From Zoom’s advisory: The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. Hopefully Zoom will bring end-to-end encryption to the entire user base, including free users. A second high-severity bulletin was also released with patches for CVE-2021-34422, a path traversal bug affecting Keybase Client for Windows. “In fact it brings it back up in line with other more security and privacy focused companies.”Ī bold move by Zoom, and it perhaps its most significant so far. Of course, if anything changes about Keybase’s availability, our users will get plenty of notice.
When Zoom announced it acquired online encryption key startup Keybase, for many, the reaction was closer to mild than wild.
#KEYBASE ZOOM PLUS#
In the best case, Keybase’s priorities take root at Zoom (strong, verifiable encryption, open-source development), and Zoom provides an open-source client that does everything Keybase does plus end-to-end encrypted web conferencing. Zoom acquires Keybase, but questions remain. Ultimately Keybase's future is in Zoom's hands, and we'll see where that takes us. Zoom may adopt some Keybase features (end-to-end encrypted team messaging), but only make it available to giant corps with giant budgets. There are no specific plans for the Keybase app yet. In a blog post, Zoom called the acquisition, another milestone in its 90-day plan to further strengthen the security of our video communications platform. The companies did not disclose the price tag. "Zoom's privacy updates have certainly been of interest lately and this new add on is by no means a small one,” says Jake Moore, cybersecurity specialist at ESET. What the Keybase team will be doing Initially, our single top priority is helping to make Zoom even more secure. Zoom has acquired Keybase, a security and cryptography company, weeks after the teleconferencing platform faced a backlash over concerns about its privacypolicies. “Sometimes it's easier to buy your way out of a security problem.” MORE FROM FORBES Zoom's 200 Million Users Are Facing A Serious New Threat By Kate O'Flaherty “If Zoom basically can take Keybase's architecture and encryption technology and quickly implements it, it's a huge win,” says Ian Thornton-Trump, CISO at Cyjax. Now Zoom is buying Keybase, it can brush off blows from rivals Microsoft Teams and Google Meet, which have both been trying to capitalize on Zoom’s security misfortunes.
#KEYBASE ZOOM UPDATE#
Previously, Zoom was using an inferior type of encryption using 128-bit AES keys, however, Zoom’s 5.0 update added support for industry-standard AES- GCM with 256-bit keys.
0 kommentar(er)
