Facing silly naming mistakes, 15,000 Zoom video conversations were exposed on the open web
This issue once again warns about the privacy and privacy settings of the Zoom app, especially as it becomes more and more popular.
According to a new report from The Washington Post, thousands of videos of Zoom meetings are being made public on the open web - allowing anyone to view them. These video calls include business talks, friends' conversations, telemedicine sessions, etc.These thousands of videos have been publicly uploaded due to Zoom's silly mistake.
Not only are they saved on Amazon's non-secure S3 cloud, these videos are also named by default in an identical way. Based on that, Washington Post security researcher Patrick Jackson was able to find 15,000 different videos with a simple search engine. However, the Washington Post does not disclose the default name Zoom uses for these videos.
To make matters worse, thousands of them were even uploaded to video sharing sites like YouTube and Vimeo - meaning everyone could watch them.
However, it is worth noting that these videos are uploaded due to a certain negligence from the user. These videos are usually saved in the user's computer, and seem to be accidentally uploaded onto the internet. Only paid users of Zoom can save videos on the company's cloud server, and the videos are not exposed like the clips above.
Even so, zooming names video so similarly that they are easily found on non-secure cloud platforms is a design flaw that is hard to ignore.
The Washington Post told Zoom about the issue, but it's not clear if this will change the way video titles are uploaded or whether they will be uploaded to Amazon's secure cloud services.
In a statement, Zoom said, " Zoom will notify meeting participants when the meeting organizer chooses to record the meeting, and provide a safe, secure method for the organizer. video conference. The meeting on Zoom is only recorded at the organizer's choice, either on the organizer's computer or on Zoom's cloud . "
" If later, the meeting organizer chose to upload the videos anywhere, we advised them to be very careful and transparent with the meeting participants, carefully considering whether Does the meeting contain sensitive information and the reasonable expectations of the meeting participants . "
While growing strongly due to everyone's need to work remotely, Zoom is experiencing a series of issues regarding its privacy and security capabilities. Just yesterday, Zoom had to fix issues related to malware that installed unauthorized software on MacOS, patched a flaw in the software, and suspected of revealing the user's LinkedIn profile. .
Zoom's security and privacy issues are so bad that the company has pledged to spend the next 90 days focusing on fixing these issues, instead of adding or developing new features.
You should read it
- Share experience in selecting and using cloud services effectively
- 4 free Cloud Gaming apps to help you play games right on your phone
- AWS and Azure dominate the cloud world, above all, no one wins
- SkyDrive and Google Drive - Where is the best cloud service for office people
- Private search engines replace Google
- Error on CPU seriously affects cloud storage services
- 5 effective file sharing cloud applications
- How to use AnyTrans for Cloud to manage cloud services
- How to store images and videos in the cloud
- The best 'cloud storage' data storage services today
- Cloud computing can develop in a relatively different direction in the next few years
- The NSA identifies 4 'critical' security vulnerabilities of cloud systems
Maybe you are interested
How to Create a Javascript Console in Sublime Text How to Implement a Stack Data Structure in C++ How to Compress Data Using Huffman Encoding How to Install Node.Js on Windows How to Install Titanium Studio on Linux/Ubuntu A critical flaw in Internet Explorer forced Microsoft to release patches for Windows 7