The video conferencing platform that has seen a massive growth after Covid-19 pandemic broke out is now under serious scrutiny for security issues
Since the global lockdowns for coronavirus forced people to work from home, video conferencing became more important than ever for professionals. As everyone began to look for a platform that can help make meetings online, people stumbled on different services. But one app seemed to have fared better than most: the hitherto little known Zoom. However, a recent slew of bad press may have stopped the company owners mid-celebration.
In March alone the company saw a 535% rise in daily traffic to its Zoom.us download page, according to analytics firm SimilarWeb. From schools to high-profile government officials, everyone needing video conferencing began to use Zoom, including the British prime minister, Boris Johnson, and the former US federal reserve chair Alan Greenspan.
And for good reasons too. The program has an array of usable features packed within a very user friendly interface, as millions have now discovered. “No tech company on Earth is doing more to keep civilization working at a time when it could so easily fall apart. Zoom does that by providing an exceptionally solid, reliable, friendly, flexible, useful (and even fun!) way for people to be present with each other, regardless of distance. No wonder Zoom is now conferencing what Google is to search. Meaning: it’s a verb,” wrote prominent tech journalist David Searls.
Bangladesh too has seen an increased use of Zoom. Khadiza Afrin, an academic supervisor with an English medium school in Dhanmondi, began using Zoom to conduct staff meetings and the school instructed its students to download Zoom to attend online classes. As she conducted a training session with her colleagues on how to use the platform, one teacher raised concerns about its security, citing the report by Guardian, which quotes Prof Narayanan.
Since the recent outrage, Zoom has been served a legal letter from New York’s attorney general Letitia James asking it to outline the measures it had taken to address security concerns in light of the sudden rise in its user base.
In response Zoom assured that the company “takes its users’ privacy, security, and trust extremely seriously,” and it is “working around the clock to ensure that hospitals, universities, schools and other businesses across the world can stay connected and operational” during the Covid-19 lockdowns, its spokesman told the Guardian newspaper.
On Thursday Zoom announced it will cease all new feature development and engage all of its engineering resources toward solving the issues that have been raised in recent weeks.
What are the issues?
One of the glaring security problems with Zoom is video hijacking, known as ‘Zoom-bombing.’ Hackers intrude into video meetings, often to shout abuse at the users. In late March 2020, a Massachusetts-based high school reported that while a teacher was conducting an online class using Zoom, an unidentified person dialed into the classroom. This individual yelled a profanity and then shouted the teacher’s home address in the middle of instruction.
Zoom has now released a guideline on how to prevent unwanted guests from infiltrating video meetings and a spokesman told the Guardian it had also been working to educate its users on protections through blog posts and webinars.
But there are other problems too. Not only Zoom did not have end-to-end encryption, it had falsely claimed that it did. Now under sudden scrutiny the company confirmed on Wednesday in what proved to be further PR disaster that end-to-end encryption was not possible on the platform, and the company apologizes for “incorrectly” suggesting the opposite.
As if that wasn’t enough, it had earlier surfaced that Zoom installed secret server on user devices that could be used to add a user to a call without their permission, and more recent discovery found a bug that could enable hackers to take over a Zoom user’s Mac computer, which in turn enable them to control the webcam and the microphone.
The problems are so aggressively intrusive that Arvind Narayanan, the associate computer science professor at Princeton said the program was as problematic as a malicious software. “Let’s make this simple, Zoom is malware,” he said.
Other than this, an investigation by Motherboard found that Zoom sends data from users of its iOS app to Facebook for advertising purposes, even if the user does not have a Facebook account, which was cited in a lawsuit filed with a court in California last week. The suit accuses Zoom of failing to “properly safeguard the personal information of the increasing millions of users” on its platform.
Zoom’ CEO Eric S Yuan on Sunday acknowledged the problems saying that the company moved too fast but is working to fix the issues.
Should you still use it?
The good news is that despite all these problems, you are probably fine using Zoom. Here’s why: the company started like all tech companies do - with a revenue model that relies heavily on user data and morally questionable tactics for acquiring them.
However, with the company suddenly becoming a global phenomenon and enjoying an incredibly rapid growth, the shareholders and executives were probably scrambling to fix these issues even without the bad press.
The company is being jolted awake to the growing outcry and began to heed the concerns. This means it is likely to cease its unseemly activities out of its own self-interest, and begin to trust its otherwise excellent tech to take the company forward. This in turn means that you are probably safe using the program. But if you still have doubts, there’s always Google Hangout.