Recently many countries of the world have declared lockdown due to coronavirus pandemic. During this time, most companies have announced work from home for their employees. Many companies are currently using Go-to video conferencing platforms for meetings. Also, many universities and colleges are using the platform to continue the semester curriculum.
When we talk about the video conferencing platform the first thought comes of Skype or Google hangout but we are wrong. Zoom Videoconferencing, an American company, has seized the market. Surprisingly the App becomes the most downloaded app in India dethroning WhatsApp and TikTok. But you may not know that Zoom is exposing your data. Yes, recently the company comes in a limelight, not due to its increasing downloads and userbase but also due to the security issues and flaws.
Not End-to-End Encrypted
First, we need to know what is End to End Encryption also abbreviated E2EE. Ine say words when any application or communication medium is End to end encrypted it means there will be no point of eavesdropping or in other words, the communication occurs only between the sender and receiver means no other third party can snoop in your conversation. For example, you notice that WhatsApp always mentions that your chat is end to end encrypted.
Zoom acknowledge that there App is end to end encrypted. But the reality is it is an elephant -tusk. The fact it the company only offers end to end encryption only for text chat.
Major Security Issue
Recently, various users have been addressing this problem where they are seeing random email addresses of people and profile pictures. It is a widespread flaw in the application and can also be very dangerous. Exposing email addresses can cause massive spam in your inbox. But the biggest danger is that a user can make a video call to a random person whose profile is visible.
But it is not a flaw, the company claims it is a feature called Company Directory which accumulates all the email address with the same domain name mainly the company recognizes similar domain name ending as people are working on the same company. Unfortunately, the feature comes out as a major flaw for the application. After the issue emerges, the company is giving the option to turn off the directory listing feature.
How Zoom Video Calls Work
Zoom video calls used the combination of TCP and UDP. You may hear before about TCP. It is known as a Transmission Control Protocol and it is a standard that defines the transmission of network conversation. Not going to so deep, you just need to know it is used for organization data which ensures the secure transmission of data between the client and server. The TCP connection is made using TLS known as Transport Layer Security.
UDP is known as a User Datagram Protocol which is an alternative for TCP but is less reliable. In application, UDP connections are encrypted with AES using a key negotiated over a TLS connection. From the facts, we can conclude that only text chat is an end to end encrypted and not your video calls.
The finals words are zoom video calls do not end to end encrypted but that does not mean that anyone can have access to your data. But the company itself can access your content. Zoom makes claims about privacy and all the criteria on its website but after the fact that all the information provided by the company is misleading and not true in any way.
Stay tuned with Techistaan to get unbiased smartphone & gadgets reviews and latest tech updates.