undefined | Better HN

0 pointsbartread5y ago0 comments

I really shouldn't rise to this but, OK, let's do this.

The comment I quoted by TC was clearly intended as a general point with broad application across tech companies, not just Zoom. Now either TC meant that, in which I disagree as outlined in my previous comment, or they didn't, in which case it's sloppy phrasing and journalism.

> Btw, If you think that what we've seen over the last few years is that commentating on tech is an easy career to make a living at, you haven't been paying attention to the state of journalism.

I said it was easy to commentate or critique (it is, and it happens on HN all the time). I didn't say it was easy to make a career out of it nor, frankly, do I think it should be. There are far too many lazy, bottom-feeding media outlets in the world and not nearly enough good ones, so I will not shed a tear for the demise of the former.

To address your specific points about Zoom: it is demonstrably false that "every other messaging system in the world has been moving to end to end encryption".

Microsoft Teams does not implement end to end encryption for audio or video meetings because they can't: they support dialling into meetings using the plain old telephone system meaning that the back-end services become an endpoint and have to be able to decrypt traffic. Sure, Teams could do it for text chat (and it's even a suggestion on UserVoice: https://microsoftteams.uservoice.com/forums/555103-public/su...) but, as far as I'm aware, they don't even do that yet.

Whether that's a big deal or not depends on your use case.

That Zoom lacks E2E encryption is not the problem: that they claimed to implement E2E encryption when they don't is. Contrast with Microsoft, who don't claim E2E encryption for Teams and, as a result, there is no significant controversy.

Some people and use cases do need E2E encryption but, for many, the trade-offs aren't yet worth it.

As already highlighted you lose support for POTS, which in my experience is used pretty regularly: e.g., people on the move, or dialling in from outside the organisation.

Another example: I suspect E2E encryption would make it difficult, even with modest numbers of participants to implement Zoom's gallery view because they'd have to send all encrypted streams in full to all participants, and clients would have to decrypt and decode all video streams. Even if it didn't prove overwhelming from a bandwidth perspective, it would eat CPU and drain battery life very quickly. Without E2E you can decrypt and multiplex on the server side then re-encode and re-encrypt to reduce bandwidth usage over the network and resource usage on clients.

Of course, this isn't insurmountable: clients could send two encrypted streams, one hi-def, and one for gallery view, and the server could route them to clients as appropriate depending on their viewing preferences. Still, this probably isn't as efficient as dealing with it on the server side.

(Obviously you might not care about gallery view, but it seems really popular for remote social gatherings.)

It's all about trade-offs: for virtual pub with my friends, I don't really care about E2E encryption, but gallery view is really great. I don't even care about E2E encryption at work that much - certainly not enough to make it more difficult for people to dial in to meetings.

But, as I say, none of this is the issue: the issue is the claims Zoom are making about their product.

0 comments

xenonite5y ago

1) false claims are a indeed problematic because they erode trust in Zoom

2) having no E2E is more dangerous in Zoom than with other software

For example, there is no E2E in Teams, but we have it running on servers in the same country with no direct US/CN connection. Or even better: run it on your own servers in a DMZ. Then, E2E is not so crucial any more.

jeioro89nj5y ago

This is all emotionally subjective clap trap.

So you were right, you shouldn’t have bothered.

Websites have always been the least interesting tech out there. Nuclear powered cars and helicopters to work all over again. Pipe dreams. Circular fetishism of ones cleverness.

Of course, it’s low hanging fruit relative to hardware. It attracts a lot “visionaries” who don’t realize they’re just peddling a different form to collect the same details as the last guy. And using stats to curve social agency. Good job, Nielsen.

Middle men in the flow of financial capital. Grifters of the highest order.

I host my own shit now, providing basic frontend to family & friends. They’ve all dumped private Corp services in their personal lives. Once it’s polished I’ll be publishing the setup and HOWTO videos.

Oh look how hard it all is! Better externalize all real effort in my life!

Traditional values “distract people from their life to build your ego fluffing flock rather than teach self sufficiency.”

Web companies can fuck off.

j / k navigate · click thread line to collapse