[duxup]

There was a time when outside traffic routed through china. I believe zoom said it was a mistake.

I'm not convinced that a setting alone should provide much confidence in terms of traffic routing considering that it can always be changed independent of what setting in the application you make.

[bonestamp2]

> I believe zoom said it was a mistake.

Yes, zoom said it was unintentional.

For me, that's hard to believe. They weren't routing the call itself through China, they were just sending the encryption keys to a server in china. That seems pretty intentional. Even if they weren't routing the call through China from a user's perspective, their US server could still be sending the call data to China or recording the call for playback (from China) later. Their track record around security is so bad that I would stay as far away as possible.

[duxup]

I'm skeptical too.

Unfortunately for folks who are good actors in other non free countries countries... I find any sort of development or real world controls that are in a seriously non free country... automatically suspicious.

Even good individual developers who have the best of intentions in those places could be subject to pressure and the likelihood we'd ever hear about it is near zero in many of those places.

Granted that 'could' happen in more free countries, but I'll hedge my bets there as there's a great deal more likelihood I would hear about it.

[0xy]

A product developed almost entirely within China is beholden to the whims of the CCP. Especially a billion dollar company. There is literally no escaping this reality.

If the CCP wants the keys, they'll get them.