Important Zoom Update May 30th
This is a mandatory update which fixes some of the newest security issues. Use this link to find the latest version Version 5.0.4 (25694.0524) It also includes new Administrator, Web Client, Developer Feature, all details here.
“AES 256-bit GCM encryptionZoom Official Website
Zoom is upgrading to the AES 256-bit GCM encryption standard, which offers increased protection of your meeting data in transit and resistance against tampering. This provides confidentiality and integrity assurances on your Zoom Meeting, Zoom Video Webinar, and Zoom Phone data. GCM encryption requires Zoom client or Zoom Rooms version 5.0 to join any meeting. “
Is Zoom Safe? – Introduction
In the age of a global lockdown where vast numbers of people are having to work from home and even schools and universities have switched to working online, technology has taken up an even more prominent role in our lives.
And one particular piece of technology that has become emblematic for the pandemic the world is still facing is Zoom. Zoom is cloud-based software that provides communication solutions via videotelephony and online chat services. It has by far become one the most popular means for distance education and teleconferencing, but it’s even also used as a means for people to socialize.
However, with this program enjoying such massive usage, concerns have risen regarding how well-equipped it is in terms of safety and security. Specifically, in this article we would like to discuss how safe Zoom is for Mac computers.
Is Zoom Safe? – Security vulnerabilities
Zoom has acknowledged having some security issues specifically with Mac OS, but the company was very quick to respond to them. One particular problem was that Zoom was using a workaround to bypass Apple’s restrictions, which is tactic often used by Mac OS malware. And as a result, users were actually installing Zoom without giving the program their final consent for it.
Nevertheless, the company’s CEO addressed the issue publically, and within a matter of days a fix was already on the table. Furthermore, Zoom announced a 90-day pause for feature updates specifically in order to deal with other security issues. Conversely, another one of these is the phenomenon of so-called ‘Zoombombing’, where pranksters suddenly crash Zoom conferences with adult or shock videos.
Is Zoom Safe? – What has happened so far
Zoom first launched in 2011 by current CEO Eric Yuan and up until this year, it was a fairly modest company. In 2012 it officially became known under the name it has today (originally it was founded as Saasbee) and signed Stanford University as its first client. And only six months later, Zoom was celebrating 1 million users.
With the help of key investors like Facebook and Waze, the company’s customer base grew exponentially and in 2014 it already had 10 million users. And by 2016 Zoom had already integrated its software with other major players on the market like Slack and Skype for Business. And as time went by, the amount of participants per conference grew from the initial 15 to 25, then 50 and now up to a whopping 1,000 participants for businesses.
Now fast-forward to 2020, Zoom’s usage expanded immensely, with a record number of downloads in a day in March reached 2.13 million! And the daily average users by the end of April 2020 was up to 300 million, compared to the 10 million in December 2019. And one of its most recent developments, which we will elaborate on further in this article, was the purchase of encryption-specialized company Keybase.
Is Zoom Safe? – Mac Privacy
A number of privacy issues have come to light over the past few weeks alone. As was already mentioned earlier on in this post, users personal information was collected and used for target advertising. Furthermore, the Zoom app on Apple iOS devices would send information to Facebook – and that even if the user didn’t have a Facebook account. The data included things like the make and model of the device, the time when the app was opened, personal details of the user, etc. These things are now in the past as of late, but Zoom does still employ third-party trackers to gather data.
One thing that is also seen as a privacy issue has to do with the fact that Zoom meetings can be recorded and stored. What’s more, the service can even make transcripts of conferences without users knowing about it. Then there’s also the fact that text messages are saved and users are not notified about this either. So if within a meeting there’s a chat between two individuals (i.e. the rest cannot see this chat), the initiator of the meeting will be able to read the chat history after the meeting is over.
Is Zoom Safe? – Mac Security
Last year there was an unprecedented confrontation between Apple and Zoom, where the former had threatened to mass-delete Zoom apps from Mac computers. The reason? It turned out that Zoom actually had a hidden web server specifically on Mac OS computers that provided the application with access to the webcam without users even being aware of this. This feature has since been removed, though.
Zoombombing, as also mentioned, has become a very serious issue. It has even led to many large organizations and even government agencies banning the use of this software. And in the USA, the FBI has even issued an official warning for schools in this regard. But Zoom is taking measures to counteract this problem by introducing AES 256-bit GCM encryption. You can read a little more about what that is and why it’s effective here: And by the end of May 30th, the company claims to have system-wide account enablement with GCM.
Zoom Mac Configuration
Anyone who has ever used Zoom will tell you that its configuration isn’t exactly the easiest thing to handle right off the bat. There are a lot of functionalities and many features to pay attention to, so it’s easy to let something slip. And one such thing people often let slip was the use of passwords.
Up until the outcry against the aforementioned ‘zoombombing’, passwords weren’t mandatory. And so this made it possible for pranksters to use software and find active meetings to crash. Now, Zoom meetings are officially password-protected for everyone, at all times.
Zoom has been surprisingly quick and efficient when reacting to all the complaints that have come their way. It’s understandable that with such a massive increase in usage issues were bound to arise, and so far the company has done admirably well in responding with adequate measures and a mature, responsible overall approach.
For instance, the preinstall issue we described earlier where the Zoom app wouldn’t require users’ final consent to be installed in Apple’s Mac OS was addressed by the CEO. Publically. On Twitter. And not only that (as we’ve all seen examples of nonsense tweets by influential people), but two days after that post, the problematic feature was removed.
In addition, to counteract all the security issues that have come to light and have already been pointed out in this post, the company went as far as to purchase Keybase in order to have its very own encryption solution.
And there’s a much-anticipated Zoom 5.0 version for Mac OS that is supposed to have a whole bunch of improvements, including the latest encryption standard. Furthermore, extra password protection layers will be implemented, including cloud-recording passwords, mandatory meeting passwords and others. It’s also fantastic that the company is good at communicating these changes with its customers. And you can read all about the new features and functions of the app on the company’s blog.