back to article Zoom bomb: Vid conf biz to snap up Keybase as not-a-PR-move move gets out of hand

Video conferencing software biz Zoom has bought Keybase in a surprise move just weeks after hiring Facebook's one-time CSO. "There are end-to-end encrypted communications platforms. There are communications platforms with easily deployable security. There are enterprise-scale communications platforms. We believe that no …

  1. Mike 137 Silver badge

    It'd be fascinating

    It'd be fascinating to work out how any given fragile slurpy service gains such take up considering how widely its fragility and slurpiness are publicised.

    1. Chris G Silver badge

      Re: It'd be fascinating

      Presumably, no publicity is bad publicity.

      People hear ' Everyone's using Zoom!' and the flock follows.

  2. John Sager

    There are end-to-end encrypted communications platforms. There are communications platforms with easily deployable security. There are enterprise-scale communications platforms. We believe that no current platform offers all of these. This is what Zoom plans to build

    So how do you do that without the N^2 problem? I believe these multi-picture conference services do the video mixing in the central server to avoid that problem & make the video data feed to each participant just one picture. That requires the server to see the video (and audio), ergo no end-to-end security.

    Trying to do it in each client would be 'interesting'.

    Yes, it's probably a necessary PR thing.

    PS Unicode superscript 2 (² in html) doesn't work.

    1. Anonymous Coward
      Anonymous Coward

      N², you mean?

    2. Richard 12 Silver badge
      Facepalm

      Why do you think it's hard in the client?

      Zoom, Teams and WebEx all demonstrably send all the individual video streams to each participant.

      You can tell because a) each participant sees the others but not themselves and b) they allow you to rearrange the local layout.

      It's actually far easier this way, as the central server simply bounces the streams on to the other participants.

      Gracefully degradation is easiest handled by just dropping packets, and slightly better by telling the sources to reduce their bitrates when not "active".

      All of this and more is well known.

      Yes, the *really* big conferences pre-mix, but in their own machine, not a remote central server. Then broadcast that, eg via Twitch.

  3. Sam Adams the Dog

    Bruce Schneier likes zoom

    Security guru Bruce Schneier recently blogged that he likes Zoom and that they have fixed the most egregious recently disclosed security flaws. He also mentioned that they have some ways to go with key management and with security for the free app, and that the web version remains unencrypted. But he still uses it, even for corporate business. And he likes the feature set.

  4. mego

    Zoombombing...

    Love the name. Ironically the same issue exists on other platforms, not just zoom... but it's not sexy to call it what it is: using a random number generator get the meeting numbers.

    Zoom has had features to block this in the admin portal for a long time. If you want to use a name for it call it "stupid user bombing".

    1. Richard 12 Silver badge

      Re: Zoombombing...

      A security feature that's "off by default" isn't a security feature, because nobody will use it.

      1. mego

        Re: Zoombombing...

        And yet it's by default off on other conference tools ... WebEx is a big offender of this one. As is SFB (and it's bastard uncle, Lync), and other tools. WebEx Spark (or teams now it's called) has the same issue too.

  5. Tom Chiverton 1

    "users will generate public cryptographic identities that are stored in a repository on Zoom’s network"

    How is that any better ?

    1. mego

      Because the public portion of that is, as is defined by the word public, the public portion of the key. This is the one designed to be shared and transmitted.

      The private key is the one you hold to decrypt.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020