Zoom goes boom, in more ways than one

Zoom has become the darling of the working-from-home/lockdown world but that popularity is coming at a cost. I mentioned yesterday how there’s been rapid backlash against the company and people like Basecamp founder David Heinemeier Hansson (@DHH) have jumped way further, calling the organization “fundamentally corrupt.”

  • The tech world has long used Zoom because it has strong video tech and it makes video conferencing work. 
  • Former default conferencing software Skype became a UI nightmare of cutesy and weird, borderline unusable, BlueJeans was often used by corporates, but Zoom was cool. It worked well. It was easy to join, no login required.
  • Now the likes of the UK cabinet met on Zoom yesterday. Howard Stern is broadcasting on SiriusXM with Zoom. Everyone’s on Zoom.
  • But Zoom is hilariously insecure! UK PM Boris Johnson’s screenshot tweet yesterday revealed the Zoom meeting ID of a meeting, allowing people to dial in. (The meeting was password-protected, but just a password away is a meeting of the top level of government).

And the entire infosec world smells blood in the water, ramping up its interest in a product that appears to be amazingly complicated, has plenty of attack surface, and has always played at the edges of what should and shouldn’t be done with software that can be close to malware.

Helpfully, the likes of TechCrunch are also swinging into gear with comprehensive “Maybe we shouldn’t use Zoom after all” pieces: Zoom at your own risk, they say.

  • I’d almost forgotten about when Apple had to patch its Macs after Zoom had installed a hidden web server.
  • And there’s a much longer list of everything since that time, including privacy issues, New York’s attorney general investigating privacy and data concerns, a lack of end-to-end encryption despite Zoom promising this, Zoombombing, and further leaking personal information including emails and photos. 
  • To be fair, it’s not just Zoom: Houseparty is being called a “privacy trojan horse” that’s “able to basically track your every move” on your phone. Not that TikTok privacy/safety concerns have stopped people using TikTok.
  • But Zoom isn’t an app, or a fun new startup. $ZM is a $40 billion public company, not a new thing with limited resources. 
  • Alternatives are being discussed. FaceTime remains close to the gold standard but only on Apple devices and not really for conferencing, while WhatsApp group calls work well, but only up to four people and both solutions require some kind of login or identification.
  • Anyway, the best news so far is that Zoom doesn’t appear to have adopted a pattern of denial or being overly defensive. This may still play out but it hasn’t happened, yet.
  • If Zoom pivots to offer transparency, apologizes, and switches from a focus on growth to security over the next period, that will help.
  • Until then, clever but close-to-malicious style approaches from the company will be under scrutiny.

Published by Moey

Inked. Pierced. Chubby. Bearded. Cinephile. Left-arm Palsy-fist.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: