Zoom recently came under fire when it was discovered that its video conferencing feature wasn’t as secure as it led people to believe. Now, to add insult to injury, thousands of video recordings have reportedly been uploaded online in the form of video clips.
According to The Washington Post, this was achieved due to the “identical way” each video was named. And then posted onto unprotected Amazon Web Services (AWS) buckets. Simply put, viewers can find recordings of meetings, therapy sessions, and business meetings – among many other kinds of videos – with the use of specific keywords.
Zoom supposedly uses TLS encryption for its video conferencing, which is similar to HTTPS sites. In effect, the encryption still gives server owners access to your data, but it’s still not true end-to-end encryption. On a related note, another report found that Zoom was allegedly issuing encryption keys to meeting participants in the US via servers situated in China.
While some may brush this away, the implications behind this could be far greater, especially when you consider the fact that China can order any company with a base in the country to hand over critical information to its government, if deemed necessary.
At the time of writing, Zoom has put patched up security issues on both the macOS and the Windows OS. At the same time, it has also announced that it has implemented a 90-day feature freeze in an effort to tackle the mounting privacy and security issues.
(Source: The Washington Post via The Verge)
