Zoom has great features, but not so great security

In recent times, video calls have become even more of a necessity to businesses and educational entities alike. With that, Zoom has becoming an increasingly popular choice for videoconferencing.

Unfortunately, Zoom doesn’t seem to be up to the task of protecting their users by keeping their security as tight as it should be, prompting several large companies such as Google and NASA, as well as the military, to ban the use of Zoom among their personnel.

In one instance, it was reported that Zoom has been leaking the email address of several thousand people because they were treating personal email addresses as if they belonged to the same company.

Zoom also tightened its privacy policy after criticism that they were collecting information about users’ meetings, such as videos, transcriptions, and shared notes, for advertising purposes.

Those issues may seem mild, but it escalates quite quickly.

For instance, Apple was required to step in in order to secure millions of Macs after an astute security researcher found that Zoom installed a secret web server on users’ Macs. Zoom failed to remove this secret server when the client was uninstalled from the device.

The researcher that found that issue, Jonathan Leitschuh, was offered a bug bounty for the discovery, but declined because Zoom wanted him to sign a non-disclosure agreement that would have prevented him from informing others about Zoom’s secret web server installations.

Zoom was also caught quietly sending data to Facebook about a user’s Zoom habits. Usage data was also being reported on users that do not even have a Facebook account. In response to their shady sharing habits being exposed, Zoom did remove the code from their platform, but not before a class action lawsuit regarding the practice was launched, or before New York’s attorney general opened an investigation into the company.

Along with these issues, there’s also Zoombombing, which allows pranksters to take advantage of open or unprotected meetings due to poor default settings. This disruptive issue prompted a warning from the FBI to Zoom users, as Zoom did not take immediate action to lock out the disruptive meeting hijackers.

So, while Zoom is currently the popular choice for videoconferencing, it might not be all that it’s cracked up to be.

As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648