[liberationtech] Zoom’s Encryption Is “Not Suited for Secrets” and Has Surprising Links to China, Researchers…

Aaron van Meerten aaron.van.meerten at gmail.com
Sat Apr 4 19:37:01 CEST 2020 

You’re correct.  For p2p calls it is end to end.  For non-p2p calls, the bridge decrypts from each sender in memory and re-encrypts to each receiver.

The idea is to expand this to allow packets to also be encrypted on each client so the bridge would have no access to the content even for non-p2p calls.

-Aaron

> On Apr 4, 2020, at 12:22 PM, Federico Guerrini <federico.guerrini at hushmail.com> wrote:
> 
> Hello Aaron, 
> 
> Forgive my ignorance, but I'm a bit confused, I thought Jitsi already had end-to-end, at least for P2P calls?
> "Jitsi meetings can operate in 2 ways: peer-to-peer (P2P) or via the Jitsi Videobridge (JVB). This is transparent to the user. P2P mode is only used for 1-to-1 meetings. In this case, audio and video are encrypted all the way from the sender to the receiver, even if they traverse network components like TURN servers."
> 
> https://jitsi.org/news/security/ <https://jitsi.org/news/security/>
> Did I get it wrong?
> 
> Kind regards,
> 
> Federico
> 
> 
> 
> 
> 
> 
> On 3/4/2020 at 10:03 PM, "Aaron van Meerten" <aaron.van.meerten at gmail.com <mailto:aaron.van.meerten at gmail.com>> wrote:
> We on the Jitsi team are working on such features.  Check out https://jitsi <https://jitsi/>.org/ or our flagship deployment https://meet.jit.si/ <https://meet.jit.si/>
> 
> We hope to be layering on end-to-end encryption features, and would happily take community contributions.
> 
> Cheers,
> 
> -Aaron
> 
> On Apr 3, 2020, at 2:56 PM, Yosem Companys <ycompanys at gmail.com> wrote:
> 
> Hey all,
> 
> Read the Intercept article in the link below. 
> 
> Seems like we need a truly encrypted and open-source Zoom alternative. 
> 
> Anyone interested in developing one? Email me privately.
> 
> And please share with your million closest friends.
> 
> Thank you,
> Yosem
> 
> https://theintercept.com/2020/04/03/zooms-encryption-is-not-suited-for-secrets-and-has-surprising-links-to-china-researchers-discover/ <https://theintercept.com/2020/04/03/zooms-encryption-is-not-suited-for-secrets-and-has-surprising-links-to-china-researchers-discover/>
> 
> 
> -- 
> Liberationtech is public & archives are searchable from any major commercial search engine. Violations of list guidelines will get you moderated: https://lists.ghserv.net/mailman/listinfo/lt <https://lists.ghserv.net/mailman/listinfo/lt>. Unsubscribe, change to digest mode, or change password by emailing lt-owner at lists.liberationtech.org <mailto:lt-owner at lists.liberationtech.org>.
> 
> 
> 
> -- 
> http://www.forbes.com/sites/federicoguerrini/ <http://www.forbes.com/sites/federicoguerrini/>
> 
> http://reutersinstitute.politics.ox.ac.uk/publication/newsroom-curators-and-independent-storytellers <http://reutersinstitute.politics.ox.ac.uk/publication/newsroom-curators-and-independent-storytellers>
> 
> www.federicoguerrini.com <http://www.federicoguerrini.com/>
> 
> My latest book: Content Curation (Italian)
> 
> http://www.amazon.it/Content-Curation-Federico-Guerrini/dp/8820366126 <http://www.amazon.it/Content-Curation-Federico-Guerrini/dp/8820366126>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/lt/attachments/20200404/5bb1be85/attachment-0001.html>

More information about the LT mailing list