Nothing substantive has changed, and Zoom will still have the capability to intercept and eavesdrop on your calls. Unless companies using this have no IP to protect or operate exclusively in China, Zoom is an awful idea and a major risk.
We simply cannot talk about Zoom without mentioning China. The company has extremely deep ties to the country and China is known for large-scale theft of intellectual property and eavesdropping.
Even if Zoom executives wouldn't hand this information over to the CCP, what's to stop the CCP from pressuring a developer or planting one?
I've been tinkering with self-hosting my own Jitsi[0] instance, it's one way to limit eavesdropping only to people with access to your own infrastructure.
If you're referring to group calls, there aren't any applications that meet the criteria unless you self-host.
1-to-1 there are plenty of options, like Riot/Matrix.
Even though plenty of Western governments have engaged in IP theft before, I'd trust most of them more than the CCP which engages in organized and systematic IP theft.
Duo at least promises E2E encryption and handling high latency connections, although I haven't tried it yet. But I'd love to see a comparision of personal use case.
I really don't care if TikTok or Zoom are associated with a particular country actually or if people assume it for racist, ideological, or nationalist reasons. It's the celebrities, novelty-seekers, and other influencers who community spread half-baked apps of unknown provenance like the corona that are the problem.
These guys are space cadets if they think a move to AEAD GCM is compelling for “privacy minded” folks, whilst still in the shadow of no e2e encryption and all of the other security flaws.
There are always cases where encryption is useful, and I'll never turn down free upgrades but...
The main purpose of Zoom is big meetings and lectures. Those are made insecure by human nature. So either you're having 121 conversations and should not be using zoom. Or you're insecure already and improving encryption won't make any difference when agency X leans on the person in the room with the most to lose...
Honest question, there’s been a lot of posts lately on alternatives. Besides self hosting with Jitsi, are other platforms just as vulnerable to eavesdropping? I ask because there’s concern with customers we use Zoom. We would like to ensure that alternatives to Zoom suffer the same problems so we have comparisons to show customers.
We simply cannot talk about Zoom without mentioning China. The company has extremely deep ties to the country and China is known for large-scale theft of intellectual property and eavesdropping.
Even if Zoom executives wouldn't hand this information over to the CCP, what's to stop the CCP from pressuring a developer or planting one?