Following the news that Zoom is rolling out end-to-end encryption for users globally, Cybersecurity expert has provided the below comment.

Notify of

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Tod Beardsley
Tod Beardsley , Research Director
InfoSec Expert
October 29, 2020 12:01 pm

I\’m happy to see that Zoom has started its rollout of sensible end-to-end encryption. Implementing E2EE takes a ton of work, and while the vast majority of users won\’t notice the change, it\’s great to know that Zoom employs the most current encryption standards as basic, easy-to-use functionality. That said, people like journalists and whistle-blowers should make sure they and their co-Zoomers are all using the most recent version of the Zoom client, are specifically avoiding using web client and phone dial in endpoints which do NOT support E2EE, and actually verify security codes as displayed in the new Zoom client. It only takes one Zoom participant to break the end-to-end nature of E2EE, so if you are absolutely relying on E2EE working correctly, it\’s critical that all participants are aware of these subtleties.

Last edited 2 years ago by Tod Beardsley
Information Security Buzz
Would love your thoughts, please comment.x