Zoom logo on building

Zoom Announces They Will Work on Their Security and Privacy Issues and Freezes Developments

Last edited: April 2, 2020
Reading time: 2 minutes, 14 seconds

The CEO of Zoom has posted a blogpost on the Zoom website. In it he states that for the next 90 days all feature development will be put to a halt. All focus can therefore go to solving the security and privacy issues that the video conferencing service has been dealing with this past month.

Past Issues

Over the past month Zoom’s user base has grown exponentially. It has become one of the main platforms that is used to connect people in the time of the corona crisis. Over 90,000 schools across 20 countries are using the service for teaching. The daily number of participants in meetings on Zoom has grown from 10 million in December to 200 million in March.

But we have also reported that Zoom has struggled with some security and privacy issues. Today, Elon Musk’s company SpaceX has banned employees from using the service because of these issues. Eric S. Yuan, the CEO of Zoom, explained that the platform was not originally designed for the broader set of users that are now utilizing it. Zoom is being used in ways that it was not previously, and therefore it needs some time to adjust to the change. The CEO stated that for the next 90 days Zoom will freeze all feature development. Their sole focus will be on improving the security of their platform and guaranteeing the privacy of their users.

Solutions

Zoom has started on the improvements immediately. The controversial Attendee Attention Tracker has been removed. There was much debate about this feature, which allows a host to see whether the Zoom window was in focus or not. Secondly, a new version of the iOS app has been released in which Facebook’s software development kit has been removed. The original privacy policy did not include a statement that the platform shares user’s data with Facebook, which caused some trouble as well. The company has also updated its privacy policy, to be more clear and transparent to their users. The new policy includes protection of education records. On top of that the platform changed some default settings for schools.

Even though these first steps are great, it does not mean that all problems have been solved. Calls on Zoom are still not end-to-end encrypted, even though it was previously stated that they were. The issues surrounding Zoombombing have not been solved either. There is also no word yet on the bug that could be abused to steal Windows passwords. So the challenge that lies ahead for Zoom might be one that cannot be solved in 90 days. After all, to put it in Yuan’s words, Zoom was not designed for the way it is being used right now.

Cybersecurity analyst
David is a cyber security analyst and one of the founders of VPNoverview.com. Interested in the "digital identity" phenomenon, with special attention to the right to privacy and protection of personal data.

More articles from the ‘News’ section

Comments
Leave a comment
Leave a comment