Teleconferencing applications that are on the rise, Zoom began to doubt its safety. Recent reports mention that thousands of Zoom teleconferencing video recordings leaked on the internet.
Thousands of recorded video conversations stored in the third application are exposed without password protection and allow anyone to view and download them. A security researcher, Patrick Jakcson, said there were at least 15,000 video records of the Zoom meeting that were not password protected on cloud storage.
The Washington Post report found a number of examples of videos that leaked. Like personal therapy videos, videos of teaching and learning activities, business meetings, to immoral videos. In a leaked health training video, there is a participant’s name and cellphone number.
There is also a document of the company’s financial statements in a business teleconference meeting also revealed. Teaching and learning activities also expose children’s faces and detailed information related to them.
Users who often record and save Zoom video footage can certainly easily find video recordings that do not belong to them to access.
Gap in the storage system Video recordings circulating on the internet, allegedly some are accidentally uploaded to other platforms. Zoom has a feature that allows paid users to save recordings to the cloud, for example the Zoom server.
However, users can save it on other devices, such as computers or other personal servers. There could be misconfiguration when saving and it makes it vulnerable to other people. Other people can hack the server then download the record that has been saved.
Zoom has a feature where the host (meeting organizer) can record teleconferences without the consent of all participants. They were only given a notification that a teleconference was being recorded and could choose the option to leave the meeting if they wish.
Compiled from Mashable, Zoom appealed to users to be extra careful when saving video recordings. “The Zoom meeting is only recorded on the host’s choice server, either locally on the host device or uploading it to the Zoom cloud.
If the host chooses to upload it elsewhere, we urge to be very careful and transparent with the meeting participants,” explained Zoom’s representative.
Zoom application is suddenly popular because it is widely used by the world’s population who are undergoing quarantine or isolation to face the Covid-19 pandemic. They use Zoom to conduct online meetings , hold discussions, or teach at home.
Concentration on Zoom security vulnerabilities began to be discussed some time ago. Zoom’s CEO, Eric S Yuan, also acknowledged that the application was not entirely safe. He also promised to solve privacy and security problems in the next 90 days.
Summarized from the New York Post , Tuesday (04/07/2020), two attorneys general in the US also asked for information Zoom regarding safety and privacy. The Federal Bureau of Investigation (FBI) also warns Zoom users not to have online meetings on the platform or not share the meeting links randomly.
This appeal comes after the Zoom-bombing trend , where online meetings can be infiltrated by uninvited people and send “annoying” content such as pornographic videos , threats, or hate speech. At least there have been two events of zoombombing and the cases are said to be increasing.
The Inception report also mentions that Zoom does not encrypt every video call. This was acknowledged by Zoom’s representative who said that video conversations only rely on the Transport Layer Security (TLS) protocol. “At present, it is not possible to provide end-to-end encryption for Zoom video calls.
Zoom uses a combination of TCP and UDP as security. TCP is based on the TLS protocol,” said a Zoom spokesman. TLS itself is a protocol used to strengthen website security with a communication protocol in the form of HTTPS.
This protocol is different from the end-to-end encryption security system which makes communication unable to be spied by hackers.