-Zoom documentation claims that the app uses “AES-256” encryption for meetings where possible. However, we find that in each Zoom meeting, a single AES-128 key is used in ECB mode by all participants to encrypt and decrypt audio and video. The use of ECB mode is not recommended because patterns present in the plaintext are preserved during encryption.
-The AES-128 keys, which we verified are sufficient to decrypt Zoom packets intercepted in Internet traffic, appear to be generated by Zoom servers, and in some cases, are delivered to participants in a Zoom meeting through servers in China, even when all meeting participants, and the Zoom subscriber’s company, are outside of China.
-Zoom, a Silicon Valley-based company, appears to own three companies in China through which at least 700 employees are paid to develop Zoom’s software. This arrangement is ostensibly an effort at labor arbitrage: Zoom can avoid paying US wages while selling to US customers, thus increasing their profit margin. However, this arrangement may make Zoom responsive to pressure from Chinese authorities.
I appreciate seeing multiple articles on the front page. It’s an important issue right now, and some of the articles can be dense. I like reading multiple presentations of the same information to see what different authors emphasize.
Now, I don't think Zoom should have been advertising E2EE when it isn't.
But I think some people are still missing the general point that E2EE is fundamentally incompatible with general-purpose business/educational videoconferencing.
It works for Facetime which is designed for small groups exclusively using a Facetime app.
But the second you allow phone dial-in (virtually always a hard requirement), the second you allow cloud recording (which the article acknowledges), E2EE becomes meaningless, because the server itself necessarily becomes another endpoint.
For >99.9% of people this is fine.
For the <0.1% who might be the hand-selected targets of government spying, industrial espionage, or crime enforcement, then no, you shouldn't be using Zoom. But if that's a top priority for you, you weren't already using Zoom anyways -- I assume you'd be using auditable open-source encryption. You wouldn't have trusted Zoom marketing terms in the first place.
Being from Romania, in all the companies I worked on, we had the need to communicate online by voice and video (mostly with Americans and among ourselves), plus I tended to work in companies with a remote culture. The last time somebody needed to dial into a call I was in was ... 10 years ago. Given we have nearly unlimited 4G data plans for cheap and smartphones, being on the go isn't a problem either.
Since when is this ability to dial-in such a hard requirement?
> "For >99.9% of people this is fine."
99.9% of people don't understand what end-to-end encryption is and why it is needed, because they think their calls are secure, when in fact they aren't. It is actually our responsibility to make end-to-end encryption mainstream and to educate people.
Often I’ve seen that the one person calling in the most senior person in the meeting, or anyone involved in sales. Someone who is traveling around to meet in person a lot. Often they are calling from the road or an airport. The mobile phone connection is more reliable than mobile data in these scenarios.
This feels like the equivalent of sending tweets by sms or dialing by tapping tones. People use it mostly because it’s supported, they’d use different workarounds otherwise.
Then it’s cool when it works and allows niche uses, but you can’t expect the feature to be there forever and can’t keep optimizing a service for these use cases.
> 99.9% of people don't understand what end-to-end encryption is and why it is needed, because they think their calls are secure, when in fact they aren't. It is actually our responsibility to make end-to-end encryption mainstream and to educate people.
I'm an academic and a long-time Hacker News reader. It seems that the tech community has collectively decided that all internet communication -- of whatever sort -- should be secure, all the time.
My first thought, is an outsider, is that this is unnecessarily anal-retentive. But upon reflection, I'm very grateful for this. The more anal-retentive that developers have to be, the less I have to be. If HN is so up in arms about this, it's a very good sign for Internet security overall.
What is it that you'd educate me about? That someone could have snooped in on my departmental meeting? Before Covid-19, these meetings were held in in an open room, in an unlocked building where people walk in and out all day. Anyone with the desire to snoop would have had no difficulty.
From what I understand, enough pressure is being placed on Zoom that they are cleaning up their act. From where I sit as an outsider, the system seems to mostly be working. I'm not angry at Zoom, but I'm very happy that others are.
What is it that you'd educate me about? That someone could have snooped in on my departmental meeting? Before Covid-19, these meetings were held in in an open room, in an unlocked building where people walk in and out all day. Anyone with the desire to snoop would have had no difficulty.
I think the argument would be that you could secure those meetings if your management felt it was necessary. Many large companies have badge readers, cameras, and the like at various places in their buildings. If they need to hold a secure meeting, they can hold it in a secure area.
With Zoom, there's no such thing as a secure area. Your company is basically forced to hold meetings in a wiretapped room.
If you have an office where random people can walk in off the street and out again unfettered, that's probably an even greater vulnerability to your company than anything Zoom is doing.
It's like having a car company and saying, "I don't know why anybody would want seatbelts in their car, our cars explode when hit at over 5mph."
>If you have an office where random people can walk in off the street and out again unfettered, that's probably an even greater vulnerability to your company than anything Zoom is doing.
This is my point, in reverse.
I work in a university. Thousands of students come each day, to attend class, to show up to professors' office hours, to attend special events. Having physical security in the building would be a huge pain, extremely impractical. I have never heard anyone call for it.
Are there problems? Yes, but they are either minor or very rare. For example, sales reps for publishers will walk in and go to professors' offices door to door. A nuisance to be sure, but not that common.
Occasionally there are more serious problems. For example, in 1978, a Stanford professor was murdered by a disgruntled former grad student [1]. If this sort of thing was even remotely common, I expect you'd see some building security. But it's not.
In the analog world, on average people are just not all that concerned about security. I'm not terribly convinced that they should be.
>Since when is this ability to dial-in such a hard requirement?
Any time you have groups at two companies calling each other it's going to be a decently common requirement. Each company has X people in a conference room. Those X people need to all be able to talk and hear. Thus you use the room's audio equipment which is basically an expensive telephone to dial in.
Largely depends on business and culture (also Romania has abnormally good internet).
Where I work nobody calls in and everyone uses webcams for VTC (software company, skews younger), but at my girlfriend's company a lot of people call in and nobody uses webcams.
Here in the US, we don't generally have unlimited data, but have unlimited phone minutes.
Also, cell audio is much more reliable than cell data.
I call into meetings with my phone all the time. Especially when the meeting is an emergency, and I'm not home (obviously not applicable now).
It's a lot easier to pull out a phone and dial a number than to find my laptop, set up the hotspot, fire up the videoconference software, and then worry about running out of hotspot data in the middle of the call.
> Since when is this ability to dial-in such a hard requirement?
The main reason I see people use dial-in, is when their audio or meeting client is not working, for whatever reason. The phone is a nice backup in those cases, and it (almost) always works.
I think this is an important point not just in the context of Zoom, but every time privacy (or the lack of) gets thrown around in an argument.
It's perfectly possible to have end to end encrypted email, text, payments etc, but:
1. You will always loose features.
2. The "endpoint" (you) becomes responsible for a much bigger part of the protocol.
Most modern applied crypto is just shuffling trust and responsibility around.
> The second you allow cloud recording (which the article acknowledges), E2EE becomes meaningless
Not sure I agree with this one. Assuming a design where the server is just jockeying around encrypted streams because it doesn't have the keys, it could store the encrypted stream upon instructions from the client. The client would need to keep the key so it can retrieve and decrypt the recording later.
The main concern with spacex was that it probably was not it administrated and employees were using it adhoc with no security audit oversight. With the other vector of attacks(zero days, email leak) that is why they stopped it.
You could actually have an e2ee conference. Even with FaceTime you trust Apple to give you the users' private keys, and not MITM-ed ones.
With a conference, the server could generate a private/public key pair for each dialed-in phone number. That way you could retain hope that they were giving you non-MITM-ed keys for participants when no phones are involved.
Generally though, Apple's "end-to-end encryption" is a false promise and SHOULD NOT be trusted. If they wanted to provide privacy and weren't bound by the government (like they were when they tried to encrypt backups), they'd follow whatsapp and allow offline comparison of keys via QR codes and notify of changes. But they didn't.
Apple won the marketing battle on privacy, but please don't trust them. They have access to all backups, all your pictures, and they can MITM your iMessage/FaceTime when the government requests it (or whenever they want to, really).
I always think of encryption of a preventive thing. A bit like maintaining redundancy in hospitals and healthcare it might seem a bit cumbersome and overkill during calm times, but it has to be there once you need it. The similarities won't end there: encryption for everybody is needed just to protect the few really vulnerable ones.
Encryption is directly linked to freedom in a society, because the lack of encryption acts as a power multiplier for those who are already in power, because it makes manipulating the masses easier even if single individuals are not at all hurt by it.
> But the second you allow phone dial-in (virtually always a hard requirement)
I'm really curious about this one — I've noticed that indeed in the US people tend to expect to be able to dial-in using the PSTN. Why would people do that? I haven't seen this happening much in Europe, and the Whereby (https://whereby.com/) conferencing tool doesn't even offer dial-in, which isn't a problem.
In my experience at large corporations, it's mainly used when you're participating in the meeting from your cellphone, because you're on your way to the airport, on the train, in a hotel lobby, etc., but it's crucial they don't make a decision without you or that you hear all the details or correct misunderstandings. Obviously this is more common day-to-day for management/sales who are constantly traveling, than engineering.
For whatever technological reason, cell phone calls tend to be far more reliable than internet calls. Especially if you're in a taxi or on a train, you may get so many dropped packets it's literally unusable. While an actual phone calls works perfectly fine.
Not sure if it's how carriers prioritize traffic, or different technologies, or what. I'd be curious if anyone has the answer.
I'm also not sure why this would be any different in Europe.
(It's also, of course, the option of last resort when you can't get the damned app/microphone to work for whichever of a million reasons.)
Also most conference/meeting rooms in companies are setup to only use a specific meeting platform, forcing you to dial in if the meeting is with a client/vendor on a different platform.
I'm in engineering and often traveling, and thus dial in. One thing I do get from others is complaints that the voice quality on a mobile phone is far less than using data.
Zoom does seem to be more reliable than skype for business.
Dialing in via phone works for everybody, no app needed, no app to use etc. it works with all sorts of conf room setup and even the use case of "assistant sets up the phone call for the CEO and then transfers the call" works.
Because everyone has a phone pretty much everywhere, and knows how to use it. So its the ultimate fallback channel for people having computer issues, network issues, being on the move or in remote locations, ...
> But the second you allow phone dial-in (virtually always a hard requirement), the second you allow cloud recording (which the article acknowledges), E2EE becomes meaningless, because the server itself necessarily becomes another endpoint.
This isn't true if one of the involved parties hosts their own video server. With jitsi I found it tremendously easy to set up a server.
Plenty of companies seem fine with storing all their communications on Slack's servers, storing all their IP on Github's servers, storing all their data in Office 365, all their confidential email in GSuite etc. Why is Zoom so different? There is some subset of organisations for which none of these things are acceptable of course.
Zoom made a lot of features like passwordless meeting links and join-by-phone the default, most likely to help with early adoption. Now they are working on making them optional and even making some runnable on-prem. I think thats fine if you let users opt in and clearly explain the tradeoffs. But it was risky to make so many security tradeoffs in the name of ease-of-use. Somebody at Zoom has the fundamental belief that these services are over complicated but lacks the empathy of having been a victim of a major hack.
I think they made a poor word choice in an effort to simplify the message while saying something less vague than "military grade encryption" or whatever. The transit legs of a Zoom meeting are TLS, which is what the customer cares about.
Most of the vitriol about this issue is from a subset of security and IT people for whom E2EE is a term of art. In most any commercial service setting, E2EE is always going to be a bullshit term for someone.
Maybe there should be a radio button upon installation that asks people whether they have something to hide and offers a special version with super good encryption for those who say yes.
"In light of recent interest in our encryption practices, we want to start by apologizing for the confusion we have caused by incorrectly suggesting that Zoom meetings were capable of using end-to-end encryption."
And
"To be clear, in a meeting where all of the participants are using Zoom clients, and the meeting is not being recorded, we encrypt all video, audio, screen sharing, and chat content at the sending client, and do not decrypt it at any point before it reaches the receiving clients."
As others have said, the moment you have to interact with the public phone system, decryption has to happen before the "end".
What the TFA is saying is that the decryption key is generated by their servers and even passed through China, even if none of the people in the conversation are in China.
That's NOT end-to-end encryption, Zoom never does end-to-end encryption because they have the decryption keys.
And with that clarification they keep deceiving their users.
>Am I misunderstanding the product, or are the streams not being merged on the server into a single feed?
Are they not recompressing streams depending on the receiving device? I find that somewhat unbelievable?
Its interesting if what they say is true. Each device encodes their feed exactly once, and then when you are on a call with 50 people, you are receiving 50 separate encrypted feeds, which your client all decrypts separately? With one common key for the whole meeting, and the server has the ability to decrypt for ptsn and recordings, it just chooses not to when those features are not used?
Of all the Zoom articles I've seen over the past few days, I think this is one of the more even-keeled and explanatory (vs the hyperbolic and emotional commentary on HN). I think a level-headed, focused technical discussion (sans incendiary language) does more to advance the conversation than snarky, emotional outbursts. From the article:
"Are we being unfair to Zoom?
I want to close by saying that many people are doing the best they can during a very hard time. This includes Zoom’s engineers, who are dealing with an unprecedented surge of users, and somehow managing to keep their service from falling over. They deserve a lot of credit for this. It seems almost unfair to criticize the company over some hypothetical security concerns right now.
But at the end of the day, this stuff is important. The goal here isn’t to score points against Zoom, it’s to make the service more secure. And in the end, that will benefit Zoom as much as it will benefit all of the rest of us."
I read an article on NPR [1] this morning about a guy giving his doctoral dissertation over Zoom. It was broken into by someone putting porn up on the screen and then a few racial epithets as well. I don’t think it’s unfair to criticize them if this is allowed to happen on their service. Yes we need to keep it civil and yes acknowledge that they are working on fixing it but, given the type of service they offer, I think things like security should have had more focus before they launched rather than dealing with it after the fact.
But isn't that fundamentally s problem with users not setting passwords? A 6 digit meeting key means that if there's 50,000 meetings running at once, each code has a 1/20 chance of hitting an active room.
But this is the sort of lack of foresight that bothers me about Zoom. Let's be clear -
- It isn't that they're being attacked, that happens to any service where there's a payoff.
- Is is not that they have vulnerabilities, bugs happen.
Is is that they actively tried to deceive about E2E. It is that they never anticipated having 1M simultaneous connections, or the problem that would result before that. It is that they do insecure things to people's machines.
They act like undisciplined malware authors who happen to work on what is supposed to be a business product. What will the next "bug" be?
Actively looking for something that will work for us that isn't so untrustworthy.
You nailed it. It is the trust issue. This warning may have absolved them, "your shared encryption keys may be issued from data centers in China". It also would have destroyed their business.
It strikes me that if trust was a big an issue to most people as it appears to be to you, the US would have a different president.
I'm not knocking the need for trust, but trusting an closed source code served up by a central server is a bit of stretch for me. The temptation to monetise it is huge, and failing the governments around the world are give themselves permission to order the centralised server to decrypt it and send them a copy, and keep quiet about it. Finally there is absolutely no visibility to keep the vendor honest. They can silently update their code at any point without telling you, include switches that turn any feature off and on without you being aware of it and with little risk of researchers seeing it.
In circumstances like that any "trust" seems to me to be a huge stretch. About the best you can hope for competition is going to keep respecting the customers needs rather than their own need for money. It better to assume it's sent in the clear - which is what I assume with zoom.
I mean sure and I get they are catering to a very large audience with users with all levels of knowledge/skill sets but that's also why they needed to put a lot more work into security up front. If they want to make it easy for users that don't know/care much about security it's on them to make it secure for everyone.
I know it's easy for me to sit here and arm-chair quarter back and I don't have a solution for them. If I did I'd be working for them instead of my current day job! But lacking the ability to assist I still think it's fair to publicly criticize them so they pay attention and fix this ASAP. The more people that do the more emphasis they will put on getting past this, if nothing else to stop the negative PR.
When the FBI steps in and tells people to think twice about using an online service I hope even the most uniformed user will pay attention.
I just thought it was a high quality article going over some of the actual technical detail (rather than high-level anti-zoom articles about nothing, like the Facebook SDK).
Two things can be true, Zoom can still be comically better than the alternatives like Cisco/Webex which are universally terrible, but they can also have serious security concerns.
Hopefully this attention will cause them to fix it (though it may be hard to fix the Chinese development shop concerns).
I have some hope that Zoom can improve their security posture, but I have no hope that Cisco can make a good product.
Why is the use of facebook sdk for users who have no desire to be associated with facebook nothing ?
If anything there wasn't nearly enough scrutiny of the adware domains in the CORS headers.
Also a "security posture" is corporate speak and has little to do with actual security - quite often the opposite, posturing security is what they have been doing all along.
I think you're giving Zoom too much credit. Companies should be held accountable for their security goofs and over-exaggeration of their security capabilities. When people end up getting hacked due to these "hypothetical security concerns", we the consumer are the ones who suffer and end up footing the bill. Equifax comes to mind here.
I wish somebody verified the encryption claims of other companies (like Whereby or GoToMeeting). Zoom is getting scrutiny because it became The Popular Thing, but it's not the only tool.
That's part of it, but it's also because E2E is a specific security guarantee which most cloud meeting providers (including in most cases Zoom) don't provide.
Contrast with Gotomeeting's claims[0] that data transmitted between their servers and their users are encrypted using TLS. This is a weaker claim.
> I want to close by saying that many people are doing the best they can during a very hard time. This includes Zoom’s engineers, who are dealing with an unprecedented surge of users, and somehow managing to keep their service from falling over. They deserve a lot of credit for this. It seems almost unfair to criticize the company over some hypothetical security concerns right now.
I'll have all the sympathy for Zoom's employees who are probably having mandatory overtime in order to keep things running smoothly and to patch things up in response to all the (very legitimate) concerns being brought up, but at the end of the day, Zoom is a for-profit company, not a charity. A for-profit company with links to China [0] that's in a very unusual situation right now and potentially coming in contact with a lot of sensitive information as a great deal of people have come to rely on them. I don't think they deserve to be cut any slack and honestly, the more people find and use other alternatives, preferably open source ones (Jitsi Meet [1], BigBlueButton [2], Jami [3], among others) the better.
I feel bad for Zoom right now. They had a great product that people loved, and now all of a sudden they are having an explosion in usage and scrutiny.
And the worst part is that all of this scaling work will be for only a temporary increase. Once everyone gets called back to the office and people can see their friends in person, their traffic will go back down.
Usually if you have an explosion of popularity like this you at least know that your work will be going towards continued growth and revenue.
Having been on the other side of explosive growth, I can empathize with the engineers at Zoom who have to deal with this.
To their credit, they seem to have built a system that can scale pretty well given how well the product has just kept working.
I think building an iMessage-style PKI might be a wasted effort for them. They would need to immediately and silently inject server "participants" that listen in to every conversation (for dial-in or recording), so the permission model is not much better than a shared ephemeral key. To some extent, the difference depends on logging--if you log the ephemeral key or throw it away (or similarly, if you throw away the made-up participant private key or keep it).
Maybe they should allow small groups to establish on-the-fly OTR-style conversations when they can.
> It indicates that the Zoom client — meaning the actual Zoom software running on a phone or desktop computer — is capable of encrypting audio/video data to other Zoom clients in the conversation, without exposing your sensitive data to Zoom servers.
Maybe I’m bad at English, but I had exactly the opposite interpretation. When someone says they “don’t” do something, that implies to me that they are able to, but choose not to. Otherwise, they’d just say they “can’t”.
I imagine a lot of these decisions were pretty rushed this year. There are a ton of Universities, businesses, etc, that hadn't previously done any large scale video conferencing. They didn't have much time to do a thoughtful selection.
Zoom is under scrutiny largely because it's a suddenly a highly popular choice. All the hoopla incented skeptics to take a closer look.
The fact is that almost none of the communications we use on a daily basis are end-to-end encrypted. What response would you get if you told staff, partners, executives, support personnel, etc that the new standard was based on GPG web-of-trust or hierarchical S/MIME emails and that all plain text emails (or any not digitally signed) were going to be binned at the mail servers?
For that, I don't blame organizations for doing what they had to do - it's perfectly reasonable. But the discussion that results from this is mostly healthy. Zoom will suffer from the PR but I think that will give us better options as a result going forward.
This is a bit of shameless plug, but seems relevant as its about providing end to end encryption for Jitsi. My company provides a VPN product (really a full-fledged API driven SDN) that you can plug containers into. So a network edge that supports plugins. We just spun up a Jitsi plugin. All packets run over the encrypted overlay network for VPN clients. We'll post a little blog post on it soon. PM me if it sounds interesting.
Is E2E encryption desirable for video chats with >2 participants?
Let's say I'm talking with two other people: is there a way to do E2E encryption without having to send out the same stream twice?
edit: Just realised a common key would allow this. But I am still interested in schemes for deriving a key amongst multiple parties using a middleman without the middleman knowing the key. It seems like a rather hard problem.
> But I am still interested in schemes for deriving a key amongst multiple parties using a middleman without the middleman knowing the key. It seems like a rather hard problem.
This is exactly what happens when your browser establishes an HTTPS connection. There are many middlemen between you and the web server, but it still manages to negotiate a shared symmetric key (the session key) that can be used for the bulk of the encryption.
The difference is that there is no certificate authority vouching for each participant in a video call's identity, so you would need to do independent identity verification if you want to ensure that the call is secure, which some people would do by reading the public keys of each participant aloud, and people verifying that everything matches what they see.
> The difference is that there is no certificate authority vouching for each participant in a video call's identity, so you would need to do independent identity verification if you want to ensure that the call is secure, which some people would do by reading the public keys of each participant aloud, and people verifying that everything matches what they see.
This is a good point I hadn't considered. It led to me questioning how signal did it "right," and realising that there is seemingly no way around educating users to check public keys.[0]
So if video chats were meaningfully E2E encrypted, we would need a way to verify the public keys, which afaik Zoom doesn't have.
You can send a single stream with E2E, just as your can send a PGP message to multiple recipients. Each packet/bundle/whatever has the decrypt key encrypted against each of the recipient keys.
Thanks, I hadn't realised that. Looking into it, it seems PGP creates a shared symmetric key and then shares that key using public-key, which does seem like the most obvious way to do it.
One thing I don’t understand is why Zoom is more popular than Jitsi. Zoom charges a subscription fee for meetings longer than 40 minutes, where Jitsi is free for unlimited use. What does Zoom offer that Jitsi doesn’t?
what is there to even say at this point. everyones mad at zoom; we hit critical volume for mob mentality and now no amount of discussion or reason matters.
should they have marketed it is e2e when sometimes its not? of course not, theyre wrong.
do you fucking care? do you need more than one hand to count the number of products that are e2e encrypted? if you use the definition of e2e in the article, nothing apple does is e2e either. does anyone else that's not in tech even understand what encryption is at all, much less e2e?
they use a shitty encryption scheme when they do e2e? theyre wrong and should do better.
do you care? your threat model is that someone knows your meeting, is in place beforehand, intercepts the encryption, decodes it, and then spys on your conference?
this couldn't be more of a penny-wise, pound-foolish scenario. why are we still talking about this. please stop
The problem for the mob rests on the fact that they advertise the system as being e2e, when it is not - at least with the definition I use for e2e. https://zoom.us/security
My rule-of-thumb (NOT A LITMUS TEST) for e2e is as follows: If you have exchanged the public or pre-shared key(s) with the partner(s) out-of-band OR you had your public key signed by a NEUTRAL (key word) third party who is mutually trusted, then yes - you are likely using e2e.
If Zoom generated the keypairs, signed them, and transported the public keys themselves without an external independent library - I don't consider that e2e because they are the middle man every step along the way.
Should we treat other companies the same way if they claim they use e2e but don't? Yes, absolutely. This situation is bittersweet, it's (a bit) unfair to Zoom, but hopefully this will spark healthy discussions around what e2e is and more importantly, what it is not.
"They've been repeatedly caught doing terrible thing security wise, doing shady stuff in general, not caring / learning from their mistakes, lying about their product and then issuing overly specific statements that are designed to confuse. Why are we still talking about this?"
Millions are still using Zoom. Its shares are still trading at an enormous premium.
The technical discussion is something altogether different, and people are allowed to have that, regardless of your consternation. And hopefully a better product comes out of it.
"if you use the definition of e2e in the article, nothing apple does is e2e either"
This bit of sad whataboutism is technical nonsense, though. No, Apple, and a number of other vendors, actually do this right.
I honestly think Zoom's engineers, who have made a number of rudimentary serious technical blunders, thought "end-to-end encryption" meant "it's encrypted during every stage of transport". I've seen a number of companies make this mistake.
> I honestly think Zoom's engineers, who have made a number of rudimentary serious technical blunders, thought "end-to-end encryption" meant "it's encrypted during every stage of transport". I've seen a number of companies make this mistake.
This means they're incompetent, full stop.
I don't think that at all. I think the marketing team is just full of shit.
I think the engineers told the marketing team that they implemented E2E and the marketing ran with it. The same engineers who rolled their own crypto using ECB mode probably thought they were telling the truth. The marketing team probably asked if they had used blockchain too. Until recently they were just another a small company trying to build a customer base in a crowded market.
The Intercept article on it has a discussion here: https://news.ycombinator.com/item?id=22767807