Read on Twitter
We should all stop using Zoom (highly intrusive w/ security vulnerabilities) and move to a more secure, non-proprietary alternative like Jitsi: https://jitsi.org/jitsi-meet/
Zoom is also CALEA compliant, which means they can intercept and record meetings on law enforcement request. https://twitter.com/Ouren/status/1241398181205889024
Zoom is also CALEA compliant, which means they can intercept and record meetings on law enforcement request. https://twitter.com/Ouren/status/1241398181205889024
Jitsi is very easy to use and you don't even need to create an account. Just go to https://meet.jit.si and type a name for your room and share the url
Even if you don’t make an account w/ Zoom, it will collect and keep data on what device you’re using and your IP address. It also collects information from your Facebook profile and any “information you upload, provide, or create while using the service.” https://protonmail.com/blog/zoom-privacy-issues/
Even with Jitsi, the only real way to run it securely is to self-host by deploying it on your own server. https://twitter.com/heresysquad/status/1244914710329405440
For 10 participants or less, there's @wire which also has some issues (keeps more metadata than Signal, new US investment forced them to move from CH to US) but the encryption is based on their own implementation of Signal’s double ratchet protocol & is the the most secure option
More info on Zoom’s intrusion of privacy and numerous serious security issues, and best practices for securely running Jitsi, and other alternatives: https://we.riseup.net/eroseffect/video-conferencing-tool-info
Zoom has been lying about its claims to offer End-to-End (E2E) Encryption in their misleading marketing, when it actually does not. Zoom intentionally co-opted the term "end to end encryption" to mean something else by changing how they define "end point". https://twitter.com/trevortimm/status/1244990579705958400
Now that we know Zoom lied about having end-to-end encryption, this means they can spy on meetings and hand over recordings to law enforcement on demand. And unlike other companies (Google, Facebook, Microsoft), Zoom does not publish a transparency report. https://theintercept.com/2020/03/31/zoom-meeting-encryption/
Zoom claims it doesn't "directly access, mine, or sell user data". Its privacy policy says "Depends what you mean by sell" & that they don’t sell personal data for money but do share w/ 3rd parties for “business purposes" & may pass personal info to Google https://protonmail.com/blog/zoom-privacy-issues/
