科技回声

Getting caught lying about E2EE <i>should</i> spell the end of a company's ability to market it as a feature, at least to anyone who cares about more than simply checking a box marked "encrypted". Yes, I know that most procurement decisions are in fact a box-checking exercise, but any CISO worth their salt should be stepping in to veto Zoom.<p>The dirty little secret of E2EE in proprietary software is that it can be silently neutered by any software update, at any time, in a way that is very difficult to notice. Therefore, E2EE is close to worthless without a high degree of trust in the vendor. Zoom has proven that they're not at all trustworthy compared to other vendors that offer E2EE.

The fact that they can do this and only get fined (by the govt, not us!), with absolutely 0 consequence to any of the perpetrators just goes to show how broken our system is

Sadly, I think it was worth it for them. They've made well more than $85M off that lie.

The fact that they can do this and only get fined (by the govt, not us!), with absolutely 0 consequence to any of the perpetrators just goes to show how broken our system is

Sadly, I think it was worth it for them. They've made well more than $85M off that lie.

Zoom to pay $85M, lying about encryption and sending data to Facebook and Google

3 条评论

Zoom to pay $85M, lying about encryption and sending data to Facebook and Google

3 条评论