Victim of Its Own Success: Zoom’s Popularity Explodes Into Serious Security Backlashes

03 April 2020

In a mere month, video conference app went from 10 to 200 million daily users.

As quarantine closed millions of offices across the world, Zoom faced a massive user growth. In March, the app skyrocketed to 200 million conversation participants per day, while before pandemic its top number was 10 million daily users. It appears Zoom was not ready for such a rapid success.

“We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home. We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived”, says Zoom CEO Eric S. Yuan.

Privacy Policy Loopholes And No E2E Encryption

Zoom became popular not only with users but also with security experts, privacy advocates and journalists. Las week Vice revealed that the Zoom app IOS version sends user data to Facebook. The CEO of Zoom admitted it’s true. 

After this Zoom had to rewrite privacy policy as its old rules allowed to analyze personal information and use it to target ads.

Another issue came up on March 31. It turned out that Zoom meetings aren’t protected with end-to-end encryption which means that not only conversation participants have access to their messages. The company was forced to admit this fact, in spite of their website saying that you can “secure a meeting with end-to-end encryption.”

Zoom had security even before the pandemic. Last year american expert proved that any website could hijack the camera of any device with Zoom app installed on it. In addition, the ID-number that’s individually generated for every other call, can be easily guessed. That means anyone can easily break into your Zoom call. 

Zoom Is Now Prohibilted At SpaceX

Because of the security issues, Zoom is now losing its main audience, enterprise customers. Elon Musk’s SpaceX has banned the app over security concerns. Clark County School District has also refused using Zoom for studying-from-home purposes. The FBI has warned Zoom users that their cameras can be hijacked. 

90 Days To Make Everything Right

In these unfortunate times both for Zoom and the whole planet, the app decides to freeze the development of the new features. Zoom devotes the next three months to battling with security issues.  

“Over the next 90 days, we are committed to dedicating the resources needed to better identify, address, and fix issues proactively. We are also committed to being transparent throughout this process,” Yuan promised.

The app will identify the security issues with white box penetration testing. These tests simulate a very realistic scenario which involves attacking a system like a hacker would. 

To salvage its reputation, Zoom will publish a transparency report that will reveal a number of requests for private info from law enforcements and governments. The company has also promised to involve third parties to prepare a comprehensive review of the app. 

 

More like this