[upofadown]

OK, this makes things clearer. Zoom does in fact encrypt their streams from client to client but they have easy access to the keys.

In their recent post about this question they apologize for what they admit to be an incorrect use of the phrase "end to end encryption". They base this on the existence of things like the gateways used to the regular telephone network.

It seems like an odd way to spin this. Why didn't they just state that the data is encrypted "end to end" and then leave it at that? Apple supposedly has access to the keys used to encrypt FaceTime calls but they happily involve the "end to end encryption" marketing phrase. I don't see why Zoom couldn't do the same. The way Zoom has handled this could of been a lot better.

I think the world needs a consumer standard for cryptography. Something like:

* Level 1 for the case where any eavesdropper can get the plain text.

* Level 2 for when just the provider can get the plain text.

* Level 3 for when just the users can get the plain text.

Most of what is being described as "end to end encrypted" these days is really just level 2 even in the case where the provider does not have the keys due to the fact that the provider can trivially MITM the traffic. The general public should be made aware of the distinction without having to dig into the technical details.

[xtian]

Apple does not have access to FaceTime keys or iMessage keys for that matter. They are truly end-to-end encrypted, and I don’t think there is any need to cheapen or muddy the term for the sake of marketers.

[ec109685]

They can still write software to insert themselves into the key exchange flow and eavesdrop on a conversation. E.g. I don’t believe there is anything stopping Apple from pretending a participant bought a new device.

[thebean11]

That's a much less scary attack vector though, since they would also need to somehow impersonate the participants voice or image right?

[upofadown]

Think of it as aiming a phone at another phone. Apple would decrypt everything and then reencrypt it.

[xtian]

How would they spoof the 2FA from an existing device?

[upofadown]

Perhaps as that was based on random internet comments. FaceTime still ends up at level 2 with Zoom and the rest because Apple can MITM the traffic without much trouble. There is no provision for the user to prevent/detect a MITM attack in FaceTime or iMessage.

[xtian]

So you’re saying there should be a three-level consumer standard where the third level excludes any possible consumer product? Please don’t pretend that Apple and Zoom’s approaches are equivalent here. There is a substantial difference that deserves to be acknowledged. Anyone whose threat model includes Apple subverting their own security architecture shouldn’t be using any communication platforms.

[upofadown]

There is nothing wrong with allowing a consumer to verify that they are talking to who they think they are talking to. Is Signal a consumer product?

Zoom specifically states that they do not have access to session keys. Apple doesn't even make such a statement.

[xtian]

What prevents Signal from MITMing their app?

[upofadown]

The way everyone else does it. The user can verify the key fingerprint. Signal calls it the safety number.

[zepto]

Apple doesn’t have access to the keys used to encrypt FaceTime calls. They are in fact end to end. Zoom is not.

https://support.apple.com/en-us/HT209110

[amaccuish]

Yes, Apple literally doesn't have access to the keys if they do nothing. If they do something, they have very easy access to the keys.

[zepto]

That’s true in principle in every case where the software can be remotely updated.

However in practice, making public statements like this and breaking them would have enormous reputational costs.

Apple has put up a bigger stake on the truth of their encryption story than anyone else.

[upofadown]

That's just a bald statement by the entity that would have to be deceitful. It doesn't even specify how the key exchange is done.

[zepto]

I was responding to a ‘bald claim’ made by someone with no reputation at stake.

Apple’s statement is stronger.