Until this year, Zoom was mostly a business tool associated with often dull, and frequently unnecessary meetings. Now, it’s a lifeline for keeping in touch, and has already gained more new users in 2020 than in the whole of 2019. Quite unsurprisingly, it’s also being put to use by people for altogether sexier purposes than the average PowerPoint presentation. But is it safe and secure? Can you really get your virtual rocks off with confidence?
Zoom’s popularity comes from its universality and simplicity, making it an obvious choice for interactive sex – both amateur and professional. But it has had more than one brush with the privacy police, and that’s making us a bit nervous.
For a start, in this age of BYOD (Bring Your Own Device), people could be using their work credentials to have some rather non-work related interactions. There are reports of ‘Zoom Sex Parties’ going on and that could lead to some information being shared that you probably wouldn’t want to go public.
A report from security researchers at Check Point found that 1,700 new Zoom domains have appeared since the start of the year, and a quarter of them were in the last week. Some will be legit, whereas many will be nefarious. That’s everything from simple phishing attacks right through to payloads of executable malware – all potentially horrendous for your tech health.
In a recent blog post, super-secure email provider Protonmail outlined its potential concerns about Zoom.
Among them, Protonmail says the ‘attendee attention tracking‘ feature is an obvious potential issue – it shows the meeting host if you’re not paying attention when they’re sharing the screen.
Additionally, remember that Zoom keeps a chat log and it’s not entirely clear who gets access to what – so don’t say or do anything you don’t want everyone on the call to know about – and possibly their boss.
Zoom openly admits to keeping data on your name, physical address, email address, phone number, job title, employer and so on, and linking it to your activity. In other words – it creates permanent links between you and whoever you call. Even if you opt not to use an account (which is an option) it’ll still record your IP address and device type, which is enough if someone is determined to track you down.
The answer begins: “Depends what you mean by ‘sell.'”
Do you find that encouraging? We didn’t.
Think that’s it? Sadly not. The Mac version of the app was found to create a temporary virtual server on your machine that wasn’t properly secured. This meant people could hack into private conversations. Again, it’s been fixed, but ‘slap-dash’ doesn’t even cover it.
Protonmail recommends using two different devices if you must use Zoom – one for the call, one for everything else. That way you’ll evade the attention tracker. Never ever use Facebook sign-in (good advice generally, we think) and remember to keep updating the Zoom app whenever you can, in case another surprise security blunder emerges.
Although we’re primarily talking about Zoom here, do’t think that other platforms are risk-free. Before you start anything that’s NSFW on a work tool – be it Zoom, Duo, Bluejeans, Teams, Slack or anything else – make sure your privacy is being protected, or your first day back in the office could involve a rather awkward in-person conversation with your boss.