Zoom is a video conferencing application that has recently been very successful.
The containment and explosion of telecommuting have made this application quite popular at the expense of its direct competitors such as Skype and Microsoft Teams. However this success did not really last because the application was bombed and in several scandals security problems.
This article will also interest you: Data leak at Zoom
We remember that by the middle of March 2020 the Zoom app already had 600,000 illustrators active in the world. The app had managed to outperform its direct competitors. simply because people felt it was easier to use, so required less effort. However, Zoom has been experiencing serious problems for some time. Problems that are likely to question its reliability. For example, the Motherboard site, very strong for this kind of revelation, had published on March 31, that the videoconferencing application was disclosing the personal information of its users such as email addresses or photos. The cause of this problem was due to a bug in the application's contact management system. As a result of this bug, the contact was automatically recorded when individuals who registered use email addresses that are of the same domain name as the user's messaging service in action.
While it was originally a feature that was supposed to help improve contacts between colleagues of the same company, the problem involved several people with nothing in common, thus unknowingly disclosing personal information at any point of the field. "Many users say they signed up with personal email addresses, and Zoom has grouped them with thousands of other people as if they were working for the same company… exposing their detailed contact information. Detailed the American media. When asked about this problem, Zoom pointed out that: "By default, your contact directory contains internal users of the same company who share the same account or whose email address uses the same domain name as yours (except for areas used publicly as gmail.com, yahoo.com, hotmail.com…) ». Zoom's executives said they had fixed the problem and set up a set of systems to fix the bug.
In addition, the app was involved in a user data transfer scandal to the social network Facebook. Revealed again by the American media on March 23, the Zoom app, in particular its iOS version transmitted without any prior permission of the data users, to a Platform analysis of Facebook, Graph. The information transmitted was quite important when you know that this included the version of the operating system used, the time zone, the language used, the size of the screen the information on the hard drive iOS identifiers… Transmissions that had never been mentioned in Zoom's terms and conditions of use. In a blog post, Eric S.Yuan, the chief executive and founder of zoom acknowledged that his app "collects information about the devices. He also apologised for the inconvenience and "concern that this has caused. ». In addition, he wanted to say that he was "firmly committed to protecting the privacy of our users. ».
Another issue has been raised very recently regarding the application. It seems that it doesn't really do tip button encryption. This meant that anyone working at the firm to date was able to learn about the exchanges between the different user. This was unfortunately confirmed by the spokesperson of the American company when the company was contacted about this: "Currently, it is not possible to activate E2E encryption for Zoom video meetings. Zoom video meetings use a combination of TCP and UDP protocols. TCP connections are built using TLS and UDP connections are encrypted with AES using a key via a TLS connection. ». In other words, communications via Zoom are not secure, thus giving the American company access to the content of the exchanges. The only way for users to make more about the communication and do it by themselves encryption, otherwise no privacy. This calls into question the reliability of this application.
If its use is simple enough, the security issue is still a problem. This makes this application unsavoury, at least for activities that are quite confidential.
Now access an unlimited number of passwords: