Mandatory Zoom 5.0 Upgrade Coming Soon

We looked at Zoom’s valuation in a previous blog. Their stock value was around $120/share six weeks ago and has climbed to around $170/share. There was even a funny, yet real, blog by Iman Gosh at Visual Capitalist pointing out Zoom’s value is higher than all the major airlines combined.

Zoom’s PE (price-to-earnings) ratio is 2,000. To put that in context, the typical average PE ratio is usually 17; in the last 10 years we tend to see an average PE of 20. Anything in the 50 PE ratio range usually indicates major profits on the horizon or the stock is overvalued and about to crash. Netflix, for example, drew a lot of attention years ago when their PE ratio got to >400, so you can imagine why a PE ratio of 2,000 is insane.

Is the stock market predicting major profits incoming? Or is it time to sell? Zoom’s CEO, CFO, and Chief Marketing officer are all selling off stock. If I had any Zoom stock I would be selling now as well; even if you believe in the company, it’s probably overvalued.

Zoom is under investigation by the FTC over privacy concerns, not the SEC, and has not been indicted. Just because you can be investigated anytime and doesn’t mean anything of consequence will happen. This is probably more of a short-seller news story and may go away after the introduction of Zoom 5.0.

Zoom 5.0

The new version of Zoom will be mandatory on May 30th. It has been available since April 27th as an optional upgrade but users running older versions will not be able to join calls after the 30th. Many very good enhancements have been added to client: SSH uses GCM encryption, IPsec, OpenVPN, TLS, and others as well. Zoom suffered heavy criticism over encryption so they smartly added the industry standards to their client software.

They have also added security features like the ability to report users, enable waiting rooms, lock meetings, and remove participants. All very good additions to their product. Have a look at the Zoom 5.0 info page for all the details.

Keybase

Zoom may have bought Keybase to bolster their encryption aspirations but it is important to note that “the encryption keys for each meeting are generated by Zoom’s servers.” Unfortunately if they control the keys they can decode the video. True end-to-end encryption keeps the keys on endpoints. Adjusting this model will not be a short term fix; Zoom will need time to redesign and integrate Keybase into their software. This is why they aren’t promising anything.

Zoom also states that they have “not and will not build a mechanism to decrypt live meetings for lawful intercept purposes.” 

Lets assume for a moment that this is true. They operate in the USA which subjects them to the Digital Collection System Network aka general mass surveillance. The CALEA (Communications Assistance for Law Enforcement Act) obligates Zoom to design lawful intercept into their infrastructure. Zoom must provide a suspected criminal’s video chats if law enforcement supplies a warrant or suffer the expense of $10,000/day/warrant. It will be interesting to see how this scenario unfolds when the first warrants arrive. Will Zoom pull an Apple and pay the fine to maintain user privacy or will they submit?