[tw04]

So don't claim you do end-to-end encryption? And don't put a green lock signifying end-to-end encryption in the client when you aren't actually doing end-to-end encryption?

You act as if they're the innocent victim here. They literally made indicators and showcase them in the client to signify encryption when they aren't doing it. If you send your kids to school and the teacher says they're being fed everyday, but then you find out a year later that kids with allergies just don't get lunch, you're OK with that? Or would you expect them to tell you UP FRONT about the caveats?

[saiongole]

Not disputing your core point but I think its important not to confuse the green padlock with end-to-end encryption. It only tells you that the data is sent over a secure connection to the server. The transmitted data itself is not encrypted.

[jamesaepp]

I'm not sure what you mean by the "transmitted data itself is not encrypted". The payload (the packet above layer 5) is encrypted. The distinction people need to make is who the _confidentiality_ applies to. The communications are not confidential between the callers/callees. The communications are only confidential between Zoom servers and the users. The provider sees all.

I think you understand this but maybe you didn't word it quite correctly. Never confuse confidentiality with encryption is the take-away that we as an industry need to do a better job telling our users about.

Edit: Well the communication isn't ONLY confidential between users & zoom but I'm simplifying for point of brevity.