https://www.nytimes.com/2020/04/20/technology/zoom-security-dropbox-hackers.html
By Natasha Singer and Nicole Perlroth
nytimes.com
April 20, 2020
One year ago, two Australian hackers found themselves on an eight-hour
flight to Singapore to attend a live hacking competition sponsored by
Dropbox. At 30,000 feet, with nothing but a slow internet connection, they
decided to get a head start by hacking Zoom, a videoconferencing service
that they knew was used by many Dropbox employees.
The hackers soon uncovered a major security vulnerability in Zoom’s
software that could have allowed attackers to covertly control certain
users’ Mac computers. It was precisely the type of bug that security
engineers at Dropbox had come to dread from Zoom, according to three
former Dropbox engineers.
Now Zoom’s videoconferencing service has become the preferred
communications platform for hundreds of millions of people sheltering at
home, and reports of its privacy and security troubles have proliferated.
Zoom’s defenders, including big-name Silicon Valley venture capitalists,
say the onslaught of criticism is unfair. They argue that Zoom, originally
designed for businesses, could not have anticipated a pandemic that would
send legions of consumers flocking to its service in the span of a few
weeks and using it for purposes — like elementary school classes and
family celebrations — for which it was never intended.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
