Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

Zoom Developing End-to-End Encryption Feature for Paying Users

MacRumors

macrumors bot
Original poster
Apr 12, 2001
50,508
11,885


Videoconferencing service Zoom says it is developing end-to-end encryption for the platform, but the feature will only be available to paying users.


Speaking to Reuters, Zoom security consultant Alex Stamos confirmed the plan, which had been based on "a combination of technological, safety and business factors."

Zoom has attracted millions of free and paying customers amid the global health crisis, with stay-at-home measures causing a surge in the number of people working remotely.

However, lax security, such as the ability for unregistered users to join meetings, has led to zoom-bombing pranks and caused alarm amongst safety experts and privacy advocates.

"Charging money for end-to-end encryption is a way to get rid of the riff-raff," Jon Callas, a technology fellow of the American Civil Liberties Union, told Reuters. Callas said it would deter spammers and other malicious users who take advantage of free services.

End-to-end encryption ensures no one but the participants and their devices can see and hear what is happening in a meeting, but it would also have to exclude people who call in to Zoom meetings from a telephone line.

Zoom is currently under investigation by regulators such as the U.S. Federal Trade Commission over previous claims about encryption that have been criticized as exaggerated or false, according to Reuters.

Privacy experts also told the news organization that with the Justice Department and some members of Congress condemning strong encryption, Zoom could draw unwanted new attention by expanding in that area.

Back in April, Zoom was accused of misleading users with claims that calls on the platform are end-to-end encrypted, when in fact videos are secured using TLS encryption, the same technology that web servers use to secure HTTPS websites.

Currently, Zoom's in-meeting text chat is the only feature of Zoom that is actually end-to-end encrypted. But in theory, the service could spy on private video meetings and be compelled to hand over recordings of meetings to governments or law enforcement in response to legal requests.

Apple already uses end-to-end encryption to protect FaceTime users as call data travels between two or more devices. Even Apple can't decrypt the call and listen in to user's conversations.

Article Link: Zoom Developing End-to-End Encryption Feature for Paying Users
 

Makosuke

macrumors 603
Aug 15, 2001
6,294
524
The Cool Part of CA, USA
This is a welcome change, speaking as someone in a small corner of a relatively large organization that pays for Zoom, and therefore is stuck with it. It's been, frankly, embarrassing to have no option but to invite people from other organizations to meetings using the least-secure option on the market--it's so bad that there are some orgs that literally can't join meetings we start because their security bans Zoom entirely.

Several of the large companies I attend meetings with used to use Zoom, and none of them do now. All of them have switched to Microsoft Teams, Cisco Webex, or something else.

I put together a security document as part of the recent work-from-home move, and literally had to tell people to avoid using my org's own video conferencing option when security was important.
 

Tech198

macrumors P6
Mar 21, 2011
15,296
2,006
Australia, Perth
What freedom?

The freedom they stuffed it up in the first place, but now using it to make profits out of. If end to end encryption is as important as Zoom says it is, then it should not be for paid users only. The only reason to do that is so they can come back later and say "look how many paid users we have now" when privacy should have always ben there from the beginning.
 

centauratlas

macrumors 65816
Jan 29, 2003
1,299
2,060
Florida
“Charging money for end-to-end encryption is a way to get rid of the riff-raff," Jon Callas, a technology fellow of the American Civil Liberties Union

Security only for paying users is a pretty poor model.
Of course the kids use Group FaceTime not zoom except for classes, but it is funny to see the ACLU refer to teachers talking to kids as “riff-raff”.
 

826317

Cancelled
Jun 28, 2013
460
4,322
Rent-free in your head
Totally agree. How dare they try to correct the mistakes of the past? And who do they think they are asking users to pay for a service?

/s
If they want to charge for a service, that's fine. If they want to charge for a simple piece of implementation (end-to-end encryption) that's where it becomes an absolute joke for me.
 
Last edited:

I7guy

macrumors Penryn
Nov 30, 2013
24,284
12,414
Gotta be in it to win it
I'm glad for the end-to-end encryption, will help the perceived value of the security and maybe should allay the concerns of a couple of large organizations that jumped ship to other methods. Zoom is still far and wide the leader in the post-covid teleconference worlds as far as I can tell.
 
  • Like
Reactions: TiggrToo

Sasparilla

macrumors 68000
Jul 6, 2012
1,506
2,422
Is Skype better than them?

From a security standpoint, yes way better. Zoom lied about their encryption multiple times, was caught routing customer calls to China (where their business meetings would be most important), was caught installing a server on the Mac OS application that constantly phoned home information even after you uninstalled Mac Zoom application and the list goes on and on. The execs have most of the development done in China so the devs don't cost anything.
 

neuropsychguy

macrumors 65816
Sep 29, 2008
1,379
2,205
If they want to charge for a service, that's fine. If they want to charge for a simply piece of implementation (end-to-end encryption) that's where is becomes an absolute joke for me.
The beauty is you can use another service that's free and offers end-to-end encryption. You have FaceTime, Google Duo, Skype, and Teams. There could be others.

I like all but Skype (consistently poor video and audio quality but that's not an issue with any of the others in my experience).
 
  • Love
Reactions: Michaelgtrusa

Shirasaki

macrumors G4
May 16, 2015
10,285
4,110
I see encryption starts to become a privilege instead of basic human rights, even if the encryption is implemented with open protocols. Backed by multiple dramas between Apple and FBI, I dare not dream what would’ve happened in the next few years.
 
  • Like
Reactions: DotCom2

cmaier

macrumors Core
Jul 25, 2007
19,780
20,903
California
The beauty is you can use another service that's free and offers end-to-end encryption. You have FaceTime, Google Duo, Skype, and Teams. There could be others.

I like all but Skype (consistently poor video and audio quality but that's not an issue with any of the others in my experience).

In the real world you can only use what the people you are talking to also have access to and are also willing to use.
 

IceMan30

macrumors newbie
Aug 8, 2012
16
3
I'm a little (not too much?) amazed at how little security really matters to a lot of people. Convenience, usability, compatibility, likability...that is what most of us (myself included) really want in software, and life in general.

That said, wouldn't it have been nice if Apple had better positioned itself with a sort of "FaceTime Pro" for large groups and businesses? Native apps plus webs access for Windows/Android/Linux users. The relative simplicity and wide spread reach of Zoom coupled with MS Skype/Teams type security, all wrapped up in Apple's UI wunderkit.

*TANGENT*
Now that I think about it, with my 1st grader doing online school for the last 3 months, wouldn't it be nice if Apple did more to demonstrate what their online services can offer, particularly for education? My son's school, like so many, is mainly Google-based. And I've read Bill Gates is trying to re-invent on-line learning in his own image. There was a time when Apple ruled the education scene, grade school through college, and for good reason. Oh how times change. But I digress..
 
  • Like
Reactions: bernuli

Scottsoapbox

macrumors 6502a
Oct 10, 2014
988
3,783
OMG with the Zoom bashing.

The latest version now has better security than any other option. They have leapfrogged Google and Microsoft with end to end encryption, but people still want to use the memes from two months ago. Let it go people. Find a new, better target :rolleyes:
 

icanhazmac

macrumors 6502
Apr 11, 2018
439
1,216
OMG with the Zoom bashing.

The latest version now has better security than any other option. They have leapfrogged Google and Microsoft with end to end encryption, but people still want to use the memes from two months ago. Let it go people. Find a new, better target :rolleyes:

So how do you address these issues from the past when the same ownership/management is in place?

From a security standpoint, yes way better. Zoom lied about their encryption multiple times, was caught routing customer calls to China (where their business meetings would be most important), was caught installing a server on the Mac OS application that constantly phoned home information even after you uninstalled Mac Zoom application and the list goes on and on. The execs have most of the development done in China so the devs don't cost anything.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.