Cutouts


Move Fast & Roll Your Own Crypto: A Quick Look at the Confidentiality of Zoom Meetings - The Citizen Lab  

written by Bill Marczak, John Scott-Railton. added over 1 year ago by @icyflame ARCHIVES

zoom security privacy encryption crypto    

Unfortunately for those hoping for privacy, the implementation of call security in Zoom may not match its exceptional usability. We determined that the Zoom app uses non-industry-standard cryptographic techniques with identifiable weaknesses. In addition, during multiple test calls in North America, we observed keys for encrypting and decrypting meetings transmitted to servers in Beijing, China. An app with easily-identifiable limitations in cryptography, security issues, and offshore servers located in China which handle meeting keys presents a clear target to reasonably well-resourced nation state attackers, including the People’s Republic of China.

Cutouts is an open source application. Code licensed under the MIT license. Copyright 2018 Siddharth Kannan