![]() ![]() Zoom has taken accountability for many of its security and privacy failings, which is always a positive step. Meanwhile, many organisations that previously didn’t rely on software (and therefore didn’t have processes in place to manage the way technologies were rolled out) simply plumped for the most cost-effective solution without considering security concerns. Unfortunately, the suddenness with which employees were requested to work from home meant that organisations needed quick solutions. Likewise, under ordinary circumstances, an organisation’s IT team would carefully assess any potential new software, apply controls where necessary and guide staff on how to use it responsibly. He notes that the organisation was slow to recognise the changing demands of its users, many of whom weren’t familiar with the security features that would have prevented many of these issues. “Originally founded in 2011 for corporate clients, Zoom’s software is now being used in situations it was never designed for.” “Much of its problems stem from the unintended consequences of when demand explodes in unexpected ways,” Tae writes. ![]() Zoom has been hurriedly addressing the myriad security flaws that have been unearthed in recent weeks, which is perhaps a sign that its developers were, at best, careless.ĬEO Eric Yuan acknowledged as much last week, telling the Wall Street Journal that he “really messed up” the app’s security.Īnother explanation for Zoom’s security failures, Bloomberg’s Tae Kim argues, is that it was a victim of its own success. Perhaps that’s true, but it could just as easily be an example of Hanlon’s razor: “never attribute to malice that which is adequately explained by stupidity” – although perhaps ‘negligence’ is the more accurate term. When you stack all these issues next to each other, it’s easy to dismiss Zoom as another rogue app that is actively trying to harm its userbase. Crucially, that includes using third-party trackers and surveillance-based advertising – which if not selling your data is certainly sharing it. Zoom has since updated its privacy policy, but the phrasing still gives the organisation room to use personal information in a variety of ways. It then goes on to explain what it doesn’t mean by “sell”, in a way that Bruce Schneier describes as “ carefully worded by lawyers to permit them to do pretty much whatever they want with your information while pretending otherwise”. Until last month, its privacy policy contained this statement:ĭoes Zoom sell Personal Data? Depends what you mean by “sell.” There were also reports that Apple was forced to step in to secure millions of devices after it learned that Zoom installed a secret web server on users’ Macs, and that Zoom has an “attendee tracking” feature that lets a host see whether participants clicked away from the app during a call.Īnd then there’s the threat of “zoombombing”, where uninvited guests enter meetings to harass participants and snoop into people’s homes.īut perhaps the biggest concern is whether Zoom itself breaches users’ privacy. For example, security researchers have found several major vulnerabilities – one of which can be used to steal Windows passwords, and another two that can be used to take over a Zoom user’s Mac and tap into the webcam and microphone. There are plenty of justifiable reasons to be wary of Zoom. So, which side of the divide should you be on? Let’s take a look. ![]() You’re either one of the 200 million people who use it daily, or one of the sceptics, like the MOD, which has banned the software. There has been little room for middle ground when it comes to Zoom. Until recently, you had probably never heard of the video conferencing software Zoom.īut now, as we remain in lockdown and are forced to communicate with colleagues and friends remotely, it’s one of the world’s most talked-about technologies – whether that’s because of its easy-to-use and free set-up or because of accusations that it steals your data and infects you with malware. UPDATE: Since we first published this story, Zoom has implemented end-to-end encryption for all users. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |