The Zoom CEO has responded to allegations, sorry proven truths, of Zoom’s serious security breaches affecting people working from home. But do we believe him, or is he just buying time?
Our U.S. correspondent and security analyst Sam Bocetta has analysed the situation. He believes Zoom’s serious security breaches are not only cause for concern – you should ditch it now.
And since he started researching this, the truth has come out first-hand – Zoom is not to be trusted.
Sam writes about Zoom’s serious security breaches (this is a U.S. perspective)
If any company’s stock has zoom, zoom, zoomed (literally) as a result of the ongoing pandemic, it is Zoom’s video conferencing app. Although share analysts say that this is temporary. Why?
- The lockdown that made Zoom more popular cannot last.
- Reputable companies like Microsoft will soon include the vastly superior Teams free (family and friends version) in consumer versions of Microsoft 365.
- Zoom has to convert free users to paid users. Who would pay for an insecure app that is inferior to mainstream paid apps?
- And its shares are grossly overvalued with ‘stags’ cashing out now as they know the price won’t last.
After all, this free app seemed the perfect solution for small business and enterprise operations alike. Software users increased from 10 million to 200 million – as millions of COVID-convicts went home to isolate, self-quarantine and work.
But the temporary share surge has quieted by revelations that the app not only exhibits serious privacy concerns, it also poses about as much difficulty to hackers as turning on a television.
Zoom CEO, Eric Yuan, has tried to get ahead of the public’s growing ill-will by apologising for the service’s shortcomings. He has laid out a strategy detailing how he plans to improve the situation.
The trouble with Zoom’s serious security breaches
Zoom’s problems are two-fold since – both privacy and security. As if the general public wasn’t already suspicious enough of tech companies. Let’s take each in turn to get a sense of what we’re dealing with.
Zoom use has soared to stratospheric levels. That is due to the high demand from managers looking for free tools to communicate with a new stay-at-home workforce. Many of those managers (small business especially) lack the ability to assess issues like security. And what is worse many can’t afford secure solutions, so they keep using it!
Reports quickly surfaced that the iOS version at least – without so much as a pardon me – was embedding Facebook’s software development kit and sending data to it and several other data aggregators.
The bottom line is that lot of personal data went to Zuckerberg’s behemoth, trust-less social media platform Facebook. That has had its share of public mea culpas too. Data included the user’s phone model and carrier, time zone, location/city, and unique ad identifier. It may also have included academic records and information stored in the Zoom cloud. We just don’t know, and Zoom won’t admit anything.
It’s also worth mentioning that nobody asked the phone owner if this data collection was OK. I am pretty sure GDPR wouldn’t be OK with this. As Zoom is ‘closed-source’ no one can verify what it is doing. I don’t take anyone’s word at face value.
NOTE – Several class-action lawsuits against Zoom under the new California Consumer Privacy Act resulted from this.
U.S. counterintelligence officials worry about one video conference platform in particular: Zoom.
It didn’t take long for the FBI and global cybersecurity experts to sound the alarm. Subsequently, they as well as Google, NASA, SpaceX, the U.S., Canadian, German, Singapore, Taiwan, the U.K. and Australian Governments, and a long list of others have banned employees from using Zoom.
One trusted acquaintance relayed the following to me, and I quote:
“I was on a teleconference call last week with a Chinese company using Zoom for the first time. Malwarebytes started screaming that Zoom had installed a PUP (potentially unwanted program). It was tracking my internet use even after I ended the teleconference. I took screenshots and raised the matter with the company.