Zoom, an online video conferencing app with a series of security and privacy-related issues



Online video conferencing apps are gaining in popularity due to the spread of the new coronavirus, and

Zoom is one of them. Although Zoom has rapidly increased the number of users, it has been pointed out that it has a number of problems on the security and privacy aspects, and overseas media TechCrunch claims that `` Zoom should not be used eventually '' doing.

Maybe we shouldn't use Zoom after all | TechCrunch
https://techcrunch.com/2020/03/31/zoom-at-your-own-risk/

Regarding Zoom, which can easily hold online video conferences with multiple people, TechCrunch says, `` To be fair, Zoom is not inherently bad, and its popularity is due to its ease of use and reliability. That's why Zoom is a very useful tool in most cases. '

However, the overseas media The Intercept reports that ' Zoom's online calls are not end-to-end encrypted ', and overseas media Motherboard said 'At least thousands of email addresses have been leaked via Zoom 'It is clear that there are multiple security issues.



In addition, security researchers point out that Zoom had secretly installed a web server on users' Macs. Apple has been rolling

out updates to remove secretly installed web servers to protect millions of Macs. Jonathan Reichua's security researchers, this web server by using a malicious Web site, and Zoom without the user's permission will be able to launch the web camera of the installed Mac pointed out we are.

Zoom's problems are not only security, but also privacy. By the end of March 2020, it was found that Zoom had also sent Facebook data to people without a Facebook account. Zoom was promptly removed from the code in question, but was unable to stop the Justice Department in New York from launching an investigation due to a class action.

The online meeting application `` ZOOM '' popular for working at home for new coronavirus measures also sends data of people who do not have a Facebook account to Facebook-GIGAZINE



In addition, if Zoom's `` Attendant tracking function '' is enabled, the specification that the host of the conference can check whether the other party is away from the PC is also a topic that it is `` infringing privacy '' It has become.

In addition, security researcher Felix has found that Zoom uses an automated method to install applications for non-administrative Mac users. Felix criticized Zoom's approach, saying, 'This is the same technique used in malware for macOS.'



In addition, harassment acts such as showing pornographic images using Zoom's screen sharing function etc. are regarded as a problem as ' ZoomBombing ', so change the default setting so that the FBI can not hijack video calls with Internet trolls It has evolved to warn users.

It has also been pointed out that Zoom had been collecting information about video conferences that users had open for advertising (videos, certificates, shared notes, etc. during video conferences). However, Zoom is moving immediately on this matter, claiming that it has strengthened its privacy policy and that user calls are no longer analyzed for advertising.



TechCrunch does not recommend using Zoom because of the various security and privacy issues mentioned above. However, 'There are many alternatives that focus on privacy, but there are also pitfalls. FaceTime and WhatsApp have end-to-end encryption, but FaceTime only works on Apple devices. WhatsApp has a maximum of four people who can make video calls at a time, and the lesser-known video calling platform Jitsi does not have end-to-end encryption, but it is open source Because it's a project, you can check for backdoors in your code, and it's available on all devices and browsers. Running Jitsi on a server you control, Privacy can be enhanced. ' It is.

Elon Musk has banned the use of Zoom in SpaceX, his space development company.

in Software,   Security, Posted by logu_ii