Surprised they took the path of acquiring Keybase and hiring Alex Stamos (ex FB CISO) vs. hiring Moxie Marlinspike and other respectable professionals. Keybase's reputation has become eroded with their recent crypto currency signing nonsense.
Zoom's problems aren't really a matter of having security talent, they're a matter of the company as a whole not prioritizing security. Fixing the former doesn't fix the problem, it just makes for good PR. The latter is a requirement for the former.
Assuming Zoom is really trying to fix the problem, it makes a lot of sense to bring in management (and/or teams) who have experience with bringing security into engineering culture, as opposed to individual security experts who may not even want to work for Zoom in the first place.
Exactly. It was part of their 90-day strategic move in Zoom Security.
From this article: [0]
> Within days, Stamos was on the phone with Keybase co-founder Max Krohn, and the teams started working toward a deal. Yuan said after he talked with Krohn and dug into Keybase’s software, he was convinced this was the right deal.
https://en.wikipedia.org/wiki/Moxie_Marlinspike