Over the weekend, I have received an email with an attachment containing an internal communications from one of the major telecommunications companies in the country that announced the labelling of Zoom as malware and blacklisting it from their internal network. This definitely caused panic! Why would they do this? Is Zoom really that bad?
I have been using Zoom since last year, not by personal choice, but because a partner university in the US, UC Davis, uses it. Our regular meetings were done online, since traveling back and forth is time consuming and expensive. Yes, Zoom is very easy to use, it is cross-platform, and has a lot of interesting features. Personally, I would have preferred using Apple’s FaceTime, but not everyone uses an Apple device. BTW, Group FaceTime is not appropriate for professional meetings since the UI is too whimsical (though I wish Apple provides an alternative layout to make it a bit more professional).
Going back to Zoom, its unexpected popularity as a preferred platform, besting the long established Cisco Webex, Google Hangout Meet, and Skype, painted a huge bull’s eye at its back. The security and privacy missteps of Zoom were rapidly discovered and disclosed by security researchers — and being popular, also made it a prime target for media outfits to drive traffic to their sites and generate views (and revenue via their favorite ad tech!).
The attention Zoom is getting is good for its customers! Zoom can ignore these security and privacy issues, and continue doing what they do best (and violate customers’ trust), but instead, they did the right thing by addressing their shortcomings! And I must say that they are quick to do so, even if they are still lacking in some, like encryption. For those who are understand software, doing a huge change such as changing the encryption algorithm is not an easy task that you can do overnight. Zoom, as per their CEO, is committed to regaining its customers’ trust (though I wish this isn’t an April Fool’s joke). Frankly, Zoom is in full, head-on, damage control!
What issues did Zoom address? I can list them here, but Glenn Fleishman of TidBITS.com has done an excellent job already at “Every Zoom Security and Privacy Flaw So Far, and What You Can Do to Protect Yourself”. I highly recommend that you read it.
Going back to the telco’s blacklisting of Zoom, I would say that this is overacting on their part, and a hypocritical move, too. Why? Most of the security and privacy issues have been quickly addressed already. Some that are left are encryption and the “accidental” routing of traffic through China (which they’re addressing as I type). If they are worried about Zoom, they should be equally worried about using Android within their corporate network, unless they issue their employees with the latest Android models with the latest Android version! They should also be worried about the use of Facebook for Business (or was that for Enterprise) — if I remember correctly, it is being used internally as well. China? I would bet that they’re using services owned or operated by Chinese companies. I find it a knee-jerk reaction that needs a revisit, but then again, I commend them for erring in favor of security and privacy.
Personally, knowing the limitations of Zoom, I can and will continue using it, after configuring the account with the proper settings, and blocking whatever trackers are left. When I can, I’d rather use Apple’s FaceTime, or for cross-platform, I’d use Signal and Wire.
What about alternatives? Microsoft Teams, Skype, and Google Hangout Meet, are alternatives that you may want to consider, but they’re no saints as well (yes, Pi-Hole blocks their trackers!). Cisco Webex? A potential candidate, but seeing what Webex video looks like on CNN — I’d say pass. How about the open source, Jitsi Meet and BigBlueButton? I have tried both, both have potential, but they’re nowhere near Zoom’s ease of use and quality (also good luck self-hosting and scaling it up to 300 participants per meeting for a thousand concurrent meetings for your organization).
Finally, I’d say read Fleishman’s article, then decide whether Zoom is for your organization or not. For personal use in communicating with family and friends, I’d say use Apple’s FaceTime and Signal or Wire!