Security Issues that are to be Considered by Zoom Users

One-third of the world’s population has been closed to her home due to coronavirus. Remote work or study due to an increase of 200 percent was seen in the use of video conferencing systems, as well as in the world of Zoom.

Zoomer preferred video conferencing platform to a user in the last three months the number of daily output from 10 million up to 200 million people by both teachers and businesses in many countries. However, this rapid increase brought many problems with it. The New York Department of Education in the USA, the Department of Defense in the UK, and many more organizations restricted or banned the use of this platform. According to the findings of cybersecurity agency ESET, the problems focused specially on security and privacy issues.

The company’s founder and CEO, Eric S. Yuan, made a statement and apologized for the problems arising from the unexpected increase in users, and announced that the company is directing all engineering resources to ‘focus on trust, security, and privacy’.

Here are 5 important problems that Zoom has faced since last week:

The iOS version of the app sends statistics to Facebook even if the users do not have a Facebook account, and this is never mentioned in Zoom’s privacy agreement. The company acknowledged the problem and removed the Facebook Software Development Kit (SDK) for iOS.
Despite contrary claims, but according to some research, the application does not support end-to-end encryption of video and audio meetings. Zoom apologized for this and made it clear that he used the transfer passwords known as TLS.
The app was also found to contain several vulnerabilities, but all were fixed in a short time. The Windows client was found sensitive to a UNC path injection flaw that could reveal users’ Windows login credentials and even lead to arbitrary commands execution on their device.
Zoom also removed the ‘participant watch’ feature, a feature that allows the host to check if participants are actually paying attention while in screen sharing mode.

The US Federal Bureau of Investigation FBI warned against a type of attack called “Zoom-Bombing”, where unauthorized people can access private meetings and school classes and emit disturbing images.
How can we stay safe?

Antivirus and internet security organization ESET warned that privacy and security should not be ignored in the age of remote working. ESET has listed the effective measures that can be taken while using Zoom:

Examine meeting participants with Zoom’s ‘Waiting Room’ feature and / or passwords.
Limit screen sharing to the host.
Use the latest (current) version of Zoom.
Do not share connections or meeting IDs on social media.
When inviting participants, try to use meeting IDs instead of links, because there are Zoom-themed but malicious software that try to take advantage of the unexpected success of the app.

LEAVE A REPLY

Please enter your comment!
Please enter your name here