Seemingly everyone knows about Zoom now: parents, co-workers, friends, grandparents, and neighbors. The videoconferencing software company that went public last year is having a moment during the pandemic.
People have flocked to the service to keep up with friends, build digital clubs, and even host weddings.
However, in this time of immense growth, researchers and journalists have scrutinized the app and found multiple security and privacy risks. People are realizing the free app might actually come with the cost of giving up their personal data.
The app’s main selling point, at least to the broader consumer world, is that it offers free, 40-minute conference calls with up to 100 attendees. It’s easy to use — people don’t need a login to access a meeting — and the interface is relatively intuitive.
However, those same features put people at risk.
Zoombombing, for one, has taken advantage of Zoom’s system of randomly generated ID access codes and lack of required passwords to join a call. People drop into Zoom calls that aren’t their own and broadcast offensive material, like pornography.
One automated tool developed by security researchers can find around 100 Zoom meeting IDs in an hour and information for nearly 2,400 Zoom meetings in a single day of scans, just as an example of how easy it can be to find meetings to join. Zoom says passwords have been enabled by default since late last year, but many people still aren’t using them.
That’s not the only risk with Zoom.