Video calling has long been an option to kill the longing for friends and family, but with the global pandemic that today affects everyone – about 20% of the global population today lives in a quarantined state – video communication has exploded in popularity. WhatsApp, Skype, Zoom, Google Duo, Facebook Messenger, FaceTime … The options are endless!
But Zoom, probably, is that application that you had never heard of before covid-19 and that is now in the mouth of many not only for its ease of use, but also for its recent security problems.
Zoom was, until then, an application of major use in companies for remote meetings. Since the start of social distance measures, the app has grown in popularity: 418% in just two months! That popularity, however, started to put its security in check.
On April 1, despite looking like a prank, the FBI warned that several video calls on Zoom were being hacked and hateful content and even pornography were being disseminated.
Now, imagine that several of these calls happened between teachers and students of elementary schools, which takes the problem to another level. The problem here is that, by default, calls via Zoom did not have a password and anyone who got the “id” (unique number of the call, something like a CPF of the call) could access and do whatever they wanted. Today, every Zoom call is created, by default, with a password, which drastically reduced this type of problem.
As if that weren’t enough, the day after the FBI statement, Zoom admitted that its end-to-end encryption doesn’t really mean what most people thought. To better understand what this means, let’s take WhatsApp as an example.
WhatsApp uses true end-to-end encryption, which means that as soon as you press the send button on your phone, the message is still encrypted on your device, goes through WhatsApp servers, arrives on your recipient’s phone, is decrypted and, finally, read. This means that not even WhatsApp can read your messages.
The video call with Zoom, however, is encrypted on your device, received on the Zoom servers is then decrypted, before being encrypted again to be sent to the end user. This means that Zoom, despite making it clear that it does not analyze or watch any calls, in theory could see the entire content of any link.
It is important to make it clear that in order to chat with friends you haven’t seen in a long time, throw an idea away or miss your family, Zoom is perfectly safe. There is no need to uninstall the app or feel insecure using it if your contacts are. However, to discuss sensitive or confidential topics, the situation is more complicated. Discussing issues that shouldn’t be public, like something related to your company or even anything related to personal data or money, should perhaps be taken to other platforms.