Zoom’s security woes don’t seem to end any soon. As reported by The Washington Post, thousands of zoom video call recordings are available on the internet. This issue can be traced back to the way Zoom names its call recordings in an identical way.
Several Zoom recordings have been uploaded on Amazon Web Services buckets and one can search them on the internet using a search engine that searches through cloud storage. Moreover, the report also mentions that “thousands” of clips have also been uploaded on YouTube and Vimeo. Several videos had personally identifiable information as well as intimate conversations.
Zoom offers an option to hosts if they want to record and save the meeting and it is not recorded by default. The issue was notified to Zoom by the publishing house and the company is looking into the mater.
Zoom Generates Encryption Keys In China
In another report by The Intercept, Zoom has been found issuing encryption keys by servers located in China even when all the meeting participants are from America.
Researchers from the University of Toronto found that some of the Zoom’s key management servers, that issue encryption keys during meetings, are located in China. During the test, researchers found out that the shared meeting encryption key during a meeting “was sent to one of the participants over TLS from a Zoom server apparently located in Beijing.”
This raises security concerns as Zoom will be liable to share the keys with the Chinese government if required, as per the laws.
This adds to the Zoom’s ongoing security issues that have been increasing on a daily basis. Yesterday, the company issued an apology to its users and also applied a 90-days feature freeze wherein it will not roll out a new feature and would focus on fixing its security issues.
Amidst the rising concerns, you can use Zoom alternatives to evade any possible security lapse.