With the upsurge in the use of Zoom for meetings and video calls, fears of privacy breach increased, which was confirmed today as it was reported that the service does not support end-to-end encryption contrary to its claims.
The Intercept published a report accompanying an official statement from the company confirming that it currently does not fully support encryption of conversations.
TLS adds an additional layer of protection and encryption to the encryption of communication between the user and the server to which it is connected, the same encryption used in the HTTPS protocol used on websites.
The main difference between TLS encryption and end-to-end encryption is that Zoom can see your data and conversations because the encryption is one-sided and not the second-party.
Zoom confirmed this report when it said that it is currently not possible to apply end-to-end encryption in group video chats. Zoom uses a combination of TCP and UDP communication protocols, as TCP connections use TLS encryption, and UDP connections encrypted via cipher keys that are exchanged through TLS encryption.
The company stated that its talk about end-to-end encryption is the encryption that occurs in the server and not the user’s device, and therefore practically it can view your data, despite its denial of doing so or selling the data to other parties.
It is reported that a previous report by Bleeping Computer indicated that hackers could steal user passwords through Zoom for Windows.
Vice report Zoom says that it leaks personal data about users such as email addresses and profile picture, and also allows some users to make video calls with strangers.
Last week we talked about sending the Zoom app on the iPhone the user data to Facebook without their knowledge, which prompted the company to stop it and send a security update to the application.
What is a safer alternative? There are several services among them Jitsi Meet Free, open source, encrypted, and free, you don’t need to register an account which Tor recommends.