That, and this is probably in large part a marketing/PR move.
Public perception of zoom/security is "beyond horrible", thus visibly spending lots of money on an acquisition of a very well respected name in security helps them polish that image at least a little.
And who knows, maybe they'll even work on actually improving security. Always the hopeless romantic/optimist, me. ¯\_(ツ)_/¯
I'd say you overestimate that. Perhaps 0.01% of the public knows that Keybase exists and has a bad opinion of Zoom security. Expert's opinion is important, but does not automatically become general perception.
(Anecdatum, I'm far from a security expert. I know that Keybase exists, even have an unused account; I use Zoom for work and don't blame them for not locking up tighter. Their blog post on the topic sounded reasonable to me.)
> Perhaps 0.01% of the public knows that Keybase exists and has a bad opinion of Zoom security. Expert's opinion is important, but does not automatically become general perception.
This is true, but perhaps a bit short-sighted. Expert opinion on Zoom is "avoid it like the plague". This does not automatically become general perception, true, but:
- Over time, expert opinions have a marked effect on adoption by non-experts in their vicinity. See the adoption of Firefox, or Google Chrome, for example.
- For a social networking platform, powerful well-connected never-adopters can pose a problem both to growth and to a budding monopoly. If CIOs and CISOs say, "Zoom over my dead body", that will tend to discourage adoption and encourage development of good alternatives.
Zoom may be also managing the perceptions. Some users will jump to conclusions that the aquisition means integration, like an plug-in, bam! the bad part swapped with a good one.
Hiring consultants may be perceived like starting an investigation, not getting the fix now.
The question remains how soon and how true this will translate to the stated goal of true end to end encryption.
