When Citizen Lab looked at where their U.S.- and Canada-based Zoom conversations were being routed, the researchers discovered encryption keys were sometimes sent to Beijing, though would be handled by servers in other countries, too.
In a blog post published Wednesday, Yuan said usage had increased by 1,900%, with 200 million daily free and paying users in March, up from 10 million at the end of December.
(Reuters) - Elon Musk’s rocket company SpaceX has banned its employees from using video conferencing app Zoom, citing “significant privacy and security concerns,” according to a memo seen by Reuters, days after U.S. law enforcement warned users about the security of the popular app.
This is known as transport encryption, which is different from end-to-end encryption because the Zoom service itself can access the unencrypted video and audio content of Zoom meetings.
We reached out to Zoom in an effort to determine whether meeting participants are notified if and when hosts enable attendee attention tracking, but received no immediate response.However, there's more: That said, Zoom does use certain standard advertising tools which require Personal Data (think, for example, Google Ads and Google Analytics).
Last week, after an article on the news site Motherboard reported that software inside the Zoom iPhone app was sending user data to Facebook, the company said it was removing the tracking software.
On Friday video-conferencing software Zoom issued an update to its iOS app which stops it sending certain pieces of data to Facebook.
Working and socialising from home has brought new risks to everyday life, as webcam meetings and chatroom cocktail hours contend with privacy invasions, phishing attacks and “zoombombings” – uninvited guests abusing the popular video service to broadcast shocking imagery to all.
"Zoom should update their terms to ensure that data collected during meetings from any participant or host is explicitly excluded from any advertising or marketing use, and that they don't view and tag video footage to train AI for facial or object recognition," says Justin Brookman, director of privacy and technology policy at Consumer Reports.
Vulnerability testing specialists point out that any web application that uses numeric or alphanumeric identifiers is exposed to enumeration attacks.
On June 24th after 90 days of waiting, the last day before the public disclosure deadline, I discovered that Zoom had only implemented the ‘quick fix’ solution originally suggested.
Earlier this week, the DEA issued a solicitation for “concealments made to house network PTZ [Pan-Tilt-Zoom] camera, cellular modem, cellular compression device,” noting that the government intended to give the contract to Obsidian Integration LLC, an Oregon company with a sizable number of federal law enforcement customers.