source code
Power

Zoom finds a balance between privacy and policy

The company said it will enable end-to-end encryption for everyone on the service, and says it can do it without sacrificing its "ability to prevent and fight abuse on the platform."

Zoom in use

The challenges for Zoom now are similar to those Facebook faces as it tries to pivot to privacy: Privacy is a good thing, except when it protects bad guys.

Photo: Courtesy of Zoom

Say this for Zoom: The company's certainly quick on its feet. After creating a backlash for the umpteenth time this pandemic by saying its end-to-end encryption feature would be for paying customers only, then making it worse by saying that decision was made so Zoom could better cooperate with law enforcement, then tripling down by removing a Chinese dissident from the service at the request of the Chinese government, Zoom … changed its mind in a big way.

On day 77 of Zoom's 90-day plan to rethink everything about its security plans, the company said it will enable end-to-end encryption for everyone on the service, and released designs for its encryption on GitHub. And, CEO Eric Yuan said, Zoom can do it without sacrificing its "ability to prevent and fight abuse on the platform."

  • Yuan said that Zoom talked to civil rights groups, government organizations, child-safety advocates, encryption experts and more since its initial announcement a few weeks ago. Clearly, and perhaps unsurprisingly, those groups told Zoom that more encryption is better.
  • Starting in July, when you schedule a meeting, you'll be able to choose to have end-to-end encryption. (There'll be a new button in the interface.) But there are limitations: Encrypted calls can't include regular phone callers, for instance.
  • For business accounts, administrators will be able to toggle encryption either for a specific user or the whole organization.

The challenges for Zoom here are similar to those Facebook faces as it tries to pivot to privacy: Privacy is a good thing, except when it protects bad guys. Zoom may not have the same sort of public-moderation issues, but full encryption would make it harder to keep out Zoombombers or figure out who's creating accounts en masse.

  • Most of Zoom's changes in recent weeks have been about giving admins and users more control over who comes into a meeting and what they can do once they're in there. But the company still feels it needs ways to keep some tabs on the platform and its users.
  • In this case, Zoom users on free and basic plans will be asked to verify some information about themselves — like a phone number — in order to turn on the feature. Zoom is still trying to make sure it can weed out problematic users, so it's trading "info about your chats" for "info about our users."

Zoom's still tweaking the encryption system and soliciting feedback on GitHub. "Until things are out the door, there's really no reason to cut off feedback," said Max Krohn, Zoom's head of security engineering. I've seen a few people complain about Zoom collecting more information about users, but in general the reaction to this news seems to be that Zoom came around and did the right thing. Even if it took a few wrong turns along the way.

This article will appear in tomorrow's edition of our daily newsletter Source Code. Sign up here.

 David Pierce

David Pierce ( @pierce) is Protocol's former editorial director. Prior to joining Protocol, he was a columnist at The Wall Street Journal, a senior writer with Wired, and deputy editor at The Verge. He owns all the phones.

zoom videoconference video chat source code
cybersecurity
Enterprise

Microsoft Exchange Online users face a key security deadline Saturday

The company will start disabling a highly vulnerable login option, known as "basic authentication," beginning on Oct. 1 — though customers will have one chance to buy more time to transition off the system.

Microsoft has been seeking to prod businesses to move off basic authentication for the past three years, but "unfortunately usage isn’t yet at zero," it said in a post earlier this month.

Illustration: Christopher T. Fong/Protocol

Microsoft is about to eliminate a method for logging into its Exchange Online email service that is widely considered vulnerable and outdated, but that some businesses still rely upon.

The company has said that as of Oct. 1, it will begin to disable what's known as "basic authentication" for customers that continue to use the system.

Keep Reading Show less
Kyle Alspach

Kyle Alspach ( @KyleAlspach) is a senior reporter at Protocol, focused on cybersecurity. He has covered the tech industry since 2010 for outlets including VentureBeat, CRN and the Boston Globe. He lives in Portland, Oregon, and can be reached at kalspach@protocol.com.

mfa microsoft office 365 authentication cybersecurity
sponsored content
Sponsored Content

Great products are built on strong patents

Experts say robust intellectual property protection is essential to ensure the long-term R&D required to innovate and maintain America's technology leadership.

Every great tech product that you rely on each day, from the smartphone in your pocket to your music streaming service and navigational system in the car, shares one important thing: part of its innovative design is protected by intellectual property (IP) laws.

From 5G to artificial intelligence, IP protection offers a powerful incentive for researchers to create ground-breaking products, and governmental leaders say its protection is an essential part of maintaining US technology leadership. To quote Secretary of Commerce Gina Raimondo: "intellectual property protection is vital for American innovation and entrepreneurship.”

Keep Reading Show less
James Daly
James Daly has a deep knowledge of creating brand voice identity, including understanding various audiences and targeting messaging accordingly. He enjoys commissioning, editing, writing, and business development, particularly in launching new ventures and building passionate audiences. Daly has led teams large and small to multiple awards and quantifiable success through a strategy built on teamwork, passion, fact-checking, intelligence, analytics, and audience growth while meeting budget goals and production deadlines in fast-paced environments. Daly is the Editorial Director of 2030 Media and a contributor at Wired.
sponsored sponsored content
cryptocurrency
Fintech

Gavin Newsom shows crypto some California love

“A more flexible approach is needed,” Gov. Newsom said in rejecting a bill that would require crypto companies to get a state license.

Strong bipartisan support wasn’t enough to convince Newsom that requiring crypto companies to register with the state’s Department of Financial Protection and Innovation is the smart path for California.

Photo: Jerod Harris/Getty Images for Vox Media

The Digital Financial Assets Law seemed like a legislative slam dunk in California for critics of the crypto industry.

But strong bipartisan support — it passed 71-0 in the state assembly and 31-6 in the Senate — wasn’t enough to convince Gov. Gavin Newsom that requiring crypto companies to register with the state’s Department of Financial Protection and Innovation is the smart path for California.

Keep Reading Show less
Benjamin Pimentel

Benjamin Pimentel ( @benpimentel) covers crypto and fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Google Voice at (925) 307-9342.

cryptocurrency gavin newsom california crypto regulations
slack
Workplace

Slack’s rallying cry at Dreamforce: No more meetings

It’s not all cartoon bears and therapy pigs — work conferences are a good place to talk about the future of work.

“We want people to be able to work in whatever way works for them with flexible schedules, in meetings and out of meetings,” Slack chief product officer Tamar Yehoshua told Protocol at Dreamforce 2022.

Photo: Marlena Sloss/Bloomberg via Getty Images

Dreamforce is primarily Salesforce’s show. But Slack wasn’t to be left out, especially as the primary connector between Salesforce and the mainstream working world.

The average knowledge worker spends more time using a communication tool like Slack than a CRM like Salesforce, positioning it as the best Salesforce product to concern itself with the future of work. In between meeting a therapy pig and meditating by the Dreamforce waterfall, Protocol sat down with several Slack execs and conference-goers to chat about the shifting future.

Keep Reading Show less
Lizzy Lawrence

Lizzy Lawrence ( @LizzyLaw_) is a reporter at Protocol, covering tools and productivity in the workplace. She's a recent graduate of the University of Michigan, where she studied sociology and international studies. She served as editor in chief of The Michigan Daily, her school's independent newspaper. She's based in D.C., and can be reached at llawrence@protocol.com.

slack dreamforce dreamforce 2022 productivity salesforce
housing

LA is a growing tech hub. But not everyone may fit.

LA has a housing crisis similar to Silicon Valley’s. And single-family-zoning laws are mostly to blame.

As the number of tech companies in the region grows, so does the number of tech workers, whose high salaries put them at an advantage in both LA's renting and buying markets.

Photo: Nat Rubio-Licht/Protocol

LA’s tech scene is on the rise. The number of unicorn companies in Los Angeles is growing, and the city has become the third-largest startup ecosystem nationally behind the Bay Area and New York with more than 4,000 VC-backed startups in industries ranging from aerospace to creators. As the number of tech companies in the region grows, so does the number of tech workers. The city is quickly becoming more and more like Silicon Valley — a new startup and a dozen tech workers on every corner and companies like Google, Netflix, and Twitter setting up offices there.

But with growth comes growing pains. Los Angeles, especially the burgeoning Silicon Beach area — which includes Santa Monica, Venice, and Marina del Rey — shares something in common with its namesake Silicon Valley: a severe lack of housing.

Keep Reading Show less
Nat Rubio-Licht

Nat Rubio-Licht is a Los Angeles-based news writer at Protocol. They graduated from Syracuse University with a degree in newspaper and online journalism in May 2020. Prior to joining the team, they worked at the Los Angeles Business Journal as a technology and aerospace reporter.

housing tech hub los angeles startups big tech
Latest Stories
Bulletins