The video conferencing app Zoom gained about 2 million new users in the first two months of 2020 and that was before the World Health Organization declared the coronavirus outbreak a pandemic. With so many people now relying on video conferencing for contact with their friends, family and colleagues, its no wonder Zoom has seen a significant increase in its company stock price. But the firm has also attracted some negative press recently for issues related to its privacy and security.
I worked in the video conferencing industry for 10 years. During this time, I started a PhD on whether such systems meet the needs of organisations that have to communicate under adversarial circumstances, such as international NGOs and opposition groups under oppressive regimes. My near-finished research shows that Zoom has indeed had plenty of problems, but is far from the only platform with security and privacy issues.
A number of issues with Zoom have attracted public attention, most notably call hijacking or Zoom-bombing. Calls that are not set to private or password-protected can be accessed by anyone who inputs the nine- to 11-digit meeting code, and researchers have shown how valid meeting codes could easily be identified (something Zoom now says it prevents).
Zoom has also recently had to make changes to its iPhone and iPad apps to stop Facebook being able to collect data about users. And last year it was forced to fix a problem that could have allowed websites to turn on Mac users cameras without permission.
Another issue, recently highlighted by The Intercept, is that Zoom claims its calls can be encrypted, but doesnt use the kind of end-to-end encryption that many people have come to understand as standard for private communication services. Messages or calls sent with end-to-end encryption are effectively locked with the receiving users public key that anyone can access, but can only be unlocked by the users private key. This system is used by messaging apps such as WhatsApp to ensure only a messages recipient can read it not even the apps provider has access.
Zoom instead uses the AES-256 ECB method of encryption, which shares the key used to encrypt calls with Zooms servers around the globe. This potentially gives them full access to the audio and video streams, although the company has stated no user content is available to its employees or servers once encrypted.
Researchers have also found that encryption keys even up on Zoom servers based in China (where the company has development sites) even when no Chinese participants are in the call. This opens the possibility that the Chinese government, famed for its control of internet communications in the country, could eavesdrop on calls. Zoom has now started offering paying customers the ability to opt out of having data routed through China or other regions.
While Zoom has developed measures or options to at least partly address all of the issues highlighted and said it will freeze the development of new features for 90 days so it can focus on improving security the litany of problems that have already been identified should provoke serious thought among its users. On top of this, Zooms privacy policy is arguably not user-friendly. By downloading the app, you essentially grant the company permission to do with your personal data whatever they want.
The problem for anyone looking for a more private system is that many of Zooms competitors have their own similar security issues. For example, Microsofts Skype and Teams services also use forms of encryption that give the company control over the keys.
So what are the alternatives? The most secure options are arguably those that use end-to-end encryption and are built with open-source code because it can be publicly reviewed to check it doesnt have any hidden problems.
Signal is a messaging app that falls into this category and also provides video calling from smartphones, but not desktop video calls or video conferencing with multiple parties. Jitsi is also open source and provides end-to-end encrypted video calls via a web browser, and is working on doing the same for multi-party video conferencing.
If these options dont suit you, then there are things you can do when using Zoom or other video calling services that have potential security issues to maximise your privacy and safety.
In response to the issues raised in this article, a Zoom spokesperson said:
Zoom takes user privacy, security, and trust extremely seriously. Zoom was originally developed for enterprise use, and has been confidently selected for complete deployment by a large number of institutions globally, following security reviews of our user, network and datacenter layers.
During the COVID-19 pandemic, we are working around-the-clock to ensure that businesses, schools, and other organizations across the world can stay connected and operational. As more and new kinds of users start using Zoom during this time, Zoom has been proactively engaging to make sure they understand Zooms relevant policies, as well as the best ways to use the platform and protect their meetings.
Read this article:
- Jitsi - Business VoIP Phone Service | OnSIP [Last Updated On: April 26th, 2014] [Originally Added On: April 26th, 2014]
- Softonic - Jitsi - Download [Last Updated On: April 26th, 2014] [Originally Added On: April 26th, 2014]
- The Architecture of Open Source Applications: Jitsi [Last Updated On: April 26th, 2014] [Originally Added On: April 26th, 2014]
- Jitsi - Wikipedia, the free encyclopedia [Last Updated On: April 26th, 2014] [Originally Added On: April 26th, 2014]
- FLOSS Weekly 293: Jitsi Meet - Video [Last Updated On: May 9th, 2014] [Originally Added On: May 9th, 2014]
- Jitsi Overview: FLOSS Weekly 293 - Video [Last Updated On: May 9th, 2014] [Originally Added On: May 9th, 2014]
- NetSecDemo Secure FTP over Jitsi - Video [Last Updated On: May 9th, 2014] [Originally Added On: May 9th, 2014]
- Eliyah Moore, Barum Jiu Jitsi Vs Cahel Gonzalez, 5 Star Martial Arts - Video [Last Updated On: May 16th, 2014] [Originally Added On: May 16th, 2014]
- Jitsi (Mac) - Download - Softonic [Last Updated On: August 31st, 2014] [Originally Added On: August 31st, 2014]
- Using XMPP chat with Jitsi - Video [Last Updated On: September 12th, 2014] [Originally Added On: September 12th, 2014]
- Jitsi - SIP Softphone - Video [Last Updated On: September 12th, 2014] [Originally Added On: September 12th, 2014]
- The Luminosity of Free Software Episode 20 - Video [Last Updated On: September 13th, 2014] [Originally Added On: September 13th, 2014]
- FOSDEM 2014 - Jitsi Videobridge And Webrtc - Video [Last Updated On: September 16th, 2014] [Originally Added On: September 16th, 2014]
- Just Linux touch screen and Jitsi - Video [Last Updated On: September 16th, 2014] [Originally Added On: September 16th, 2014]
- Bitcoin and dark wallet could be used by terrorists. So what? [Last Updated On: September 24th, 2014] [Originally Added On: September 24th, 2014]
- Top messaging apps flat-out flunk EFF's security review [Last Updated On: November 5th, 2014] [Originally Added On: November 5th, 2014]
- When I say join me in a jitsi meet... - Video [Last Updated On: November 7th, 2014] [Originally Added On: November 7th, 2014]
- Jitsi Flasms Dogfooding: Using your own imperfect solutions helps improve them, - Video [Last Updated On: November 10th, 2014] [Originally Added On: November 10th, 2014]
- IETF91 chairs meeting Honolulu Jitsi Meet presentation - Video [Last Updated On: November 17th, 2014] [Originally Added On: November 17th, 2014]
- IETF91 chairs meeting Honolulu Jitsi Meet questions - Video [Last Updated On: November 17th, 2014] [Originally Added On: November 17th, 2014]
- jitsi videollamada - Video [Last Updated On: December 26th, 2014] [Originally Added On: December 26th, 2014]
- Your first OTR text chat with Jitsi - Video [Last Updated On: December 31st, 2014] [Originally Added On: December 31st, 2014]
- Skype Encrypted Alt. SIP Jitsi Combo [Last Updated On: February 7th, 2015] [Originally Added On: February 7th, 2015]
- Jitsi Wikipdia [Last Updated On: February 7th, 2015] [Originally Added On: February 7th, 2015]
- Jitsi for Mac | MacUpdate - Apple Mac OS X Software & Apps ... [Last Updated On: February 11th, 2015] [Originally Added On: February 11th, 2015]
- Nexi Unified Communication Jitsi Presentazione full - Video [Last Updated On: February 19th, 2015] [Originally Added On: February 19th, 2015]
- JITSI - Video [Last Updated On: April 8th, 2015] [Originally Added On: April 8th, 2015]
- Jitsi Configuration and Review [Last Updated On: November 21st, 2015] [Originally Added On: November 21st, 2015]
- Jitsi: A Multi-Protocol, Cross Platform Compatible Chat, Call ... [Last Updated On: November 21st, 2015] [Originally Added On: November 21st, 2015]
- Jitsi (Build 3132) - Business VoIP Phone Service | OnSIP [Last Updated On: November 21st, 2015] [Originally Added On: November 21st, 2015]
- Jitsi | Tiki Suite [Last Updated On: March 26th, 2016] [Originally Added On: March 26th, 2016]
- Jitsi - [Last Updated On: January 28th, 2017] [Originally Added On: January 28th, 2017]
- Jitsi for Mac - Download - jitsi.en.softonic.com [Last Updated On: February 5th, 2017] [Originally Added On: February 5th, 2017]
- Jitsi | Prometheism.net [Last Updated On: February 8th, 2017] [Originally Added On: February 8th, 2017]
- GitHub - jitsi/jitsi-meet: Jitsi Meet - Secure, Simple and ... [Last Updated On: February 12th, 2017] [Originally Added On: February 12th, 2017]
- Edward Snowden's New Job: Protecting Reporters From Spies - WIRED [Last Updated On: February 14th, 2017] [Originally Added On: February 14th, 2017]
- Snowden helping develop tools to protect journalists and whistleblowers - 'to make the game a little more fair' - Press Gazette [Last Updated On: February 16th, 2017] [Originally Added On: February 16th, 2017]
- Jitsi - Download [Last Updated On: February 18th, 2017] [Originally Added On: February 18th, 2017]
- Jitsi Meet - Android Apps on Google Play [Last Updated On: March 11th, 2017] [Originally Added On: March 11th, 2017]
- Jitsi for Mac OS X Secure instant messaging and VoIP [Last Updated On: March 12th, 2017] [Originally Added On: March 12th, 2017]
- How to Configure and Set-Up Jitsi - Liberty Under Attack [Last Updated On: June 6th, 2017] [Originally Added On: June 6th, 2017]
- Jitsi PediaView.com | Prometheism.net [Last Updated On: June 17th, 2017] [Originally Added On: June 17th, 2017]
- Provisioning | Jitsi | Prometheism.net [Last Updated On: June 26th, 2017] [Originally Added On: June 26th, 2017]
- Provisioning | Jitsi [Last Updated On: June 26th, 2017] [Originally Added On: June 26th, 2017]
- FAQ | Jitsi | Prometheism.net [Last Updated On: June 26th, 2017] [Originally Added On: June 26th, 2017]
- Tsirang vegetable vendors commit to selling local chillies - Kuensel, Buhutan's National Newspaper [Last Updated On: June 27th, 2017] [Originally Added On: June 27th, 2017]
- FAQ | Jitsi | Prometheism.net euvolution.com [Last Updated On: July 3rd, 2017] [Originally Added On: July 3rd, 2017]
- FAQ | Jitsi | Futurist Transhuman News Blog | Prometheism.net [Last Updated On: July 4th, 2017] [Originally Added On: July 4th, 2017]
- Jitsi Meet (advanced) Projects | Prometheism.net [Last Updated On: July 6th, 2017] [Originally Added On: July 6th, 2017]
- FAQ | Jitsi | Prometheism.net euvolution.com | Futurist [Last Updated On: July 6th, 2017] [Originally Added On: July 6th, 2017]
- Jitsi | Futurist Transhuman News Blog - prometheism.net [Last Updated On: July 14th, 2017] [Originally Added On: July 14th, 2017]
- Gladstone gold does club proud | Gladstone Observer - Gladstone Observer [Last Updated On: July 18th, 2017] [Originally Added On: July 18th, 2017]
- Jitsi softphone for Windows OnSIP Support [Last Updated On: July 26th, 2017] [Originally Added On: July 26th, 2017]
- Jitsi for Mac : Free Download : MacUpdate [Last Updated On: August 1st, 2017] [Originally Added On: August 1st, 2017]
- OpenFire Jitsi as Skype(desktop sharing) and Temviewer ... [Last Updated On: February 9th, 2018] [Originally Added On: February 9th, 2018]
- Jitsi Download - softpedia.com [Last Updated On: March 29th, 2018] [Originally Added On: March 29th, 2018]
- Jitsi Meet (advanced) Projects [Last Updated On: June 14th, 2018] [Originally Added On: June 14th, 2018]
- Jitsi (Build 3132) - OnSIP [Last Updated On: November 9th, 2018] [Originally Added On: November 9th, 2018]
- Download Jitsi 2.10.5550 - softpedia.com [Last Updated On: November 9th, 2018] [Originally Added On: November 9th, 2018]
- Jitsi Community Forum [Last Updated On: November 9th, 2018] [Originally Added On: November 9th, 2018]
- FAQ | Jitsi [Last Updated On: November 23rd, 2018] [Originally Added On: November 23rd, 2018]
- Jitsi for Windows - Secure Instant Messaging and VoIP [Last Updated On: February 12th, 2019] [Originally Added On: February 12th, 2019]
- How to Create Your Own Video Conference Server using Jitsi ... [Last Updated On: March 6th, 2019] [Originally Added On: March 6th, 2019]
- What is Jitsi? - open source video conferencing API's ... [Last Updated On: April 9th, 2019] [Originally Added On: April 9th, 2019]
- 8x8 Acquires Jitsi Video Communications Technology From ... [Last Updated On: April 15th, 2019] [Originally Added On: April 15th, 2019]
- Latest users topics - Jitsi Community Forum - developers & users [Last Updated On: April 15th, 2019] [Originally Added On: April 15th, 2019]
- Jitsi - Should I Remove It? [Last Updated On: April 20th, 2019] [Originally Added On: April 20th, 2019]
- Appear.in Vs. Jitsi: Subscription WebRTC Faces Off Against Open-Source VC - VC - VC Daily [Last Updated On: November 18th, 2019] [Originally Added On: November 18th, 2019]
- Philippines eyes fitting end to best SEA Games performance ever - Sports Interactive Network Philippines [Last Updated On: December 12th, 2019] [Originally Added On: December 12th, 2019]
- Fox Sports 1 Dials Up VCC for The Herd With Colin Cowherd - TV Technology [Last Updated On: December 21st, 2019] [Originally Added On: December 21st, 2019]
- Fox Sports 1 Utilized Video Call Center to Extend Reach of Shows Like The Herd with Colin Cowherd - Sports Video Group [Last Updated On: December 21st, 2019] [Originally Added On: December 21st, 2019]
- GoodFirms Discloses the Most Recommended Software of 2020 to Streamline the Business Work Processes - Yahoo Finance [Last Updated On: February 23rd, 2020] [Originally Added On: February 23rd, 2020]
- How The Coronavirus Is Forcing Italy To Become A Digital Country, At Last - Forbes [Last Updated On: March 16th, 2020] [Originally Added On: March 16th, 2020]
- Here's how Zoom is fixing all of those security issues - The Union Journal [Last Updated On: April 12th, 2020] [Originally Added On: April 12th, 2020]
- Five Zoom alternatives to combat social isolation with video chat - The Star Online [Last Updated On: April 12th, 2020] [Originally Added On: April 12th, 2020]
- Zoom Has Privacy Issues, Here Are Some Alternatives - CoinDesk [Last Updated On: April 12th, 2020] [Originally Added On: April 12th, 2020]
- This is Jitsi Meet, the open source video calling application that the Government uses to prepare for press conferences - Explica [Last Updated On: April 12th, 2020] [Originally Added On: April 12th, 2020]
- Group video calls of up to 100 participants, with encryption and noise cancellation - Explica [Last Updated On: May 3rd, 2020] [Originally Added On: May 3rd, 2020]
- The best Skype alternatives for video calls on your smartphone - AndroidPIT [Last Updated On: May 3rd, 2020] [Originally Added On: May 3rd, 2020]
- Jesse Kline on COVID-19: Keeping government secure and saving taxpayer money with open source - National Post [Last Updated On: May 3rd, 2020] [Originally Added On: May 3rd, 2020]