Zoom: End-to-end-encryption makes calls secure, but you need to disable some features

Zoom has officially made end-to-end encryption (E2EE) available to its users globally to both free and paid users, according to a press release from the company. This announcement comes five months after the feature was initially announced.

Back in May, the popular video conferencing app found itself in the middle of a controversy when it announced plans to only add support for E2EE, but limited it only for the users who paid for the premium version of the service. According to the pricing on Zoom’s website, premium prices start from USD149.90 (RM624) per year per license.

But after lots of criticism, Zoom walked back on its decision and said it would make E2EE available to all its users. In case you are not in the know, end-to-end encryption is kind of the gold standard of privacy for messaging apps. Basically with E2EE, the meeting’s host would generate encryption keys and uses public key cryptography to distribute these keys to the other meeting participants.

https://twitter.com/zoom_us/status/1320760108343652352

This means that nobody except the meeting participants has access to the encryption keys being used to encrypt the meeting, not even Zoom servers. Zoom said its servers would then become oblivious relays and never see the encryption keys required to decrypt the meeting’s contents.

Zoom said that account admins can enable the E2EE feature via their web dashboard at the account, group, and user level. It can also be locked at the account or group level. Once enabled, the host can toggle on and off E2EE for any given meeting depending on the level of security and level of functionality they would like.

SEE ALSO:  Zoom to pay RM358 million to users for making false claims about its end-to-end encryption

The company credits the quick roll out of its E2EE feature to its encryption team from Keybase, a company that specialises in encryption standard, that it acquired in May. Zoom stepped up its security efforts following an incident in April when 500,000 Zoom accounts stolen and sold on the dark web.

While users will enjoy greater privacy while using Zoom with E2EE, they will have to disable certain meeting features in order for it to work. This includes: join before host, cloud recording, streaming, live transcription, Breakout Rooms, polling, 1:1 private chat, and meeting reactions. It is a small price to pay for enhanced security but understandably this may not sit well with users that frequently use these features.

If you are interested in trying out the new E2EE feature, it is now available on Zoom’s desktop client version 5.4.0 on Mac and Windows, Zoom Android app and Zoom Rooms. The function is also coming to iOS devices soon too once Apple approves the app’s update.

If you have more questions about how Zoom’s E2EE feature works, the company has a handy FAQ guide on its blog.

[SOURCE]

Related reading