- Joined
- May 15, 2016
- Messages
- 14,160
- Likes
- 2,643
- Points
- 1,730
Under Chinese law, authorities may require Zoom to encrypt user conversations.
Due to the quarantine introduced due to the coronavirus pandemic, the popularity of conferencing platforms, in particular Zoom, has increased. Therefore, the service has come under the scrutiny of cybersecurity experts.
As it recently became known , the interpretation of the term “end-to-end encryption” used by Zoom developers differs from the generally accepted one. By “end-to-end encryption”, experts in the field of cybersecurity understand the encryption of transmitted data in such a way that only the sender and the recipient have access to it. With this encryption, even the service provider does not have access to user communications.
However, in the understanding of Zoom developers, the encryption they use between clients and company servers is also end-to-end. Theoretically, a company can access conversations, although, according to her, she never did.
According to Citizen Lab experts, a peculiar understanding of the term “end-to-end encryption” is not the only encryption problem in Zoom. During a test connection between Canada and the United States, it turned out that the encryption keys used by the service are sent to servers in Beijing.
“The question is why the company that serves users primarily in the US sends encryption keys to servers in China, given that Zoom may be required by law to disclose these keys to the Chinese authorities,” experts write.
According toThe report submitted by Zoom to the US Securities and Exchange Commission, the number of its employees in China, working in the field of "research and development", exceeds 700 people.
“The report also said that 81% of Zoom’s revenue came from North America. Developing a platform in China probably saves Zoom from having to pay employees in Silicon Valley, reducing company costs and increasing profits. However, this state of affairs also opens Zoom to pressure from the Chinese authorities, ”experts said.
After the publication of a study by Citizen Lab experts, Zoom representatives made a statement: the encryption keys were sent to servers in Beijing by mistake.
Due to the quarantine introduced due to the coronavirus pandemic, the popularity of conferencing platforms, in particular Zoom, has increased. Therefore, the service has come under the scrutiny of cybersecurity experts.
As it recently became known , the interpretation of the term “end-to-end encryption” used by Zoom developers differs from the generally accepted one. By “end-to-end encryption”, experts in the field of cybersecurity understand the encryption of transmitted data in such a way that only the sender and the recipient have access to it. With this encryption, even the service provider does not have access to user communications.
However, in the understanding of Zoom developers, the encryption they use between clients and company servers is also end-to-end. Theoretically, a company can access conversations, although, according to her, she never did.
According to Citizen Lab experts, a peculiar understanding of the term “end-to-end encryption” is not the only encryption problem in Zoom. During a test connection between Canada and the United States, it turned out that the encryption keys used by the service are sent to servers in Beijing.
“The question is why the company that serves users primarily in the US sends encryption keys to servers in China, given that Zoom may be required by law to disclose these keys to the Chinese authorities,” experts write.
According toThe report submitted by Zoom to the US Securities and Exchange Commission, the number of its employees in China, working in the field of "research and development", exceeds 700 people.
“The report also said that 81% of Zoom’s revenue came from North America. Developing a platform in China probably saves Zoom from having to pay employees in Silicon Valley, reducing company costs and increasing profits. However, this state of affairs also opens Zoom to pressure from the Chinese authorities, ”experts said.
After the publication of a study by Citizen Lab experts, Zoom representatives made a statement: the encryption keys were sent to servers in Beijing by mistake.