Is Your Encrypted Video Chat Secure?

rsa vintage encryption videoMore released documents from Edward Snowden show that the US National Security Agency (NSA) has done the unimaginable – cracked encryption codes that secure most of our data. It’s an impressive feat even for the NSA which was created just for code-breaking and now sets the standard for encryption technology. Encryption is important because it’s the main tool used to ensure the security of your web communications whether its Skype video calls, online banking transactions, or sending electronic health records via health portals.

However, as this NPR piece explains, it isn’t so much that using encryption can’t protect data, rather that the NSA has found ways to get around data encryption.  According to a Q&A with Snowden over the web, the NSA’s ability to actually break encrypted data are limited. Instead, the agency typically uses techniques that bypass encryption code-breaking, such as hacking into computer endpoints to gather data either before it has been encrypted or after it has been decrypted. The NSA also works with numerous companies to gather decryption keys or to insert backdoor surveillance technology into applications.  Earlier Snowden document news reports identified some of the biggest Internet companies — Microsoft, Google, Facebook, Yahoo!, Apple — as all having been part of the NSA PRISM surveillance program, despite their stated privacy policies.

The documents also suggest that the NSA has used its influence to introduce weaknesses into its encryption standards (released in 2006), which are used by software and hardware developers worldwide.  These weaknesses can then be used build back doors or to otherwise hack into programs using these standards.

This might be a good time to reconsider your videoconferencing options. Many of our favorite video conferences such as Vidyo, Google Hangouts, BlueJeans, WebEx use a computer architecture that make them a perfect target for NSA wannabes. These systems all send your media streams through a router or middleman server where your data will be decrypted and stored before being delivered to its final endpoint computer. As a sort of central switchboard through which gajillions of users’ videoconferencing sessions must pass, you can see how such servers would make juicy targets. (Btw, VSee never keeps any decryption keys or users’ video conversations on its servers. 🙂 ) The New York Times explains “How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored.”

Learn more about VSee security or see how VSee compares with other video conference systems.

photo credit: bocek.kevin via Flickr

Comments ( 3 )
  • anne
    Abraham says:

    Good Article for protecting private videos over net !!!. Keep more of it coming!
    For people who want to protect your videos in your PC or HDD while sharing with someone I use privatelifex player ( Its a free encryption player the best part is that they have on the fly decryption hence no need to decrypt entire video every time to watch; just give the key and start the playback ;). This did saved many embarrassing moments when I had shared my Laptop or HDD to family and friends

  • anne
    WD says:

    Vsee needs to publish all aspects of their encryption system (RSA Key length, is perfect forward secrecy enabled?, can the system be switched to a constant bit rate codec).

    Otherwise, Vsee risks becoming irrelevant – despite it’s excellent performance.

    Private actors are stealing nation state tools and it’s only a matter of time before the unwary become victims. In 2017, no one can trust companies who can’t (or won’t) publish the details of their security architecture.

  • anne
    anne says:

    Thanks for your feedback, WD.

The comments are now closed.