There are quite a number of videoconferencing applications out on the internet today, from Google Hangouts and Microsoft Teams, to Zoom and Houseparty.
Many of these applications offer similar functionality and pricing, but may differ slightly in their approaches to security or privacy.
While these video chat apps are likely more needed now for both personal and business uses, it becomes more important that we also take stock of what we’re giving up to supposedly free services.
On one side, we have issues with security as a result of unscrupulous hackers capitalizing on the popularity of video chat apps due ot the coronavirus pandemic.
Cybercriminals are spending some time prepping fake sites and malware-laden payloads to snag unsuspecting users looking for the real deal. All it takes is one errant email or bad search, and you may end up getting compromised.
At the same time, apps themselves are starting to be more closely scrutinized because of their lax cybersecurity or misrepresentation of features it touts as having.
For the purposes of our discussion today, let’s focus on Zoom, which has grown in popularity and adoption ever since the pandemic forced people to stay in their homes.
Zoom is under fire for seemingly taking advantage of the term “end-to-end encryption” and marketing that as something it has in its white paper. According to a report from The Intercept, “the service actually does not support end-to-end encryption for video and audio content, at least as the term is commonly understood. Instead it offers what is usually called transport encryption.”
By this, it means, that while video and audio content sent over Zoom is private against people spying on your Wi-Fi, it isn’t private from Zoom itself.
Zoom is also said to be vulnerable to attackers taking your Windows credentials. In a report from Bleeping Computer, Zoom is susceptible to “UNC path injection in the client’s chat feature that could allow attackers to steal the Windows credentials of users who click on the link.”
Now, I could go on about Zoom’s other reported issues such as hackers Zoom-bombing a meeting with porn, for example, or about its attention-tracking system so bosses can ensure people are paying attention during a Zoom call.
The thing is, there’s a fine line to tread because there is no “saintly” video chat app. Free services trade your data, however anonymized it might be, to advertisers so they can earn money if you’re not paying for it directly.
At the same time, we need these apps for the purpose of connecting people we can’t normally see or get to. It really doesn’t seem great that we’re trading our personal security from emotional well-being, so to speak, but that’s what’s happening.
Sometimes, as hard as it is to accept, we just have to keep pushing forward with a hard decision, and making adjustments to compensate along the way. To that end, I recommend people wait for reviews of both the app and the legalese surrounding an app’s privacy and security policies – if they can – before settling on something your family and friends can use safely.
But if you can’t wait, at the very least, know what you’re getting into – no app will have the perfect blend of privacy and security, but some might just do better than others for your needs. – Rappler.com