[liberationtech] Zoom admitted, then denied, then admitted again that it censored an activist

Sat Jun 13 20:29:40 CEST 2020

Not to get too sidetracked here, but all major browsers have supported
WebRTC for a long time now. I'm not exactly sure what Jitsi is taking
advantage of in newer Chrome versions, but it's certainly not the basic
WebRTC core components, which exist in all browsers.

I would also just add that really Tor put "privacy by design" on the map
long before 2011. I would go with around 2005? It certainly wasn't on
everyone's map to the extent it is today, but it was for many people in
this space.

All that said, I would agree the key distribution problem for E2EE, not to
mention the challenge of how to make E2EE as performant as the alternative,
are not trivial issues AFAICT. One general rule of thumb that Zoom has made
abundantly clear yet again is that performance is absolutely essential for
the vast majority of users. Definitely not saying people should use Zoom
but rather that competing with it with a secure product is challenging.

On Sat, Jun 13, 2020 at 11:19 AM Yosem Companys <ycompanys at gmail.com> wrote:

> You do what you can. The Jitsi team just took advantage of the fact that
> Google open-sourced WebRTC communication standards in 2011 to build a
> browser-based product. We forget that all of those who came before us like
> Brian, Moxie, and Nate have just made it easier for us to privacy and
> security by design. That was not the case when Jitsi got started.
>
>
>
> On Sat, Jun 13, 2020 6:04 PM, bo0od bo0od at riseup.net wrote:
>
>> Im sorry to say this about jitsi but one of the shitiest thing with it,
>>
>> the developers seems to be basing their testing and development on
>>
>> chrome/chromium well= how the fuck is that privacy seeking which basing
>>
>> all the shit on google products?!
>>
>>
>> FF on debian with jitsi has issues to make it work:(fixed or unfixed
>>
>> later i dont know)
>>
>>
>> https://community.jitsi.org/t/jitsi-over-tor-browser-firefox/29513
>>
>>
>> Side question: Since Jitsi using UDP for calls then this is a prevention
>>
>> to use it over Tor or Jitsi server as hidden services right? (Tor TCP
>> only)
>>
>>
>> Aaron van Meerten:
>>
>> > Actually in the latest Chrome we have E2EE in Jitsi. There’s not a
>> great model for distribution of the key, so that is still required to
>> happen out of band, but as long as all participants have the key, we do
>> support E2EE, where the servers doing the forwarding do not have access to
>> the media.
>>
>> >
>>
>> > If you have a newer Chrome, check it out on https://meet.jit.si/
>>
>> >
>>
>> > Cheers,
>>
>> >
>>
>> > -Aaron
>>
>> >
>>
>> >> On Jun 13, 2020, at 2:44 AM, Julian Oliver <julian at julianoliver.com>
>> wrote:
>>
>> >>
>>
>> >> ..on Sat, Jun 13, 2020 at 05:01:51PM +1000, Sam De Silva wrote:
>>
>> >>> https://jitsi.org/jitsi-meet/ isn’t bad.
>>
>> >>
>>
>> >> I agree, and it has improved much the last year. I run a few instances
>> myself
>>
>> >> for a large activist movement.
>>
>> >>
>>
>> >> BigBlueButton is more of a 'Zoom replacement' albeit, with room
>> management and
>>
>> >> recording. It also has an integrated whiteboard, Etherpad, allows for
>> slide
>>
>> >> share (PDF upload) and screen sharing. I also run a large instance of
>> this on a
>>
>> >> dedicated box, 5 figure community using it around the clock. It needs
>> a COTURN
>>
>> >> server to give a route for end-points behind a restrictive NAT or
>> firewall
>>
>> >> (basically just maps the UDP port range needed by WebRTC to 443). Once
>> tuned,
>>
>> >> it's really great.
>>
>> >>
>>
>> >> Neither are E2EE however, just like Zoom isn't (Zoom lied about that).
>> E2EE for
>>
>> >> videoconferencing at scale is really hard.
>>
>> >>
>>
>> >> Cheers,
>>
>> >>
>>
>> >> Julian
>>
>> >>
>>
>> >>>
>>
>> >>> ------------------------------------------------------
>>
>> >>> Sam de Silva | Engagement Advisor
>>
>> >>> sam at loki.network
>>
>> >>> PGP Fingerprint: 15F9 8064 2D76 3F81 D713 6A71 C069 452C BC4F C7D7
>>
>> >>>
>>
>> >>>> On 13 Jun 2020, at 12:28 pm, Yosem Companys <ycompanys at gmail.com>
>> wrote:
>>
>> >>>>
>>
>> >>>>
>> https://www.theguardian.com/world/2020/jun/12/zoom-admits-cutting-off-activists-accounts-in-obedience-to-china
>> <
>> https://www.theguardian.com/world/2020/jun/12/zoom-admits-cutting-off-activists-accounts-in-obedience-to-china
>> >
>>
>> >>>>
>>
>> >>>> So what did we agree is the best end-to-end encrypted alternative?
>>
>> >>>>
>>
>> >>>> I tried Cisco Webex, which is Wirecutter-recommended, but it is
>> glitchy (i.e., the dial-in numbers often do not work).
>>
>> >>>>
>>
>> >>>>
>> https://www.nytimes.com/wirecutter/reviews/best-video-conferencing-service/
>> <
>> https://www.nytimes.com/wirecutter/reviews/best-video-conferencing-service/
>> >
>>
>> >>>> --
>>
>> >>>> Liberationtech is public & archives are searchable from any major
>> commercial search engine. Violations of list guidelines will get you
>> moderated: https://lists.ghserv.net/mailman/listinfo/lt <
>> https://lists.ghserv.net/mailman/listinfo/lt>. Unsubscribe, change to
>> digest mode, or change password by emailing
>> lt-owner at lists.liberationtech.org <mailto:
>> lt-owner at lists.liberationtech.org>.
>>
>> >>>
>>
>> >>
>>
>> >>
>>
>> >>
>>
>> >>> --
>>
>> >>> Liberationtech is public & archives are searchable from any major
>> commercial search engine. Violations of list guidelines will get you
>> moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe,
>> change to digest mode, or change password by emailing
>> lt-owner at lists.liberationtech.org.
>>
>> >>
>>
>> >>
>>
>> >> --
>>
>> >> Liberationtech is public & archives are searchable from any major
>> commercial search engine. Violations of list guidelines will get you
>> moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe,
>> change to digest mode, or change password by emailing
>> lt-owner at lists.liberationtech.org.
>>
>> >
>>
>> >
>>
>>
>> --
>>
>> Liberationtech is public & archives are searchable from any major
>> commercial search engine. Violations of list guidelines will get you
>> moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe,
>> change to digest mode, or change password by emailing
>> lt-owner at lists.liberationtech.org.
>>
> --
> Liberationtech is public & archives are searchable from any major
> commercial search engine. Violations of list guidelines will get you
> moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe,
> change to digest mode, or change password by emailing
> lt-owner at lists.liberationtech.org.

-- 
--
President
Brave New Software Project, Inc.
https://lantern.io <https://www.getlantern.org>
A998 2B6E EF1C 373E 723F A813 045D A255 901A FD89
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/lt/attachments/20200613/0deb7a35/attachment.html>