Zoom boss apologises for security issues and promises fixes

BBC Technology 02 Apr 2020 12:54
By Jane Wakefield Technology reporter
A computer screen with four faces on itImage copyright Zoom

Zoom is to pause the development of any new features to concentrate on safety and privacy issues, in the wake of criticism from users of the app.

In a blog, the chief executive of the video conferencing app apologised for "falling short" on security issues and promised to address concerns.

He said that the use of Zoom had soared in ways he could never have foreseen prior to the coronavirus pandemic.

One security expert said he hoped the company culture would change.

Zoom is now being used by millions of people for work and leisure, as lockdowns are imposed in many countries.

Eric Yuan spoke candidly about how "usage of Zoom ballooned overnight".

"As of the end of December last year, the maximum number of daily meeting participants, both free and paid, was approximately 10 million. In March this year, we reached more than 200 million, he said.

"For that, I am deeply sorry," he wrote.

"We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socialising from home," he wrote.

Ex-NSA (National Security Agency) hacker Patrick Wardle identified a series of issues, including a flaw which left Mac users vulnerable to having webcams and microphones hijacked.

"It risked losing a large amount of goodwill it had received because of revelations about its less-than-perfect attitude towards security and privacy."

"Let's hope that the company's culture will change from its previous 'fast and loose' attitude when it comes to such concerns," he added.

The huge uptake of Zoom has created the new phenomenon of 'zoombombing' which sees uninvited guests join video conferences, usually to shout abuse, share pornography or make racist remarks.

Mr Yuan, who founded Zoom in 2011, said steps the firm had taken to address concerns included:

And over the next 90 days it plans to:

Rik Ferguson, vice president of security research at Trend Micro, welcomed the changes.

"One has to feel some sympathy for an organisation that was one of the first to offer free services during the pandemic and found itself not just a victim of poor decision-making, but also a victim of its own success."

There has been debate in the UK about whether the government should be using Zoom for cabinet meetings.

But the debate intensified when prime minister Boris Johnson tweeted a picture which included the ID number of the latest meeting.

Mr Cluley said anyone using it for sensitive conversations needed to be careful.

Continue reading original article...


Eric YuanPatrick WardleGraham CluleyMr YuanNational Security Agency
You may also like