If like many people's due to the lockdown your boss or yourself has decided to work remotely, the security of your clients or employee's information must be your priority.
The Federal Trade Commission (FTC) has investigated the largely used conference and meeting app named ZOOM and has revealed some important security issues that were not reflecting their alleged security and privacy standards.
According to Zoom's security standards from 2016 to 2019. All sessions were supposed to be encrypted end-to-end using 256-bits encryption, however, they were not, instead, there were weaker security protocols, the sessions were accessible by Zoom's team, and vulnerability had been discovered allowing potential data leaks and undesirable access to the sessions.
What mean end-to-end encryption
According to the official definition, it stipulates that; "End-to-end encryption is a system of communication where only the communicating users can read the messages.".
The main purpose of end-to-end encryption is to prevent potential eavesdropping from occurring, this includes; telecommunication providers, Internet service providers, and even the provider of the service itself from being able to access the cryptographic keys required to decrypt the conversations of the users.
How does it happen
Zoom went from 10 Million users in 2019 to 300 Million users in 2020 which has brought crazy amounts of attention to them including the FTC which have a role to protect us the consumers.
The FTC has alleged that Zoom has compromised the security of there users by uploading to their app without pre-notice an extension called "ZoomOpener" which was allowing the app to deploy itself without prior-notice on the user-side, which have to lead to a bigger investigation of there the whole platform.
They also have alleged that the app could no longer be deleted once installed which wasn't adequately disclosed in their terms.
What have been done
As human beings between human beings, they have come to a settlement without having to charge them any fine, perhaps if they get caught again, they will have to pay the tremendous price of $43,280 for each violation.
This agreement consists to offer the best potential to both parties. As they don't have to pay a charge they can improve their security more efficiently for their users and the Federal Trade Commission has made it clear enough that they don't want it to happen again.
The FTC will publish a description of the consent agreement package in the Federal Register soon. The agreement will be available and subject to public comment for 30 days after publication in the Federal Register after which the Commission will decide whether to make the proposed consent order final. Instructions for filing comments will appear in the published notice. Once processed, comments will be posted on Regulations.gov.
When has it been published
On the date of November 9, 2020, the FTC has published their Investigation report on FTC.gov and we are currently waiting for the update from Zoom which should be sent back in the next 30 days.
The details will be added once that we will know more about it.
The Federal Trade Commission is a governmental website and we are not officially partnered with them in any way.
I do want to mention perhaps that I have a lot of respect for what they are doing and I encourage them. We both have in common a passion for helping people to stay safe online with the power of teaching helpful pieces of information.
To be updated about the new details concerning this case and receive fraud prevention tips you can subscribe to the FTC newsletter and/or ours.
conclusion
The FTC has made their investigation and discovered multiple security flaws and misleading security standards on Zoom.
They have deposed a complaint and later came to a settlement arrangement.
A delay of 30 days has been introduced to implement proper security.
You can subscribe to the FTC's or our Newsletter for Fraud prevention tips and the new security of Zoom.
Zoom will soon be safer than ever for everyone!
Read our others articles!
Became a member !
Join Us on Discord
Meet people's like you who share the same interest,
Discover Hundred of Tools, Software, and Applications to help you stay secure online!
MRichard333
We believe that everyone should have the right to have a Peaceful online experience without any inconvenience or stress,
We Strive to offer you the best experience and satisfaction!