With millions of people around the world stuck at home because of the coronavirus outbreak, businesses and workers from all sorts of fields have turned to videoconferencing apps such as Zoom. Zoom has been one of the highest-profile videoconferencing companies to gain popularity during the coronavirus outbreak. It's also had some very notable security issues. While end-users have been surprised by the security issues presented by Zoom, a new report claims that Zoom's business partners knew the company had security problems.
A new report claims that Zoom partner Dropbox knew for months that Zoom had security issues. The report, from the New York Times, claims that Dropbox knew a year ago that there was a significant security vulnerability in the videoconferencing app, which was used by Dropbox employees. The vulnerability was discovered by a pair of Australian hackers while on a flight to attend a live hacking competition sponsored by Dropbox in Singapore.
The major security issue with Zoom the hackers discovered could have allowed an attacker to take control of certain users' Mac computers without the users knowing. The NYT cites three unnamed former Dropbox engineers who say that the vulnerability the hackers found was precisely what Dropbox feared. Since Zoom was so widely used by Dropbox, the company took on the policing of security practices for the videoconferencing app itself.
Dropbox is said to have started privately offering rewards to hackers to find flaws in the Zoom software and that of other unnamed companies as far back as 2018. According to the former Dropbox engineers, the company was stunned by the volume and severity of security flaws that hackers discovered in the Zoom code. Making things even worse was Zoom's alleged slowness in fixing the issues that were discovered.
The report claims that it took Zoom more than three months to fix the security vulnerability that the hackers found while flying to Singapore. The issue was only fixed after another hacker publicized a different security flaw with the same root cause, according to the report. With security flaws in the software, the soaring popularity poses significant risks for a large number of people today that users need to be aware of. One such security issue was when the company was forced to admit that its data was "mistakenly" routed through China.
- > NEXT STORY: Google plans to design its own smartphone chips
- < PREVIOUS STORY: iPhone 12 leak claims smartphone still shuns USB-C