Zoom Finally Moves To End-to-End Encryption: And Takes Security Seriously

And the security gasped and laughed out loud, when they found that Zoom setup a server on your computer, and allowed anyone to connect to it. Zoom fixed it, quickly, as it was as bad as it gets for security.

And the security community laughed when it was found that Zoom was using AES ECB (Electronic Code Book). Not even a first year computer security student would ever go near that!

And then they laughed again, when Zoom produced a little icon that said “End-to-end encryption”, where all it was, was a standard TLS tunnel. What if someone setup a proxy on your machine, or an untrusted Zoom client? They just didn’t get it!

The development team at Zoom just couldn’t be trusted for proper security. But when the UK Government and Cabinet starts to use Zoom for their video conferences, you really need to up your game in terms of proper security. Zoom were obviously great with their back-end services and with their user interface, but they were “perhaps” novices when it came to core security?

Go get great crypto people, who are trusted

So I have spent a good deal of my time on Zoom over the past few weeks, and when I use WebEx or Teams, it just does feel the same. But, Zoom’s success have made them…