I find it quite surprising that government agencies around the world are even considering using a US/Chinese-hosted video-conferencing system. Both countries have a long history of spying on pretty much all foreign nations wherever possible.
One way to solve this is to not ask customers to trust blindly.
For Webex Teams, the customers can run their own key management server[1]. Traffic gets decrypted using customer-controlled keys running on their own hardware.
For Webex Meetings the media traffic can be encrypted end to end[2]. Of course it breaks all cloud-based features (network recordings, transcriptions, join via web...) but for some users that is the better choice.
The 'escape' is for governments to have their own semi-competent IT departments that can maintain the digital infrastructure needed to run the government.
I'm all for free software bjt it doesn't necessarily help so much against surveillance.
I.e. if Facebook was completely open source it still wouldn't prevent governments from demanding access to all data stored there.
Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1].)
[0]: VPN, Signal or possibly Tor (I haven't studied that option too closely) seems like the most approachable solutions options.
[1]: For example WhatsApp seems like a nice option since it uses E2EE but on closer inspection one realizes that it uploads all data to Google Cloud, obfuscate but not encrypted.
> I.e. if Facebook was completely open source it still wouldn't prevent governments from demanding access to all data stored there.
I disagree. If Facebook was completely open source, people would create alternative servers compatible with the original implementation and steal the users who disagree with the surveillance. Only the proprietary walled garden keeps Facebook alive now.
> Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1].
But how can you trust that a proprietary software actually implements E2EE? You need the source code to verify that.
> If Facebook was completely open source, people would create alternative servers compatible with the original implementation and steal the users who disagree with the surveillance. Only the proprietary walled garden keeps Facebook alive now.
It's called network effect. Just because it is open source won't magically make it federated and it certainly won't - magically or otherwise - convince a majority of users to leave their friends behind for a new network.
>> Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1].
But how can you trust that a proprietary software actually implements E2EE?
> You need the source code to verify that.
That doesn't help unless you have a verifyable build process.
As terrible as Zoom is on security--they have a product that nobody else has created. I just want to click on a link from my email or from a text message and enter a meeting. With WebEx, I have to enter a 16 digit PIN code that I can never type right, right after dealing with browser plugins that doesn't work on my Mac. With Teams, I have to log in to my corporate domain, that doesn't like me using my personal device. Amazon Chime is a fairly decent alternative, I like the fact that it calls ME in advance of a meeting, but still requires downloads and isn't a video-centric product.
This should be an easy business opportunity. Give me easy access, E2E encryption, simultaneous screen sharing, whiteboarding, ability to mute other folks, good quality video/audio and I'll pay you thousands of dollars per year for my company to use that service in exchange for not routing my traffic through China.
Google Meet hits almost all your criteria (not E2E encypted AFAIK). It even works right from your browser.
I have to use both Zoom and Meet for various calls, and being able to send a link to someone and know it will work without anything being installed is a big bonus for Meet. I think Zoom has better quality, though.
skype just announced Meet Now functionality with a simple link and no login required to access conferences. Jumping right into their web version which is what always should be preferred