s end-to-end encrypted. “It’s
> doable. It’s just not easy.”_

Group videoconferencing is inherently centralized through a server that needs
to analyze video/audio not only for signals as to who's talking, but also mix
normalized audio and re-encode streams not just for lower thumbnail
resolutions, but for clients with different bitrates.

I don't doubt that FaceTime finds a way to do this, but everyone is using Zoom
instead because its performance is way better. I'm not entirely sure that
_all_ the necessary signal processing can be done performantly client-side,
especially when you're allowing for a wide variety of endpoints (WebRTC, phone
calls, etc.). You certainly can't mix encrypted audio (at least to the best of
my knowledge?), for instance, which means increased bandwidth to everyone to
handle overlapping speakers (someone interjecting "could I just say
something?" while two other people are talking).

Also, handling key management for _groups_ of people where you don't have the
bandwidth to re-encrypt the stream separately for each receiver is very
complex too, and in the end you're basically just going to have to trust that
Zoom itself can't access the keys. Because usually Zoom _will_ be able to, so
that it can handle phone dial-ins.

But regardless... while Zoom should absolutely advertise full encryption, Zoom
should absolutely _not_ advertise _end-to-end_ encryption. That's bad, and
harms user trust in security overall when advertised technical terms become
meaningless.

~~~
braythwayt
It would be extraordinarily difficult for me to sell consulting services, and
guarantee 100% on time delivery with zero defects.

Which is why, when I was consulting, I did not promise these things, nor did I
say things that could be easily misunderstood to imply them.

------
jtdev
Fuck these guys. This isn't the first time they've been caught being dishonest
and deceptive:

[https://www.howtogeek.com/fyi/daily-news-roundup-mac-
exploit...](https://www.howtogeek.com/fyi/daily-news-roundup-mac-exploit-
activates-webcams-without-your-permission/)

~~~
unityByFreedom
> If you have Zoom installed and visit that website, you will be auto-joined
> to a call, and your webcam activated without any interaction on your
> part—even if you closed Zoom before clicking the link.

> Worse yet, uninstalling Zoom doesn’t remove the web server. The web server
> can reinstall Zoom on its own as well. So if you visit a malicious link, it
> can reinstall Zoom, join you to a call, and start your webcam, all without
> any interaction from you.

What the &@$##!! How long has Zoom been around, how did it become popular (or
did it ever), and why are people still using it?

------
Insanity
Another day, another Zoom issue.

I've resolved to not using Zoom - when it was suggested at work I just posted
links to the issues (mostly gotten from HN actually) so we decided against it.

~~~
Krasnol
Well, they became the popular go to solution because the other popular
solutions suck. Now they are also in the focus of privacy interested media and
therefore end up becoming stories.

The Intercept didn't care about Zoom a few months ago and wouldn't have
without Corona.

~~~
XelNika
> The Intercept didn't care about Zoom a few months ago and wouldn't have
> without Corona.

The 2019 Zoom vulnerability[1] was a much bigger deal and did get picked up by
the media. Zoom already had a terrible reputation before COVID-19.

[1]
[https://news.ycombinator.com/item?id=20387298](https://news.ycombinator.com/item?id=20387298)

~~~
Krasnol
Yeah, it was picked up because it was a much bigger deal.

Now the issues are a smaller deal but are still being picked up.

Most people I work with haven't even heard about Zoom until those last months
when they've been forced to use a teleconference for the first time in their
lifes. They also probably didn't even hear about the issue last year too.

~~~
XelNika
I'm still not convinced this coverage is in any way related to Zoom's current
popularity or COVID-19, I just think a company that keeps fucking up is a
better story than a one-off.

~~~
Krasnol
Most of the articles over here in Germany don't even mention the last fuck up
and the news about the company are now beyond the tech media.

You may not be convinced even after you attributed to my argument but it won't
change anything about the facts.

Edit: since I can't post in god knows how long due to the wonderful stfu tech
here on hn here are sources for german media:

[https://www.google.ch/search?q=zoom&complete=0&source=lnms&t...](https://www.google.ch/search?q=zoom&complete=0&source=lnms&tbm=nws&sa=X&ved=2ahUKEwiN89TB_cToAhWWEMAKHX1SAwYQ_AUoAXoECBwQAw&biw=1920&bih=940)

It's all over and I find it very curious that you've not been able to find
anything in Danish media even though it looks the same for the english
speaking outlets.

~~~
XelNika
> the news about the company are now beyond the tech media.

I searched around a little and neither this nor the recent Facebook story have
been covered by Danish non-tech media at this time.

EDIT: The story is still new, it might get coverage later this week.

------
JoeAltmaier
So sad, still getting this wrong after so many years.

I was part of a startup Sococo some 8 years ago. We had end-to-end encryption
right out of the box. Plus video, document sharing, chat. All encrypted, end
to end with rotating keys. Up to 100 people in a meeting, sharing and chatting
indiscriminately.

Its gone now, and the new folks are starting way down the feature ladder from
where we were. It's disappointing. Now its 'good' if you can get 6 in a
conference.

I hear Zoom can support large meetings. So they may be doing something right.

~~~
DyslexicAtheist
I remember using sococo in a Boston based Startup Accelerator with around 30
employees - it head incredibly good performance even running from the browser
and with all employees participating.

You could see a virtual layout of rooms and where you could knock and see who
was in which room. It was such an innovative approach and a wow moment that is
really rare. I miss Sococo until today and have never found anything like it
again.

I got to know your CEO over dinner in Boston and am not surprised he threw it
all under the bus. My boss at the time who introduced us tuned out to be a
major scam artist who got rich peddling grey market pharmaceuticals online but
claimed it was from selling a pre-web chat/gaming platform to Murdoch - he was
also infamous for being the main investor of StartCom which we all know what
happened to them (WoSign). The 2 guys got on like a house on fire.

~~~
JoeAltmaier
Yeah he spent all our runway on hiring marketing buddies then got fired. Then
we got bought and had to switch to WebRTC junk. I volunteered to be downsized
(I had written the audio/video/chat/control transport that was discarded).

------
devin
It's disappointing to see a company that has better tech than its rivals
playing these games. I have been singing Zoom's praises, but this really makes
me want to look elsewhere. What a bummer.

~~~
mtthwn
Honest question, what do you find is better about zoom? Compared to webex,
skype, slack call…

What do people like about zoom?

~~~
slgeorge
It works.

1\. It's actually cross-platform:

\- Still can't use Webex across Linux, Windows and Mac in 2020.

\- Same goes for Skype, plus half the users who have Skype don't realise it's
Linc and the two are completely different.

2\. It's far more bandwidth efficient than things like Slack.

The codecs are much more resilient, this applies (from what I can tell) to all
the embedded options that are just using the browser.

3\. It's going to be around.

\- Google Hangouts has previously been renamed and deprioritised. They also
dropped their low-bandwidth codecs and cpu usage went through the roof in my
personal experience.

I'm unclear on some of the items against Zoom. But there's a lot of hate and
emotion around it in the last 10 days - my sense is that some people have an
axe to grind - I'm always cautious of a crowd with pitchforks.

~~~
mbesto
> It works.

Crazy theory, so just hear me out for a second. Maybe the fact that they do
some things that violate security is the reason that "it just works". I'm not
saying Zoom shouldn't do better here, I'm just saying that there are probably
legitimate product/business reasons.

From Steve Yegge's platform rant:[0]

 _Like anything else big and important in life, Accessibility has an evil twin
who, jilted by the unbalanced affection displayed by their parents in their
youth, has grown into an equally powerful Arch-Nemesis (yes, there 's more
than one nemesis to accessibility) named Security. And boy howdy are the two
ever at odds.

But I'll argue that Accessibility is actually more important than Security
because dialing Accessibility to zero means you have no product at all,
whereas dialing Security to zero can still get you a reasonably successful
product such as the Playstation Network._

[0] -
[https://gist.github.com/chitchcock/1281611](https://gist.github.com/chitchcock/1281611)

~~~
devin
None of their dark patterns or shenanigans make it easier to use. They don't
make it harder, but they really do nothing for the user experience.

------
Spivak
Are people just looking for things to be mad at Zoom for at this point? When
Zoom says E2E encryption they're using older notion when it was common for
services to not use encryption at all for these kinds of things and it was
somewhat of a technical accomplishment that every client-server-server-client
leg was all encrypted.

Like it's fine to point out that the bar has been raised in the security
community and that the term E2E now requires that only the participants be
able to decrypt the content and they should change their copy but it ignores
the fact that E2E in healthcare means exactly what Zoom is doing. In the HIPPA
world providers are trusted entities.

~~~
pulse7
It seems that HN is flooded with commenters trying to redefine the well-
established meaning of strong E2E encryption. I ask myself if there is any
motivation for such comments?

~~~
prophesi
Yeah, without a single citation supporting the existence of this imaginary
"older definition" of E2E encryption.

------
upofadown
Inherent to any e2e encryption scheme is the question; are you talking to who
you think you are talking to? In other words; are you the victim of a man in
the middle attack?

So if you ever encounter a system that has the ease of use feature where you
don't have to verify the identity of the other participant(s) with something
like a identity fingerprint number then you already know you do not have all
the protection that e2e encryption can provide. This is particularly relevant
in a case like Zoom, where all the data goes through servers that Zoom
controls making a MITM attack trivial.

So we really should of known that Zoom doesn't provide complete e2e encryption
already just from the lack of the identity check.

Skipping the identity verification step seems to be common these days. Even
Signal does that by default, but they at least make the verification of what
they call "safety numbers" fairly easy and straightforward.

Added: So can true e2e encryption ever be practical for conferences involving
a large number of participants? Perhaps Zoom is claiming the impossible... The
issues surrounding the addition of OMEMO encryption to XMPP conferences make
for an entirely relevant example. What do you do if one of the participants is
not known to all the others? There are lots of possible answers to that
question.

Added2: >The only feature of Zoom that does appear to be end-to-end encrypted
is in-meeting text chat.

I don't see how this can be true either based on the same thinking.

~~~
tialaramex
It's true that you need an out-of-band verification to determine who the other
party is in an end-to-end encrypted system. But it is _not_ true that the
absence of such a verification means you don't have end-to-end encryption.

It means only that you don't know for sure who the other party is. You are
only put at risk _if_ there is an active MITM attack in progress.

Depending on your threat model that's an enormous change.

~~~
upofadown
Just semantics at this point. A system that distributed the keys to all
participants in the clear from a central server is still encrypted end to end
in some sense. As pointed out by someone else in this comment section, the
expression "end to end encryption" comes from the early day of PGP. PGP
specifically protects against MITM with a fairly sophisticated web of trust
system. So it is entirely legitimate to assume that e2e encryption includes
MITM protection as a hard requirement.

~~~
tialaramex
PGP's "Web of trust" doesn't actually scale and so it doesn't meaningfully
improve upon just doing out-of-band verification with a handful of your
closest peers and nothing for everybody else.

Web of trust can give an illusion of scaling because it uses sleight of hand
to persuade you to accept transitivity of trust. If you see someone who took
this seriously you'll find that almost all contacts show as "unverified" (when
I've had PGP setups in the past that's what happened). If they just click
blindly along accepting trust transitivity then everything is "verified" but
based on trust beliefs that have no basis in reality.

The sleight of hand goes like this. You trust Alice. Alice says this is Bob
and she trusts Bob. The correct inference is that this is indeed Bob (Alice
says so and we trust her) but we still don't trust Bob. PGP tries hard to
persuade you that you in fact now trust Bob. Bob says another contact is
Carol, and he trusts Carol. The _correct_ inference is null, we don't trust
Bob so we don't care what Bob says. But PGP encourages us to accept that this
is Carol and we should trust Carol too.

~~~
upofadown
How stupid the WOT may or may not be affects my point about what the phrase
"e2e encryption" means not at all.

------
mtthwn
I used wire before is opensourced parts of the backend. I thought it was well
designed and interesting.

They claim to be the only video conferencing with end to end encryption that
is opensource. [https://wire.com/en/features/encrypted-voice-
video/](https://wire.com/en/features/encrypted-voice-video/)

Has anyone followed wire more closely?

~~~
lozf
I've heard nothing about Wire recently.

Wickr.com is another similar service that claims to be end-to-end encrypted,
but again I haven't seen much about them at all.

~~~
prophesi
I think no news is good news in this case. And a positive for Wire is that
since it's all open source, you can go right to their github and see how
active their development is.

It would be nice if The Intercept and other journalists would include these
actually E2E-encrypted alternatives besides the Mac/iOS-only FaceTime.

------
Zelphyr
Zoom seems to have adopted the "Move fast and break things" mentality and it's
catching up with them.

Don't have real E2E encryption? Don't say you do. Don't wave away a giant
security vulnerability as "a feature". Don't explain monitoring and tracking
as something you need to do for advertising when you don't show advertising.

Their product may be superior in quality compared to the competition but their
Marketing and PR teams comes across as bush league at best.

The only incident I can give them any credit for is the Facebook reporting.
They handled that well in my opinion by admitting the problem existed and
immediately resolved that issue.

------
narsil
I am willing to chalk this up to an honest mistake considering "end-to-end"
encryption as being from the client's end to the server, although that's not
the accepted use of the term. This appears to be their explanation. I hope
their marketing team fixes this now that it's been pointed out to them though.

~~~
albedoa
Since this comment was written, narsil (Vinod Chandruis) has edited his
profile to remove the fact that he is a co-founder of Kloudless. You can see
it cached in google search results:
[https://www.google.com/search?q=narsil+kloudless](https://www.google.com/search?q=narsil+kloudless)

Kloudless is currently promoting security solutions on their twitter timeline.

~~~
dang
Sorry I'm just getting to this now.

I'm not really seeing how this is relevant or how the post is justified.
People edit their profiles all the time, and have a right to. It's up to them
what they want to put in there. This comment seems to be crossing into
personal attack and a mild sort of doxxing. Please don't go there on HN.

Also, please don't repost comments that were flag-killed
([https://news.ycombinator.com/item?id=22738656](https://news.ycombinator.com/item?id=22738656)).

[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)

------
dkdk8283
Zoom has received a fair bit of critical feedback lately. Has anyone given
other platforms such as Vidyo identical levels of scrutiny?

~~~
ccktlmazeltov
TBF it's mostly short sellers doing this, because the complaints have been...
poor.

The first one was about an advertisement pixel, which everybody is doing but
for some reason surfaced only for Zoom.

The second one is end-to-end encryption, which is not expected at all for VC
apps. NOBODY does it!

~~~
honesttoss
>NOBODY does it!

Irrelevant. That as nothing to due with the fact that they say they are. Zoom
is being completely dishonest, and as some other commented here, some orgs
like in health care area, have E2E encryption as requirement, Zoom says they
have, but don't. It's literally fraud.

~~~
gtirloni
Where does it say they have e2e video encryption? I can only find something
about chats.

~~~
mabcat
[https://zoom.us/healthcare](https://zoom.us/healthcare)

"Achieve HIPAA (signed BAA) and PIPEDA/PHIPA compliance with complete end-to-
end 256-bit AES encryption."

~~~
ccktlmazeltov
1\. HIPAA et al have very specific meaning that do not have anything to do
with end-to-end encryption at all. If you know this, read this line, and care
about HIPAA you know exactly this.

2\. end-to-end has several meanings, for users it means what Signal does, for
machines it means TLS is securing edges.

------
catmanjan
Does anyone know of a video conferencing system (3++++ participants) that
actually does do end-to-end encryption?

~~~
ekimekim
It looks like WebRTC doesn't support it, so basically no-one can because all
these browser-based technologies end up just being WebRTC in the end.

From the Jitsi Meet README:

> WebRTC does not (yet) provide a way of conducting multi-party conversations
> with end-to-end encryption. Unless you consistently compare DTLS
> fingerprints with your peers vocally, the same goes for one-to-one calls.

~~~
nschoe
I don't understand "WebRTC doesn't support it". What do you mean?

WebRTC uses an external signalling channel to negotiate ICE candidates,
codecs, and necessary information to establish a media communication. Once
this is done, the visio/audio conference is P2P and encrypted from the caller
to the callee: how is this not E2E? (Genuinely curious, not criticizing)

That is, if you're not using a TURN relay server, which is easy enough to
know.

Maybe you meant that multi-party (one-to-many or many-to-many) calls are not
E2E. Again I'm not too sure I understand: it is possible to have multi-party
conf calls: each participants can encrypt its media stream and send it to the
N-1 other participants. Obviously this costs a lot of CPU (for multiple
encryption) and a lot of uplink because the same stream is sent N-1 times. But
it is __possible__, and certainly viable with only 3 or 4 participants,
provided people have a decent connection (WebRTC uses adapative bitrate
streaming [0] to compensate for bandwith usage).

Then again, I know that generally, with WebRTC people would use MCU [1] when
dealing with many-to-many conf calls, and then I agree it breaks E2E. But for
the other mentioned cases, WebRTC __is __E2E, isn 't it?

Again, I'm genuinely curious about this, not trying to criticize or undermine.

Thank!

[0]:
[https://www.wikiwand.com/en/Adaptive_bitrate_streaming](https://www.wikiwand.com/en/Adaptive_bitrate_streaming)

[1]:
[https://www.wikiwand.com/en/Multipoint_control_unit](https://www.wikiwand.com/en/Multipoint_control_unit)

~~~
Kalium
It sounds to me like you've nailed precisely what the Jitsi README is talking
about. Full context from the README ([https://github.com/jitsi/jitsi-
meet/blob/master/README.md](https://github.com/jitsi/jitsi-
meet/blob/master/README.md)) is this:

> WebRTC does not (yet) provide a way of conducting multi-party conversations
> with end-to-end encryption. Unless you consistently compare DTLS
> fingerprints with your peers vocally, the same goes for one-to-one calls. As
> a result, your stream is encrypted on the network but decrypted on the
> machine that hosts the bridge when using Jitsi Meet.

> The Jitsi Meet architecture allows you to deploy your own version, including
> all server components. In that case, your security guarantees will be
> roughly equivalent to a direct one-to-one WebRTC call. This is the
> uniqueness of Jitsi Meet in terms of security.

------
r721
>if you'd like to dial into the Cabinet tomorrow, the Zoom meeting ID has
helpfully been included in this screenshot

[https://twitter.com/matthewchampion/status/12449891398896640...](https://twitter.com/matthewchampion/status/1244989139889664002)

~~~
DangerousPie
Most Zoom meetings should have passwords these days. Unless whoever created
the meeting disabled that.

~~~
Traster
Just email Michael Gove and ask for it... because his personal email is _also
in the screenshot_.

------
hota_mazi
Short version: Zoom video is encrypted to external attackers but not to Zoom
(the company) itself.

This is important because the company could be compelled to release such
videos if subpoena'ed, or they could also simply be hacked.

~~~
president
Or provided to governments as per local laws and regulations. Very concerning
given how many companies are trusting their internal secrets to Zoom.

------
0x006A
how can you have end-to-end encryption with server side processing in
conference calls with 50 participants?

~~~
michaelt
1\. Clients negotiate end-to-end encryption session key between themselves the
same way as a chat app would.

2\. Each client sends the server two (or more) encrypted video streams,
varying in bandwidth and keyframes per second, with unencrypted markers
showing where they can be sliced and joined. If you can upload a 1080p stream,
chances are you've got the bandwidth to send a 360p stream too!

3\. Each client tells the server which other call participants they'd like to
see, and the server sends them the appropriate encrypted streams, switching
between low and high bandwidth as appropriate.

~~~
sarakayakomzin
a few problems:

>Clients negotiate end-to-end encryption session key between themselves the
same way as a chat app would.

how are you doing this exactly? a 50 way diffie-hellman that renegotiates
every time a user leaves or joins? How do you plan on doing that without any
substantial lag?

>2\. Each client sends the server two (or more) encrypted video streams,
varying in bandwidth and keyframes per second

you have managed to double your egress for almost no value.

~~~
michaelt
_> how are you doing this exactly? a 50 way diffie-hellman that renegotiates
every time a user leaves or joins?_

By doing whatever Signal and Whatsapp do to support 50-person encrypted group
chats.

 _> you have managed to double your egress_

Not at all.

Firstly, the whole point of having two streams is to accommodate viewers with
different bandwidth requirements, so the second stream will be a fraction the
size of the first. If I'm already uploading HD video at 5 Mbps, and I start
also sending an SD stream at 1 Mbps, my egress has risen by only 20%.

Secondly, the h264 spec provides for 'Scalable Video Coding' [1] where a high
quality stream can have a lower quality 'subset bitstream' allowing a high-
quality video to be converted to low quality by selectively dropping packets.
So your egress might not rise by even 20%! Although this h264 feature is less
widely used, potentially raising engineering costs.

[1]
[https://en.wikipedia.org/wiki/Scalable_Video_Coding](https://en.wikipedia.org/wiki/Scalable_Video_Coding)

------
ds
So, I got around a issue like this in the past by using url fragments. I
imagine the same thing could work for zoom?

Basically you would join a meeting by going to zoom.us/meeting-id-
number#secrethashtag

The "secrethashtag" is never sent to the server, but can be accessed by
javascript on the client end. Im not sure if this would be acceptable for
security nuts though, as I am sure they would make the argument zoom could
insert some nefarious js to intercept the url fragment.

------
m3kw9
If you read their white paper it only says E2E encryption applies to Zoom
chat. Although they seem a bit loose on the wording, they should clarify video
is just TLS encrypted. [https://zoom.us/docs/doc/Zoom-Security-White-
Paper.pdf](https://zoom.us/docs/doc/Zoom-Security-White-Paper.pdf)

------
maerF0x0
> In fact, Zoom is using its own definition of [end-to-end encryption], one
> that lets Zoom itself access unencrypted video and audio from meetings.

It's not a standard. If you want compliance to a standard then
create/adopt/require one. When you go by marketing materials all you have is
"Trust us, everything will be fine"

------
cat199
the statement:

    
    
        The encryption that Zoom uses to protect meetings is TLS, the same
        technology that web servers use to secure HTTPS websites. This means
        that the connection between the Zoom app running on a user’s computer
        or phone and Zoom’s server is encrypted in the same way the connection
        between your web browser and this article (on https://theintercept.com)
        is encrypted. This is known as transport encryption, which is
        different from end-to-end encryption because the Zoom service itself
        can access the unencrypted video and audio content of Zoom meetings.
    

jumbles TLS with end to end. zoom could e.g. proxy or support rendevous of
peer to peer connections and still use TLS to negotiate end-to-end encryption
between the clients (though this would be MITMable). anyway.

~~~
notRobot
Please don't use code blocks for quotes. It makes it very hard to read text on
mobile, narrow viewports or via screen readers.

------
ceohockey60
Interested in getting more informed on the performance penalties of a proper
E2E implementation for videoconferencing use cases.

If Zoom implements proper E2E like Facetime, would it be more laggy, less able
to handle meetings of more than 50 people, etc.? Will the general user
experience degrade noticeably?

------
vintermann
It's not end to end encrypted, and it apparently has the charming people of
saving other people's "private" messages in the minutes if they send them
during a meeting.

Why did zoom suddenly become so popular? It's not like there's a shortage of
options.

~~~
DangerousPie
The private message thing was completely overblown though, wasn't it?

From what I understood it only saves _your own_ private messages in the log.
So the only time you could get in trouble is if you exported the log and then
shared the file with others without removing your private messages. So just
like you took a screenshot and didn't censor the parts you wanted to keep
hidden.

Hardly the massive scandal that some people on Twitter seemed to try to make
it.

------
hipaulshi
Do people still remember Telegram don't have E2E encryption on by default? and
does not work across multiple platforms when E2E is on? I am annoyed because
those are my favorite apps and they don't have what's important.

~~~
octorian
No, they still have to be constantly reminded.

------
kats
Where's the FTC? Imagine if Facebook did this. There would be a fine of
hundreds of millions of dollars.

------
DangerousPie
FWIW on my version of Zoom the green lock just says "Your client connection is
encrypted".

------
fataliss
This is how you realize the power of marketing. Despite many other options for
video calls out there, Zoom seems to be grabbing the biggest slice of the pie,
while not being provenly any better or superior to alternatives. See DHH's
tweet:
[https://twitter.com/dhh/status/1243907341868609537?s=20](https://twitter.com/dhh/status/1243907341868609537?s=20)
as well as others (he's been pretty vocal about zoom's flaws) :)

------
Flimm
This is not "slightly" dishonest on Zoom's part. It is dishonest.

Edit: now that the title has been modified, I feel I need to add back context.
Zoom claims to support end-to-end encryption when it doesn't. That is
dishonest.

~~~
tyingq
_" Zoom for the Enterprise

Secure and reliable

End-to-end 256-bit AES encryption, data sovereignty, and role-based access
control"_

Right on the front page. So, it would seem dishonest, yes.

~~~
organsnyder
There's the technical definition of "end-to-end" that we all know
here—encrypted at one endpoint and decrypted at the other—but I'm wondering
how well-understood that term is in broader context. I could see someone
saying "end-to-end" encrypted meaning that each segment in the path is
encrypted, but with the intermediate nodes decrypting and re-encrypting the
payload. Perhaps we should try to come up with a more specific term? Or we
should at least be aware of the potential for confusion.

Not excusing Zoom here—they should know better.

~~~
jefftk
"End to end encryption" is the more specific term! The specific term for each
segment being encrypted is "link encryption". The general term is plain
"encryption".

------
tonyztan
Original title: "Zoom Meetings Aren't End-to-End Encrypted, Despite Misleading
Marketing"

For some reason, the title was trimmed an hour after submission to omit the
"misleading marketing" part.

The ranking also appears to have artificially been lowered. Now it is below
some other posts that are older and with fewer points.

~~~
Flimm
The story is about the deception, not about whether Zoom has a particular
feature or not. I am disappointed in the moderators.

~~~
Flimm
It looks like the title was modified again, to include "despite marketing".
Thank you, moderators! Please feel free to delete this comment and my comment
above it.

------
ohirge
I never saw anyone advertising zoom had E2E.

Who expected that? There are so many privacy concerns with zoom... not
surprising they don't encrypt meetings.

~~~
tonyztan
"Zoom... claims to implement end-to-end encryption, widely understood as the
most private form of internet communication, protecting conversations from all
outside parties. In fact, Zoom is using its own definition of the term, one
that lets Zoom itself access unencrypted video and audio from meetings."

~~~
gtirloni
That's what the article is saying, not Zoom. Can you point to a Zoom-owned
page that says they have e2e video encryption?

~~~
tonyztan
From Zoom's website:

"The following in-meeting security capabilities are available to the meeting
host: Secure a meeting with end-to-end encryption"

[https://zoom.us/security](https://zoom.us/security)

[https://web.archive.org/web/20200331095358/https://zoom.us/s...](https://web.archive.org/web/20200331095358/https://zoom.us/security)

~~~
ohirge
Ok owned

------
timkam
I guess Zoom says they're end-to-end encrypted because they're using WebRTC,
which probably means traffic is end-to-end encrypted after signaling, but
users need to trust that zoom's signaling server doesn't do anything fishy.

Edit: I do not understand the reason for the downvotes. I am not defending the
practice but am just describing their potential line of explanation. Please
let me know explicitly if my comment is technically incorrect. Also, I would
be interested what other vendors claim, who probably use similar technology
under the hood.

~~~
tpetry
Yeah somewhere in their documentation they state that they are end-to-end
encrypted because the connections peer1<->zoom and zoom<->peer2 are encrypted.
I cant find the page anymore but they really tried to redefine the name for
end to end encryption...

~~~
londons_explore
end-to-middle-to-end encrypted...

~~~
codegladiator
Point-to-point encryption

