Expert Pitch
University of Notre Dame

Zoom should be criticized for poor communication rather than privacy, security, Notre Dame expert says

9-Apr-2020 1:20 PM EDT, by University of Notre Dame

The video platform Zoom has experienced overnight success with offices and schools closed around the world due to the coronavirus pandemic. The increased usage has resulted in a string of security concerns, which, according to a University of Notre Dame cybersecurity and privacy expert, have largely been blown out of proportion.

Zoom is not dealing with a security and privacy crisis, it’s facing a communication and transparency crisis, according to Mike Chapple, associate teaching professor of IT, analytics and operations at Notre Dame’s Mendoza College of Business.

“Zoom’s recent privacy and security issues aren’t any more significant than those facing any other tech company, and Zoom has quickly moved to correct each one of them,” said Chapple, a former computer scientist with the National Security Agency. “The challenge Zoom faces is that they were a specialized niche company that was suddenly thrust into the role of a critical infrastructure provider overnight and they simply weren’t ready for the intense level of scrutiny that they’ve received as a result.”

Perhaps the most publicized of Zoom’s woes is the practice of ‘Zoombombing’ where people join unsecured Zoom calls and disrupt private conversations.

“These aren’t the result of a security flaw in Zoom,” Chapple explained. “Zoombombing occurs when people either don’t use a password to secure their Zoom meeting or give out the password on a public forum. You can protect yourself against this by following some simple best practices, such as not publishing your meeting password, using a waiting room to control access to your meeting and restricting screen sharing.”

Zoom also has been criticized for not offering end-to-end encryption for videoconferences, an approach Chapple says most people never use.

“It’s true that Zoom doesn’t offer this level of encryption,” Chapple said. “That’s because it’s technically very difficult to do so. Look at the other major videoconferencing providers. Skype, Microsoft Teams and BlueJeans don’t offer end-to-end encryption either. It’s simply not a reasonable security expectation. Cisco WebEx does offer an end-to-end encryption option, but choosing that option disables major features of the platform, including the ability to record a meeting.

Chapple points out that Zoom did make a major mistake in this area by publishing a false claim that the service supported end-to-end encryption. They’ve since apologized and published a technical description of exactly how their encryption works.

There also have been reports of Zoom video recordings appearing on public websites and cloud storage services, but Chapple says there is no indication this was Zoom’s doing.

“Zoom offers a recording feature to meeting hosts and discloses to all participants when a meeting is being recorded,” he said. “At the end of the meeting, the host gets a copy of the video file. If they post it on an open forum, it’s not reasonable to hold Zoom accountable for the meeting host’s actions.”

While researchers have identified a few security flaws in Zoom’s technology over the past few weeks, Chapple says that’s not unexpected for a platform suddenly thrust into the spotlight.

“The reality is that every software product has critical security flaws that we simply haven’t discovered yet,” he said. “Zoom reacted to each one of these with a patch that corrected the problem. That’s what any responsible technology company would do.”

Where Zoom really failed, according to Chapple, is with their pre-pandemic privacy policy.

“It contained some truly awful terms and conditions that basically granted the company the right to access private meeting information. After some scathing public criticism, Zoom revised their privacy policy to align with industry best practices.

"If you’re worried about the privacy and security issues at Zoom, don’t use the service. Personally, I’ve found Zoom to be a crucial part of my ability to teach and work from home. I’m comfortable that they’re focusing on correcting security issues quickly and have built a platform that is scalable, reliable, and secure.”




Filters close

Showing results

110 of 3462
Newswise: 244463_web.jpg
Released: 30-Sep-2020 3:45 PM EDT
Investigational COVID-19 vaccine well-tolerated, generates immune response in older adults
NIH, National Institute of Allergy and Infectious Diseases (NIAID)

A Phase 1 trial of an investigational mRNA vaccine to prevent SARS-CoV-2 infection has shown that the vaccine is well-tolerated and generates a strong immune response in older adults.

Newswise: Tufts University to lead $100M program to reduce risk of zoonotic viral spillover, spread
Released: 30-Sep-2020 2:10 PM EDT
Tufts University to lead $100M program to reduce risk of zoonotic viral spillover, spread
Tufts University

Tufts University will lead a $100 million, five-year program to understand and address threats posed by zoonotic viral diseases that can “spill over” from animals to humans, such as SARS-CoV-2, in an effort to reduce risk of infection, amplification, and spread, USAID announced today.

Newswise: Guiding Communities Through Alerts and Warnings for COVID-19, Other Emergencies
Released: 30-Sep-2020 1:55 PM EDT
Guiding Communities Through Alerts and Warnings for COVID-19, Other Emergencies
Homeland Security's Science And Technology Directorate

DHS S&T has been working with the FEMA IPAWS office and state and local response teams since early 2009 to develop effective alerts, warnings, and notifications programs, as well as identifying gaps in existing IPAWS alerting messaging.

Newswise:Video Embedded uw-researchers-driving-around-seattle-to-track-covid-19-response-over-time
VIDEO
Released: 30-Sep-2020 1:55 PM EDT
UW researchers driving around Seattle to track COVID-19 response over time
University of Washington

University of Washington researchers developed a project that scans the streets every few weeks to document how Seattle has reacted to the pandemic and what recovery looks like.

Newswise: 244496_web.jpg
Released: 30-Sep-2020 1:50 PM EDT
The ancient Neanderthal hand in severe COVID-19
Okinawa Institute of Science and Technology Graduate University - OIST

Since first appearing in late 2019, the novel virus, SARS-CoV-2, has had a range of impacts on those it infects.

access_time Embargo lifts in 2 days
Embargo will expire: 2-Oct-2020 12:15 AM EDT Released to reporters: 30-Sep-2020 1:50 PM EDT

A reporter's PressPass is required to access this story until the embargo expires on 2-Oct-2020 12:15 AM EDT The Newswise PressPass gives verified journalists access to embargoed stories. Please log in to complete a presspass application. If you have not yet registered, please Register. When you fill out the registration form, please identify yourself as a reporter in order to advance to the presspass application form.

Released: 30-Sep-2020 12:55 PM EDT
Study supports airborne spread of COVID-19 indoors
JAMA - Journal of the American Medical Association

New research from the University of Georgia supports growing evidence for airborne transmission of COVID-19 in enclosed spaces.

access_time Embargo lifts in 2 days
Embargo will expire: 2-Oct-2020 11:00 AM EDT Released to reporters: 30-Sep-2020 12:30 PM EDT

A reporter's PressPass is required to access this story until the embargo expires on 2-Oct-2020 11:00 AM EDT The Newswise PressPass gives verified journalists access to embargoed stories. Please log in to complete a presspass application. If you have not yet registered, please Register. When you fill out the registration form, please identify yourself as a reporter in order to advance to the presspass application form.


Showing results

110 of 3462

close
0.89608