Zoom was found to have falsely advertised its encryption technology

Zoom has been used by millions of people for remote meetings as a result of the new crown outbreak. But its security is also a growing concern. Researchers at the Citizens Lab at the University of Toronto in Canada reverse-engineered the software and found that the company had false propaganda about encryption schemes.

Zoom claims that its meetings are encrypted using AES-256, but in fact only a simple AES-128 key is used in ECB mode, which is generated by Zoom’s server.

Zoom was found to have falsely advertised its encryption technology

In some cases the key is generated by a server from China. It also claims to use end-to-end encryption, but in fact it is far from true end-to-end encryption, and the company’s definition of end-to-end encryption is different from the usual definition.

Although Zoom is a Silicon Valley company, there are three companies in China with at least 700 employees working in software, all of which are named SoftView Software.

Zoom’s SEC documents show that 81% of its revenue comes from North America.                     

Zoom was found to have falsely advertised its encryption technology