[luckylion]

> My understanding is that they do in fact have end-to-end-encryption between Zoom clients, it's just that when you join via a dial-in phone number, the connection is (of course) not encrypted between your phone and the system you're dialing into.

Which means, there is no end-to-end-encryption. Zoom knows the key but does not decrypt the data unless they need to to let a member join via phone. You need to trust Zoom that they keep their promise not to decrypt your communication, there is no technical hurdle.

[geofft]

How is that meaningfully different from a system like Signal or iMessage where you need to trust Zoom that when they say "this is Bob's fingerprint" they're actually giving you Bob's fingerprint and not their MITM key? They still need to keep their promise, there still is no technical hurdle.

(Signal gives you the option to verify fingerprints out-of-band but their UI discourages using it; iMessage doesn't even do that. I mean, maybe the answer is we collectively decide to stop calling iMessage end-to-end-encrypted....)