Zoom video conferencing app has become the new ‘it’ thing in the market as people have been forced to work from home by coronavirus. The heavy responsibility of keeping everyone connected and making sure that industries are still working, has fallen over Zoom’s shoulder, which seems to be struggling with it given the security concerns that have been raised regarding the app. In the latest update, Zoom has come out with an apology, connected to accusations of some calls being routed through China. The company has also offered an explanation for this.
Citizen Lab researchers found that some calls in the region of North America were being routed through China, along with the encryption keys to secure those calls. Therefore, due to the lack of end to end encryption on the service(as opposed to what Zoom claims), the Chinese authorities can ask Zoom to turn over encryption keys to video calls that have been made on the platform, giving them access to vital information about US companies.
Zoom’s CEO, Eric Yuan, has offered an apology and cited “heavy influx of users” as the reason for this “mistake”. He said that due to the persistent pressure of new users on the platform, Zoom “mistakenly” allowed two of its Chinese data centers to accept calls as a backup, as it the policy in the event of network congestion.
According to TechCrunch, Eric Yuan said that Zoom client generally tries to connect to a server close to the location of the client itself. However, in case of network congestion, it can access secondary servers which are a part of a secondary server list. Therefore, generally North American calls are connected to North American servers, with the exception of the server being overcrowded in which case they are connected to the nearest server with capacity.
China however, is deemed as a threat by many companies especially due to its unpleasant data security history with the US. But, given that the company expanded server capacity in China rapidly, they have been “whitelisted” by the company despite of security concerns and in limited cases, calls from the US get connected to those servers.
The company has admitted its fault and said that it will take back the “whitelisted” Chinese servers from the mix. Moreover, it said that users on the company’s dedicated government plan were not affected by the accidental rerouting.
Zoom has just announced that it reached 200 million daily video call users, even though the company is fighting against security concerns. Zoombombing has become the noose around the company’s neck, with Tesla even announcing that it won’t use the app since it is not secure.