For Webex Teams, the customers can run their own key management server[1]. Traffic gets decrypted using customer-controlled keys running on their own hardware.
For Webex Meetings the media traffic can be encrypted end to end[2]. Of course it breaks all cloud-based features (network recordings, transcriptions, join via web...) but for some users that is the better choice.
[1] https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cloudCol...
[2] https://help.webex.com/en-us/WBX44739/What-Does-End-to-End-E...
It almost seems like a pipe dream.
This should be an easy business opportunity. Give me easy access, E2E encryption, simultaneous screen sharing, whiteboarding, ability to mute other folks, good quality video/audio and I'll pay you thousands of dollars per year for my company to use that service in exchange for not routing my traffic through China.
I have to use both Zoom and Meet for various calls, and being able to send a link to someone and know it will work without anything being installed is a big bonus for Meet. I think Zoom has better quality, though.
I.e. if Facebook was completely open source it still wouldn't prevent governments from demanding access to all data stored there.
Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1].)
[0]: VPN, Signal or possibly Tor (I haven't studied that option too closely) seems like the most approachable solutions options.
[1]: For example WhatsApp seems like a nice option since it uses E2EE but on closer inspection one realizes that it uploads all data to Google Cloud, obfuscate but not encrypted.
I disagree. If Facebook was completely open source, people would create alternative servers compatible with the original implementation and steal the users who disagree with the surveillance. Only the proprietary walled garden keeps Facebook alive now.
> Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1].
But how can you trust that a proprietary software actually implements E2EE? You need the source code to verify that.
It's called network effect. Just because it is open source won't magically make it federated and it certainly won't - magically or otherwise - convince a majority of users to leave their friends behind for a new network.
>> Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1]. But how can you trust that a proprietary software actually implements E2EE?
> You need the source code to verify that.
That doesn't help unless you have a verifyable build process.
That's why I wrote about alternative compatible servers creation. Do you think it would be impossible?
> That doesn't help unless you have a verifyable build process.
This is true, and reproducible builds are getting better every day: https://reproducible-builds.org/