Zoom finally implements end-to-end encryption, although using it will temporarily lose many features


Last June, Zoom executives announced that, after multiple controversies over the security of their videoconferencing application and after recognizing that their communications encryption was not ‘end-to-end’, they had decided to implement said encryption in its next version.

Now the time has finally come, and the latest update implements E2EE encryption or “end-to-end”, which does not alter the encryption algorithm at all, but rather the place where the key is stored: it goes from being executed on Zoom’s servers to users’ devices.

Although we shouldn’t rush to celebrate.

More security, less functionality (for now)

The new encryption will not be activated by default: the user must enable it in their account settings, and activate it specifically for each meeting. The reason for this is that, in those meetings where it is activated, its participants they will temporarily lose access to various (some very relevant) functions of the application:

Also, at these meetings already users will not have the ability to log in by phone, SIP / H.323 devices or Lync / Skype clientas they are physically compatible with end-to-end encryption.

Also, neither the Zoom web client nor third-party clients using the app SDK will be supported for now.

This situation should be resolved in the coming months: The Zoom roadmap includes four phases (now we are at the first) during which we will gradually restore these options without giving up E2EE encryption.

Street | Android Police

Source link