The Zoom boom and what followed

Cloud meeting application Zoom has had the fabulous luck to be noticed during a pandemic while the whole world has been locked down at home with nowhere to go.

Despite the presence of long-established alternatives like Teams, Google Hangout, and WebEx, where Zoom’s CEO Eric Yuan once worked, Zoom zoomed into popularity like a rocket. By now everyone’s used it, or at least heard of it.

It’s comprehensive and has a set of capabilities that others don’t all in one place and it’s just dead easy to use, working on mobiles, tablets, desktops, laptops. For free, Zoom allows up to a 100 users on a call with 49 of them showing on screen if no one happens to be sharing content at the time.

So when children found themselves with a longer holiday from school than they wanted after all they began to attend classes online with their teachers transitioning to an online format. So did college students and anyone else who was studying anything.

Yoga instructors and belly dancers, and workout coaches have been keeping users fit in this time of corona and office-goers who found themselves barred from going anywhere near their workplaces are now so nicely productive that many businesses are thinking of setting aside some work-from-Zoom days when life returns to normal.

Regular people happily celebrate Zoom birthday parties or otherwise keep up their social lives in cloud meetings. Some people even got married on Zoom! Remarkably, artists have also got together on Zoom and performed amazingly coordinated concerts, many of them related to the pandemic situation and aimed at making people feel better.

Zoom allows for screen sharing with other users, using interesting backdrops, recording, animation, messaging even while video is on, etc. So people are using it for client meetings, webinars, demos, tutorials etc with multiple participants.

One can call many people to meet even if they don’t download the app. Businesses like Zoom because it combines HD video conferencing, online business meetings, webinars, and mobile capabilities into one collaborative solution.

It has a Waiting Room feature which you can enable which the host can use to let in participants or keep them out.

But it is the fate of any technology that spirals into popularity and high usage that it should attract hackers and mischief makers like flies to honey.

Data Leak to Facebook: As usage began to grow, security researchers discovered that installing the app on a mobile device or tablet led to data on contacts being shared liberally with Facebook without explicit permission. This was happening even if the user was not a Facebook user. The issue has been resolved when Zoom removed an SDK for its iOS app. The company is however facing several class action lawsuits.

End-to-End Encryption : Zoom suddenly found itself facing flak over its security and privacy. The problem was that it wasn’t disclosing its privacy standards properly. While Zoom does indeed have end-to-end encryption, Zoom HQ actually has the ability to decrypt the calls. This does not mean that others on the network or call can do the same. The issue is yet to be addressed and has led to more lawsuits. CEO Yuan actually apologised to users saying they were trying to fix problems.

China on the way: It would seem that some of the Encryption Key Servers Zoom uses are based in China. Weak encryption, plus this fact alarm users who wouldn’t want the Chinese to snoop on sensitive information. CEO Eric Yuan admitted some calls were ‘mistakenly’ routed through China when the company ramped up capacity to cope with a surge in demand. In the US, officials from Intel apparently warned that ‘foreign spies’ were targeting American users on Zoom as well as other platforms. If there’s no really sensitive data related to your call and if you’re just keeping away boredom, all of this may not matter very much. But a lot of business calls are done on Zoom and may contain information one doesn’t necessarily want to see anyone else getting their hands on, so privacy continues to be a real worry.

Zoom and Windows UNC paths : And now for a technical issue. It was possible for a UNC path “\\my computer\” to send the user credentials along with the password hash giving access to that path. This issue has subsequently been fixed. There are a few others that are deeply technical.

Zoom bombing and more: The more sensational issues with Zoom have included meeting ID’s being displayed on-screen during a meeting. Every call uses a randomly generated code and participants have to enter that code in order to access a meeting. By default you can jump into a zoom meeting with just that ID or even a link and everyone on the call can then see you. It’s so easy that it led to a phenomenon known as Zoom bombing. Any ID or link that’s been posted public ally can be picked up by mischief makers who have gone on to join meetings and stream porn and talk obscenely. This happened with a school in Singapore, leading to Zoom being banned for school kids.

The latest version of the Zoom desktop client, now has an added security icon that makes it easier for host and co-host to manage their participants. “So if you're a host or a co-host and if you have any level of Zoom license, you can see this new security icon that we've added. So if you go here you can click security and see features like the ability to lock a meeting you can enable or disable waiting rooms and you can manage your participant permissions such as sharing your screen and disabling or enabling chat, “ says a Zoom spokesman.

But Zoom has had such a multitude of problems it really means users should keep up with news on the app and make sure they protect their meetings properly. Security experts say the software is easy to corrupt, prone to zero day exploits, and a host to malware including flaws to the waiting room feature. On top of all that, it is said Zoom is sharing data with advertisers.

While many are happy enough to o trade in some privacy for an easy way to interact during these hard times, anyone who has confidential information to share or is with participants who are vulnerable - like children - it’s best to be aware of what one is using and stay informed on how Zoom is tackling issues as they develop.

COMMENT NOW