As the video chat service Zoom has enjoyed an astronomical rise in user numbers, its newfound popularity has also led to the discovery of some crippling flaws. The company publicly stepped up to the challenge of helping people continue their work and educational pursuits from home, so it’s bad for everyone that, at least for now, Zoom seems like an incredibly untrustworthy platform.
Zoom’s stack of security and privacy issues seems to grow daily. It’s a tall order to list them all off, but if there’s one problem that stands out, it’s Zoombombing, the act of “crashing” video group chats. Zoom has tools in place to prevent people from making public, Zoombombing-susceptible rooms, but it clearly hasn’t done enough. It’s now a trend that has spilled over into fodder for YouTube and TikTok videos. Even beyond that issue, there are more dangerous problems with how Zoom handles user data and how it deals with message security. The company may be generating more revenue than ever, but its public image makes it appear ethically bankrupt.
As a reaction, Eric Yuan, Zoom’s CEO and Founder, posted a message on the Zoom blog outlining steps to improve the platform. The post covers what many people expected: that Zoom’s original target demographic of enterprise clients with dedicated IT departments setting up their video meetings was much better at managing security than its newer influx of consumers. Translation: they’re used to dealing with people who already have a strong grasp of passwords and private online meetings. The biggest takeaway from the post, however, is the announcement of a 90-day feature freeze. Yuan says Zoom will cease the development of all new features and spend this time exclusively working on solving the various security flaws and bugs plaguing the service. He also promises third-party testing to ensure the integrity of these changes, and more webinars and tutorials to educate users on how best to use the service safely.
Additionally, the post explains the ongoing efforts to combat Zoom’s known issues. The company will be joining other major social platforms like Google and Facebook in providing regular transparency reports to inform users about any requests for their records. The blog reiterates that Zoom has closed its data leak to Facebook, and deployed a strong effort to educate users on how to avoid Zoombombing. While there’s no mention of plans to change its lack of true end-to-end encryption, the Zoom blog gives great detail about how their system works and how users can meet in more secure ways, while acknowledging that their previous statements on the matter were misleading. Lastly, the Windows UNC issue should also be fixed, as of April 1.
As corporate apologies go, this one is huge. Eric Yuan’s willingness to admit to this embarrassment of issues while owning the responsibility of the platform could be considered admirable. It remains to be seen how well Zoom manages to improve security in the future but, based on this update, the company’s intentions are in the right place. Either way, expect users to continue to flock to the service as Zoom had already established itself as the frontrunner in video conferencing before these privacy issues started to turn heads.
