Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News
News Categories

Taiwan bans its agencies from using Zoom over security concerns

By Cookie Monster - on 9 Apr 2020, 12:00am

Taiwan bans its agencies from using Zoom over security concerns

Taiwan is reportedly one of the first governments to ban the use of Zoom by its agencies over the growing list of security and privacy issues. 

Bloomberg reports that the Taiwanese government banned its agencies from using Zoom as there are security issues. The decision was made a week after Citizen Lab revealed that Zoom routed data through servers in China. Taiwan sees solutions from Google and Microsoft as acceptable alternatives. Besides Taiwan, SpaceX and New York City's Department of Education have already banned the use of Zoom.

The Covid-19 outbreak around the world has forced many countries to adopt lockdown measures to minimise the spread of the coronavirus. This forced companies and employees to use video conferencing apps such as Zoom for meetings. 

However, recent studies and investigations done by cybersecurity researchers uncovered loopholes in Zoom's software. For example, The Intercept shared that Zoom meetings are actually not end-to-end encrypted, which means Zoom has the encryption keys to decrypt and access the data if it wants to.

Motherboard also discovered that the Zoom iOS app was sending analytics data to Facebook even if Zoom users don't have a Facebook account. The data includes details such as the time zone and city that Zoom users are connecting from, and a unique advertiser identifier created by the users' devices for companies to push targeted ads. Zoom released an update to the iOS app days later to fix the issue.

Patrick Wardle, an ex-NSA hacker and current principle security researcher at Jamf, found two zero-day bugs in Zoom that could allow hackers to take over the Mac's webcam, microphone and even obtain root access. 

These incidents prompted Zoom CEO Eric S. Yuan to issue a public apology and set a 90-day deadline to fix  these issues. The following day, The Washington Post reported that thousands of Zoom videos are exposed online because Zoom names every video recording in an identical way which can be easily searched. Investor Michael Drieu filed a class-action suit against Zoom for fraud around these security lapses.

Source: Bloomberg