[Cryptography] But Zoom is fixable

Phillip Hallam-Baker phill at hallambaker.com
Fri Apr 10 12:14:35 EDT 2020

A quarter century ago, I was in a meeting at MIT where we reviewed a number
of new security protocols. One of them was so hilariously bad it was broken
less than ten minutes into the presentation.

That protocol was the never-released SSL/1.0 which eventually evolved into
TLS and is the basis for almost all the security in use on the Internet

Thats the way we do crypto: people try stuff, it sucks, we fix it. It would
be nice if they came and asked us before they put a product out but Zoom
lost $10 billion off their market cap over this flap. Good crypto people
aren't cheap but Zoom can easily afford to fix this. I am sure there will
be no shortage of top rank folk willing to join up to their technical board
because this is a technical board which might actually meet (virtually) and
do something for a change.

There are quite a few constraints that make this an interesting problem.
One constraint that I see a lot of people failing to understand is that
ease of use is king. Security that demands anything of the user is not
going to fly. The challenge is not to make a version of Zoom with all the
usability of the PGP mode in vi. The E2E version has to be
indistinguishable from the regular Zoom experience unless the user decides
to ask how secure they really are.

When the phishing issue hit the banks hard at the turn of the millennium,
one of the things the Bank America people told me was they wanted a
solution for the banking industry, not just for BofA: We don't compete on

There are really good reasons why the banks don't compete on security.
Breaches at one bank cause a general loss of confidence in banking. The
banks were keen to see their customers banking online, not inline at their
expensive to maintain branches.

We have to approach Zoom security with the same mindset. This is an
industry problem and we need to fix it. Given the circumstances, the short
term fix is going to have to be a proprietary one with limited
functionality. But the long term goal should be an industry standard
security protocol that provides E2E all the time unless there is a gateway
to a non E2E system in use.

Threshold crypto allows features like cloud recording to be supported.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200410/e245e921/attachment.htm>

More information about the cryptography mailing list