he CEO of ZoomEric Yuan sparked controversy after chief executive said the company would not offer the most powerful end-to-end encryption (E2EE) for free calls to ensure it could work with forces of the ‘order. Yuan suggested on Tuesday that E2EE security would not be provided during a conference call Zoom Premium Users instead of the millions of free platform users. With these comments, several users on Twitter criticized the company for having compromised the basic security offered by even competitors such as WhatsApp, Google Duo and Facetime. Meanwhile, company security consultant Alex Stamos visited Twitter to calm the situation down and explain why the company made this decision with E2EE security.
In a series of publications, Stamos Explain the company's decision to offer E2EE security to premium customers, saying that Zoom faces a “difficult balance” of trying to improve privacy while “reducing the human impact of product abuse” . The security consultant here is Referent
to the “hate speech, exposure to children and other illegal behavior” that has infected Zoom in recent times. Stamos further noted that “self-service users” or non-premium users often use false identities to disrupt the platform with such abuse. The executive clarified that E2EE is also provided to companies such as schools and other educational institutions that do not pay a premium.
Some facts about Zoom's current plans for E2E encryption, complicated by the product requirements for an enterprise conferencing product and some legitimate security concerns.
The E2E design is available here:https://t.co/beLdeAwMSM
– Alex Stamos (@alexstamos) June 3, 2020
Will this eliminate all abuse? No, but since the vast majority of damage comes from self-service users with false identities, this will create friction and reduce the damage, “said Twitter.
Stamos also claimed that Zoom was not proactively monitoring meeting content and would not do so in the future, however, it contradicted the statement by saying that the trusted Zoom security team could enter a zoom call “if they firmly believe that the meeting is abusive.” “.
“All users (free and paid) have their meeting content encrypted using an AES256 key per meeting. The sending client encrypts the content and the client that receives Zoom's clients or connector servers encrypts it to connect to the PSTN network and other services. ” He says.
Likewise, Zoom via its official Twitter account also attempted to clarify Yuan's statement. In a position, the company said “Zoom does not provide information to the police except in circumstances such as child sexual abuse.”