It's not just Chinese laws, Zoom has shutdown accounts of Chinese dissidents who are residing in California.[1] This seems like more than just complying with local laws; it's actively supporting the policy of a government upon people who do not even live there.
It shouldn't be, but if you don't control the software and the encryption algorithm, there's no reason why zoom couldn't just sign the content so that could evesdrop on everything.
If you don't have end-to-end encryption, then yes, Zoom can man-in-the-middle your conversation. That is how we know Zoom doesn't have end-to-end encryption.
That doesn't mean end-to-end encryption is pointless, if that's what you're implying.
This allows us to identify the active speaker, keep some statistics on who spoke in the meeting, and rely on mediasoup's fantastic media router ("e.g. hey, we missed a keyframe there, can you give one to me?")
Yes!, at the cost of recording, speaker stats, and all participants having a pre-shared secret. Or you could use a peer to peer service that doesn't use a media router, if you have few enough participants.
Insertable streams are coming, along with e2ee through media routers. The Jitsi folks are doing great experiments there, and I'm happy they have taken the lead.
I think if I were in your shoes right now I might use a peer to peer video conferencing application that relies on tried and true p2p e2ee (or build one, it's not hard).
Insertable streams are new, and less proven.
An honest question, do you visit sites served by Cloudflare? Is point-to-point encryption okay for your use cases there, or do you have security concerns that require e2ee for your communications?
You should do whatever you want to do, you are your own human.
My biggest question about Zoom's implementation is, how can we trust it? They haven't proven themselves to be trustworthy, so it's a big ask for the world to believe their latest pitch.
1. Zoom: is actively lying right now, has lied in the past, and has had numerous security breaches which were easily avoidable.
2. Team.video: This Doug W. Brunton fellow may be lying, but at least is not currently taking an opportunity to lie, and seems to have a decent grasp of the tradeoffs involved in end-to-end versus point-to-point.
I have done my best throughout my career to tell the truth. If you can find an example where you think I've lied, I'd be happy to clarify. So no, I'm not a hypocrite.
You're literally taking a pro-lying stance right now. Is that really who you want to be?
