Zoom will soon be introducing end-to-end encryption. Yeah, I know they said they already had it, but it turns out that was—uhh—inaccurate.
But if you were expecting E2EE in the free tier, think again. Those soy chai lattes don’t pay for themselves, you know.
It feels a bit like boiling a frog. In today’s SB Blogwatch, we luxuriate in the lovely warm water.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: llama pedagogy.
E2EE for Reelz This Time
What’s the craic? Joseph Menn reports—“Zoom plans to roll out strong encryption for paying customers”:
Video conferencing provider Zoom plans to strengthen encryption [except for] users of its free consumer accounts, a company official said. … The company, whose business has boomed with the coronavirus pandemic, discussed the move on a call with civil liberties groups and child-sex abuse fighters.
[It] drew mixed reactions from privacy advocates. … Gennie Gebhart [of] the Electronic Frontier Foundation … said she hoped Zoom would change course and offer protected video more widely. But Jon Callas … of the American Civil Liberties Union, said the strategy seemed a reasonable compromise.
Zoom security consultant Alex Stamos … said the plan was subject to change and it was not yet clear which, if any, nonprofits or other users, such as political dissidents, might [also] qualify: … “The CEO is looking at different arguments.” … Zoom hired Stamos and other experts after a series of security failures led some institutions to ban its use.
And Kim Lyons roars—“End-to-end encryption won’t be coming to all customers”:
The videoconferencing platform has boomed in popularity during the coronavirus pandemic, but has been plagued by myriad security issues. Those include Zoombombing, where an uninvited guest invades a video call and disrupts it with pornography or other shock content.
Adding full end-to-end encryption on every video call, however, would exclude customers who call in from phone lines. And … tighter encryption would not allow Zoom’s own security teams to add themselves to calls to help customers in real time.
But Max Freeman-Mills grinds the “Think of the Children” angle—“You’ll be able to get stronger Zoom encryption, but only if you pay”:
Zoom’s explosion into the mainstream has been an interesting one to watch, but it’s also been accompanied by near-constant rumours and warnings about the relative security of its video-calling platform. … The beefed-up security is apparently planned for Zoom’s paying subscribers and institutional users (such as schools and universities), and is not expected to be applied to consumers.
This sort of upgrade can cut both ways – on the one hand, it offers more security and peace-of-mind for those using Zoom’s calls for their meetings and catch-ups. However, some commentators warn that the more encryption Zoom uses, the more its platform could be used by criminals and fraudsters seeking to avoid detection.
What are they playing at? code4tee has seen this episode before:
For better or worse Zoom has obtained “iPhone status” in corporate IT. What killed the Blackberry was when decision makers had a personal iPhone and a work Blackberry and they finally turn up in the head of IT’s office and say, “Hey these things you’re making us use really suck.”
I see exactly the same thing happening now with Zoom. I see IT types saying “but encryption” yadda yadda yadda and decision makers tuning up saying, “This conferencing software you’re forcing us to use really stinks. I had a meeting with our soccer parents group on Zoom and it was so much better. Please switch us to this.”
Wait. Pause. Didn’t Zoom already do this—like last month? No, reminds Kate O’Flaherty—“Here’s One Big Reason”:
Announced in April as part of Zoom’s plans to overhaul its security, Zoom 5.0 includes a much better level of encryption for your meetings and chats. Zoom is applying this on May 30.
However, although Zoom’s encryption is improved with 5.0, it’s still not end-to-end encrypted like Signal or Apple’s FaceTime. Therefore, I don’t recommend it for super-sensitive chats.
What exactly are they planning? Zoom’s Josh Blum et al paper over the cracks—“E2E Encryption for Zoom Meetings”:
This proposal lays out a long-term roadmap for E2E security in Zoom in four phases. … In the first phase … every Zoom application generates and manages its own long-lived public/private key pairs; those private keys are known only to the client. From here, we will upgrade session key negotiation … without needing to trust the server.
The goal of the new design … is simply to eliminate Zoom’s role in distributing … shared meeting key material, and to shift this responsibility to the participating Zoom clients. … All keys will be generated and distributed between individual authorized meeting participants. … No secret key material or unencrypted meeting contents will be provided to Zoom infrastructure servers, except in specific cases where this sharing is explicitly authorized by a meeting host (e.g., to support abuse reporting.).
Public key cryptographic operations [will] happen via Diffie-Hellman over Curve25519, and EdDSA over Ed25519 [which] have shown a consistent track record for resilience to common cryptographic attacks and implementation mistakes. … In some cases (like government uses) … we must fall back to FIPS-approved algorithms, like ECDSA and ECDH over curve P-384.
At a high level, the approach is simple: use public key cryptography to distribute a session key to a meeting’s participants; and provide increasingly stronger bindings between public keys and user identities. However, the devil is in the details, as user identity across multiple devices is a challenging problem, and has user experience implications.
But a security tax? That doesn’t sit well with Donald (no not that one):
They’re just using the work done by their recently acquired Keybase team, who offered secure end to end encryption for git repositories, files, personal, and team chats for free for years now. They’re not really shouldering that much development cost, because most of the work was already done. I’ve been a happy Keybase user for a long time and it hurts to see Zoom charging people for basic internet security they previously claimed to already have.
We aren’t mad that Zoom is making money. … But they previously claimed that all of their meetings were already end to end encrypted, despite that being false. Now, after acquiring a well known platform that did end to end very well for free, they are offering that protection only to paying customers. That is what is upsetting. They took work another team did for free and are charging for it, when having access to encryption is vital to communicating online and it isn’t difficult to do. Look at Keybase and Let’s Encrypt. Secure internet communication for everyone, for free. Zoom should be offering this at all service levels because it’s a basic expectation at this point.
What if your bank only encrypted information for business customers? I speak as a developer for a fairly large company. We encrypt all of our customers’ information, not just the largest ones.
And OJFord drives the point home: [You’re fired—Ed.]
That acqui-hired Keybase team is surely leaving: Its motto was literally … ’crypto for everyone.’
But the homepage now instead has phrases like ‘for things that matter’, and the slogan at the bottom is ‘because safety first.’ … It’s a real shame, but I did start my de-Keybasing yesterday. … I think most likely is axing it, followed by butchering it into a niche security nerd product without the interest or direction of the original team.
So you can almost hear Sethal typing “smh”:
I keep shaking my head seeing so many people use Zoom. Apple really dropped the ball here.
FaceTime usage would have exploded if they had … apps available on other platforms. Now, instead of using a free secure platform, more and more people are being forced into using an unsecured Zoom for work, school, doctors visits, court visits, etc.
Meanwhile, tialaramex wonders why anyone would trust Zoom—after the previous encryption scheme that the company falsely described as “end to end”:
They took RTP and just encrypted the data with ECB mode, using the same keys on every node. It’s what a child would do.
Hat tip: feross
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or email@example.com. Ask your doctor before reading. Your mileage may vary. E&OE.