|
|
|
|
|
|
by hadcomplained
2067 days ago
|
|
|
> the code is developed 100% in mainland China I am under the same impression and have some circumstantial evidence supporting it as someone who's been inspecting the code of the Zoom client (just for fun): their Windows client uses a 3rd party library that is used virtually only in China whose documentation is available only in Mandarin. On a tangential note, I got surprised to see no traces of attempts to make inspection harder on their client software. Even function names remain intact in some cases, which I assume would not happen if they had a malicious intent like embedding a backdoor. > We need to promote our own opensource and free tools to our friends and family, we will get the last laugh. Although I agree that there should be viable alternatives to available tools for online communication without the possibility of being eavesdropped, I can see why such things do not exist. It'd be too inconvenient for the law enforcement. And if you take things from the perspective of whether that thing makes the job of the law enforcement harder, you'd notice such things tend not to exist. As a principle, popular software should not have a means to prevent data going through the software from getting inspected by the law enforcement. Does Dropbox offer end-to-end encryption? Of course not. Is there a popular easy-to-use disk encryption software? There was TrueCrypt, which is gone for an obvious reason. Does Gmail implement end-to-end encryption for emails? Of course not... |
|
|
For what it's worth, this is a bad assumption.
Someone hiding bad behavior from a reverse engineer wants it to be in friendlyMisnamedFunction, not in lkjwer23_aic. If you remove all the English semantics from the binary, a reverser is free to focus on the behavior; if you don't, you can lure them into a false sense of security.