IBL News | New York
Zoom.com, the increasingly popular video conferencing service, announced yesterday additional security measures to combat the hacking phenomenon of “Zoombombing”.
As a result, Zoom said Friday it will enable passwords and turn on waiting rooms by default starting on April 5.
“We’re always striving to continue to deliver you a secure virtual meeting environment,” the company said in a statement.
Meanwhile, Skype released a new feature yesterday trying to compete with Zoom, which has dominated the video calling conversation ever since the pandemic started. Skype users can now start a video meeting and invite people to it without using the app or even having an account; the process is done completely on the web.
Skype, owned by Microsoft, is hoping to bring people over its service, especially in the midst of Zoom’s security and privacy issues.
— Skype (@Skype) April 3, 2020
In fact, researchers at the University of Toronto found that meetings on Zoom are encrypted using an algorithm with well-known weaknesses, and sometimes using keys issued by servers in China, even when meeting participants are all in North America.
According to The Intercept.com, these researchers found that Zoom protects video and audio content using a home-grown encryption scheme, that there is a vulnerability in Zoom’s “waiting room” feature.
They conclude, in a report for the university’s Citizen Lab — widely followed in information security circles — that Zoom’s service is “not suited for secrets” and that it may be legally obligated to disclose encryption keys to Chinese authorities and “responsive to pressure” from them.
• The New York Times: Zoombombing’ Becomes a Dangerous Organized Effort