90 Miles From Tyranny : Zoom routed calls through China and lied about encryption technology, report alleges

infinite scrolling

Friday, April 10, 2020

Zoom routed calls through China and lied about encryption technology, report alleges


  • Zoom is facing widespread criticism as report reveals that calls have been routed through China.
  • Zoom has also come under fire as questions of their privacy policies and general security have been raised.
As coronavirus has forced students, professors, and employees inside their homes, video-conferencing has become the new norm for classroom lectures, business meetings and almost any function that demands face-to-face interaction. Students across America have made a sudden transition to using Zoom for their classroom lectures, a company that is currently being sued for failure to fully disclose privacy policies.

Zoom has recently been called out for routing meetings through China.

An April report from the Citizen Lab revealed that some calls originating from North America were routed through servers in China, along with the encryption keys for the calls, “even when all meeting participants, and the Zoom subscriber’s company, are outside of China.”

“While Zoom is headquartered in the United States, and listed on the NASDAQ, the mainline Zoom app appears to be developed by three companies in China,” explains the report.

The same report reveals that Zoom used dishonest marketing schemes to mislead its users, revealing that while Zoom promises end-to-end (E2E) encryption for video and audio, it actually only provides “transport” encryption.

This means that rather than the users controlling their encrypted information, Zoom controls it, giving the company access to meetings.

Zoom has also allegedly leaked personal email addresses and sent user data to Facebook, such as their phone model, when they were using the app, and more--- prompting a class-action lawsuit.

According to Bloomberg, the lawsuit cites that Zoom’s privacy policy failed to state that the company sent data to third parties. The complaint states that Zoom’s “Wholly inadequate program design and security measures have resulted, and will continue to result, in unauthorized disclosure of its users’ personal information.”

While Zoom claims to have taken necessary precautions and made corrections, some students have voiced concern for their privacy.

Campus Reform spoke to students whose classes have transferred to Zoom due to the coronavirus crisis.

Widener University student and Campus Reform Correspondent Mickey Mertz expressed concerns over Zoom’s alleged negligence.

“I use Zoom for all my classes. Though the information discussed during these lessons are not top-secret information, I’m a bit worried about what personal data can be collected through a Zoom call,” Mertz said in an email to Campus Reform.

Jesse Stiller, another correspondent and student at the College of New Jersey, told Campus Reform that knowing this is “unsettling.”

“It should concern all users that Zoom is lying about their end-to-end encryption and that the government of China can demand any and all calls for any reason if they choose to do so,” said Stiller, adding that it is “somewhat relieving” that Zoom is being investigated. “Zoom needs to be clear with their users and forthcoming with their policies.”

While concern over Zoom’s dishonesty is widely shared, some researchers are optimistic that students are safe and that access to important personal information does not pose a monumental threat to common citizens.

Cybersecurity researcher Caleb Purcell told Campus Reform that Zoom has been "rightly scrutinized" for its carelessness, but that he is confident that everyday users are safe.

“Privacy is currently at the forefront of security concerns, and so Zoom did make a mistake here. They have been scrutinized, and rightly so,” said Purcell. “But should the average citizen be worried? No. The real concern is that - for calls routed through China - the Chinese government could theoretically force Zoom to hand over decrypted call data,” he added, saying that he is not aware of any instances in which that has been the case.

When asked about Zoom’s misleading end-to-end encryption claims, Purcell acknowledged that the company deserves blame.

“Zoom made a mistake here - this time redefining end-to-end video encryption for marketing purposes… They have been properly scrutinized,” he said.

Purcell urges users to consider their reasons for using...

Read More HERE

1 comment:

Anonymous said...

This what happens when you outsource the engine of your economy to a foreign power so that "capitalists" can expand their bottom line. Dumbest economic move ever.

Nemo