WANTING IT BOTH WAYS –
Democratic Senator Richard Blumenthal dings Zoom for false end-to-end crypto claim.
The Connecticut Democrat is a sponsor of the EARN IT (Eliminating Abusive and Rampant Neglect of Interactive Technologies) Act bill that would create incentives for companies to make changes to their platforms. In return, the companies would receive liability protections for any violations of laws related to online child sexual abuse material. Critics of the proposed law, who include the Electronic Frontier Foundation and Sen. Ron Wyden (D-Ore.), Say it’s a Trojan horse designed to allow the government to weaken end-to-end encryption.
A pattern of privacy infringements
Citing a “pattern of security failures & privacy infringements,” Sen. Blumenthal on Tuesday called for the FTC to investigate Zoom
Researchers from Citizen Lab, the University of Toronto group that investigates security and hacking, further reported serious weaknesses in Zoom’s encryption regimen . One flaw was that Zoom “rolled its own” encryption scheme, meaning it used custom algorithms rather than standards that had been widely tested over years. Another flaw: the company use of servers located in China to route meetings for North American participants and distribute encryption keys.
Blumenthal on Tuesday wrote: “The facts & practices unearthed by researchers in recent weeks are alarming — we should be concerned about what remains hidden. As Zoom becomes embedded in Americans’ daily lives, we urgently need a full & transparent investigation of its privacy & security. “
The facts & practices unearthed by researchers in recent weeks are alarming — we should be concerned about what remains hidden. As Zoom becomes embedded in Americans’ daily lives, we urgently need a full & transparent investigation of its privacy & security.
– Richard Blumenthal (@SenBlumenthal)
(April 7,
While Tuesday’s tweets don’t explicitly refer to Zoom’s encryption transgressions, Blumenthal addressed them directly last week when he penned a letter to Zoom CEO Eric Yuan. His tweet accompanying the letter included a link to The Intercept article.
Millions of Americans are now using pic.twitter .com / Vl9XyvxZjb
– Richard Blumenthal (@SenBlumenthal)
(March) ,
“Despite claims in security papers and advertisements that Zoom offers end-to-end encryption for its meetings, technical analysis from The Intercept found that it does not protect the privacy of communications using this form of encryption, “Blumenthal wrote in the March letter. “Zoom users deserve clear and correct answers about how it protects the safety of its users and meetings.” Blumenthal went on to request Zoom to describe when end-to-end encryption is available and how personal data is encrypted.
Watering down encryption
The EARN IT act would designate a commission that would develop “best practices” for Internet services to prevent online online child exploitation . Sponsors introduced the bill after US Attorney General William Barr has repeatedly called for encryption backdoors
The EFF, meanwhile, has said that the commission, which currently numbers , would be “dominated by law enforcement agencies” that have repeatedly urged tech companies to weaken encryption and implement the same backdoors Barr has demanded.
By definition, end-to-end encryption can’t have backdoors. Sen. Blumenthal, whose staff did return a call seeking comment for this post, seems to want things both ways — end-to-end encryption to protect Zoom users and, at the same time, a law widely believed to be an attempt to undermine it.
() (Read More ) 
GIPHY App Key not set. Please check settings