Hours after security researchers at Citizen Lab reported that some Zoom calls were routed through China, the video conferencing platform has offered an apology and a partial explanation.
To recap, Zoom has faced a barrage of headlines this week over its security policies and privacy practices, as hundreds of millions forced to work from home during the coronavirus pandemic still need to communicate with each other.
The latest findings landed earlier today when Citizen Lab researchers said that some calls made in North America were routed through China — as were the encryption keys used to secure those calls. But as was noted this week, Zoom isn’t end-to-end encrypted at all, despite the company’s earlier claims, meaning that Zoom controls the encryption keys and can therefore access the contents of its customers’ calls. Zoom said in an earlier blog post that it has “implemented robust and validated internal controls to prevent unauthorized access to any content that users share during meetings.” The same can’t be said for Chinese authorities, however, which could demand Zoom turn over any encryption keys on its servers in China to facilitate decryption of the contents of encrypted …read more
Source: Tech Crunch