Zoom Security Issues?
April 6, 2020
With the outbreak of COVID-19, many schools and workplaces have started using a video calling platform called Zoom to have meetings and classes. Even the UK government has been holding daily cabinet meetings over Zoom.
“I like Zoom; I think it’s fun, and when we can’t be in school it’s very useful,” senior Jackson Fenner said.
With the explosion in usage of Zoom due to the coronavirus outbreak Zoom is now facing a huge privacy and security backlash as security experts, privacy advocates, lawmakers, and even the FBI warn that Zoom’s default settings aren’t secure enough.
“Nothing is one hundred percent safe, that’s a risk we have to take,” Fenner said.
Zoom has had security concerns in the past as well, as Apple had to remove Zoom software from Macs after serious security vulnerabilities let websites hijack Mac cameras.
Each Zoom call has a randomly generated ID number between 9 and 11 digits long that’s used by participants to join the online session. Researchers have found that these meeting IDs are easy to guess, allowing anyone to get into meetings.
“Many of my teachers are planning on using Zoom, I feel safe. I know our school would never let us use something that would endanger us,” junior Savana Westhoff said.
This ease of use has caused a new phenomenon called “Zoombombing”, where pranksters join Zoom calls and broadcast inappropriate videos and disrupt the sessions.
“It is not possible to enable E2E encryption for Zoom video meetings,” said a Zoom spokesperson in a statement to The Intercept.
Zoom’s default settings do not require, nor some say even encourage, a password to be set for meetings, and allow any participants to share their screen. Zoom recently changed this default setting for education accounts, but regular accounts will still need to change settings for more security.
“We sincerely apologize for the concern this has caused, and remain firmly committed to the protection of our users’ privacy. We are reviewing our process and protocols for implementing these features in the future to ensure this does not happen again,” Zoom CEO Eric Yuan said in a public statement.
The FBI is warning teachers of these “Zoombombings” and are encouraging teachers or students to report teleconference hijacking, or any cyber-crime for that matter, to the FBI’s Internet Crime Complaint Center at ic3.gov. Zoom released a series of security updates April 6.