Zoom's Security Woes Were No Secret to Business Partners Like Dropbox

[InfoSec News <alerts () infosecnews org>]

https://www.nytimes.com/2020/04/20/technology/zoom-security-dropbox-hackers.html

By Natasha Singer and Nicole Perlroth
nytimes.com
April 20, 2020

One year ago, two Australian hackers found themselves on an eight-hour 
flight to Singapore to attend a live hacking competition sponsored by 
Dropbox. At 30,000 feet, with nothing but a slow internet connection, they 
decided to get a head start by hacking Zoom, a videoconferencing service 
that they knew was used by many Dropbox employees.

The hackers soon uncovered a major security vulnerability in Zoom’s 
software that could have allowed attackers to covertly control certain 
users’ Mac computers. It was precisely the type of bug that security 
engineers at Dropbox had come to dread from Zoom, according to three 
former Dropbox engineers.

Now Zoom’s videoconferencing service has become the preferred 
communications platform for hundreds of millions of people sheltering at 
home, and reports of its privacy and security troubles have proliferated.

Zoom’s defenders, including big-name Silicon Valley venture capitalists, 
say the onslaught of criticism is unfair. They argue that Zoom, originally 
designed for businesses, could not have anticipated a pandemic that would 
send legions of consumers flocking to its service in the span of a few 
weeks and using it for purposes — like elementary school classes and 
family celebrations — for which it was never intended.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_