Zoom faces hurdles in enabling end-to-end encryption
By MYBRANDBOOK
Zoom has thought of a four-phase plan for implementing end-to-end encryption. Each phase of the plan will improve security but leave vulnerabilities that Zoom plans to address in the future. However, the company's draft white paper provides less detail about the later stages of the project.
Zoom has not confirmed when end-to-end encryption will launch or who will get access to it. At least initially, the service will likely be available only to paid customers. The goal of the effort is to give users control of the keys used to decrypt their communications. That would prevent Zoom employees from snooping on conversations or from letting law enforcement agencies do the same.
Zoom previously advertised its service as end-to-end encrypted. But in April, the company acknowledged that it wasn't using the commonly understood definition of that term. The claim has provided fodder for numerous class-action lawsuits.
The first phase of the plan will change Zoom's security protocol so that users' clients - not Zoom's servers - generate encryption keys. The second phase will more securely tie those keys to individual users through partnerships with single sign-on vendors and identity providers.
The third step will give customers an audit trail to verify that neither Zoom nor anyone else is circumventing the system. And the fourth will introduce mechanisms for detecting hacks in real time.
But Zoom won't be able to apply the protocol to all endpoints. Excluded clients include Zoom's web app and room systems that use SIP or H.323. Zoom also can't encrypt from end-to-end audio connections made through the public telephone network. Turning on end-to-end encryption will disable certain features. Users won't be able to record meetings or, at least initially, join before the host. These limitations are typical of end-to-end encryption schemes for video communications.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
ICONS OF INDIA : RITESH AGARWAL
Ritesh Agarwal is an Indian billionaire entrepreneur and the founder a...
Icons Of India : Daisy Chittilapilly
Daisy Chittilapilly is the President of Cisco’s India and SAARC regi...
Icons Of India : Bhavish Aggarwal
Indian entrepreneur Bhavish Aggarwal is the CEO of Ola, India’s larg...
NIC - National Informatics Centre
NIC serves as the primary IT solutions provider for the government of ...
GeM - Government e Marketplace
GeM is to facilitate the procurement of goods and services by various ...
UIDAI - Unique Identification Authority of India
UIDAI and the Aadhaar system represent a significant milestone in Indi...
Indian Tech Talent Excelling The Tech World - Sanjay Mehrotra, CEO- Micron Technology
Sanjay Mehrotra, the President and CEO of Micron Technology, is at the...
Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud
Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...
Indian Tech Talent Excelling The Tech World - Aneel Bhusri, CEO, Workday
Aneel Bhusri, Co-Founder and Executive Chair at Workday, has been a le...