By Ahsaas Verma
Human beings have always been categorized as a social animal. The ability to talk, empathize with and understand each other not only fulfills a sense of social validation that everyone seeks but also helps one feel wanted and loved in a time where the society is uncertain and perhaps almost, unreal.
Five weeks since everyone in this country has been experiencing the lockdown, and we have not only been finding new ways to stay in touch but rather, we have started trying to find our new “normal”.
In these times of quarantine, the world has seen many new mobile applications (or apps) making their way into the daily lives of people.
Be it the house party app or Ludo king, we as humans have been hunting new ways in the virtual world to spend quality time with friends and family, since it seems like we have run out of options in the physical world. While these apps make a good companion in these quarantined times, they bring a fair share of controversies with them revolving around privacy, data protection and security. One such app being discussed in this article is the Zoom app.
Zoom, a cloud-based video conferencing service used to virtually meet others – either by video or audio-only or both, while conducting live chats. Zoom differentiates itself from other video conferencing platforms like Skype, Hangouts, or WhatsApp by allowing a larger group to participate in a conference and also by letting one record those sessions to view later. Over half of Fortune 500 companies reportedly used Zoom in 2019 and it is definitely creating its mark during the extreme, global pandemic crises.
Here are Zoom’s core features:
- One-on-one meetings: Hosts unlimited one-on-one meetings even with the free plan.
- Group video conferences: Hosts up to 500 participants (if you purchase the "large meeting" add-on). The free plan, however, allows you to host video conferences of up to 40 minutes and up to 100 participants.
- Screen sharing: Meet one-on-one or with large groups and share your screen with them so they can see what you see.
Even after some strong features like the ones mentioned above, Zoom has been criticized for its data breach practices, making the information of all of its customers more fluid and available, thereby raising privacy concerns. We will look into these concerns one by one.
Data Security, Data Protection & Privacy concerns
Zoom’s CEO Eric S. Yuan even apologised for all the security issues that the video conferencing app was packed with. Zoom also announced a 90-day feature freeze to focus on security and privacy. Schools in the US decided to ban the video conferencing app for their online classes. Probably the most popular Zoom security issue is ‘zoombombing’.
‘Zoom bombing’ on the rise
A January report from the security firm Checkpoint found that Zoom meetings can be accessed by a short number-based URL, which can easily be generated and guessed by hackers. Zoom has released guidelines in recent days about how to prevent unwanted guests from crashing video meetings and a spokesman told the Guardian it had also been working to educate its users on protections through blog posts and webinars.
No end-to-end encryption
A report from the Intercept found that Zoom has falsely advertised itself as using end-to-end encryption, a system that secures communication so that it can only be read by the users involved. Zoom confirmed in a blog post that end-to-end encryption was not currently possible on the platform and apologized for the “confusion” it caused by “incorrectly” suggesting the opposite.
A number of security flaws affecting Zoom have been reported in the past and as recently as this week. In 2019, it was revealed Zoom had quietly installed a hidden web server on user devices that could allow the user to be added to a call without their permission.
In-app surveillance measures
Zoom has been criticized for its “attention tracking” feature, which allows a host to see if a user clicks away from a Zoom window for 30 seconds or more. This feature would allow employers to check if employees are really tuned into a work meeting or if students are really watching a classroom presentation remotely.
Selling user data
A report from Motherboard found Zoom sends data from users of its iOS app to Facebook for advertising purposes, even if the user does not have a Facebook account.
What shall we do?
On the bright side, it may be more secure to join a Zoom meeting through your web browser rather than using the Zoom desktop software for Windows, Mac, or Linux. Over the past month, Zoom has constantly rolled out new security enhancements constantly to its version. But it’s been holding back those same fixes for the desktop clients until version 5.0, due on April 26.
Also, it isn’t necessary to join a Zoom meeting using Zoom software. The browser automatically opens a new tab, and one is prompted to use the Zoom desktop software. But under that, there’s a link to "join from your browser." Click that instead.
Second, if you are hosting a Zoom meeting, ask that meeting participants sign in with a password. "Zoom will soon be the most secure conferencing tool out there," wrote tech journalist Kim Zetter on Twitter April 1. Announced on April 8, a recent Zoom change is an option called “Security” that will allow hosts to quickly respond to issues such as Zoom bombing by locking the meeting or removing participants.
It will also restrict those taking part in the meeting from sharing their screens or renaming themselves. Also, Zoom will no longer display the Meeting ID on the title toolbar. Instead, the title of all meetings will read “Zoom”, so you can go ahead and post your screen online if you wish to.
There’s no doubt Zoom is making multiple moves to try and make its service more secure. Is it too late? Perhaps for some, but Zoom also deserves another chance. It’s not as secure as it needs to be yet, so for now, it is advisable for people to avoid using it for very sensitive meetings such as discussions with your therapist.
But for other uses, such as exercise classes, one can feel comfortable that the service is secure. Zoom’s trying to be better, and that’s a lot more than some other companies are doing. Unless you’re discussing state or corporate secrets or disclosing personal health information to a patient, Zoom should be fine to use.
Also See :