Millions of Zoom video recordings left exposed allowing strangers to watch personal video chats online – the sun, thesun.co.uk
1.2k Views
THOUSANDS of Zoom videos including confidential therapy sessions are viewable online exposing a major security flaw in its software.
The video chat app has exploded in popularity and now boasts million daily users due in large part to the coronavirus lockdown around the world.
Thousands of Zoom videos which have been recorded by hosts are viewable online in a major security flaw : Credit: Zoom
But while people have enjoyed the simplicity of the platform, Zoom’s bosses have admitted they were not prepared for the unprecedented surge in traffic due to the pandemic.
And a report by the Washington Post has shown that videos recorded through the app’s software have been saved onto a separate storage space without a password.
In fact, the clips can be found and downloaded by anyone with a simple online search.
According to The Post, the problem lies in the way Zoom names each recorded file in an identical way – however the news outlet has chosen not to reveal the naming convention.
SECURITY FLAW EXPOSED
Videos are not recorded by default however other users are not asked for their consent when the host of the chats hit the save button.
However, everyone in the group does receive a notification when the record button is pressed.
Lots of the videos can be easily found on popular Amazon storage space, known as buckets.
Many users make the storage space accessible meaning they can be watched and downloaded by others.
Footage viewed by the Post include private therapy sessions, business meetings discussing company finances and school classes involving small children.
(1) The video chat platform now has million daily users worldwide Credit: PA: Press Association
One video involved a tutorial on how to give a Brazilian bikini wax and featured nudity.
The key flaw in the software is not having users create their own unique file name while saving their own videos, the report says.
In a blog post this week, Zoom chief executive Eric Yuan admitted the company, founded in , did not expect to become the most popular app of its kind in the US in a matter of a few weeks.
He wrote: “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home.”
Mr Yuan said the new user base was using Zoom in a number of “unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived.”
(VIRUS CRISIS) UK death toll overtakes China’s official tally as fatalities reach 3,
He apologized for the falling short on “privacy and security expectations” and said the firm would be freezing new features for three months and instructing its techies to fixing the security flaws. “
In a statement the company said it “provides a safe and secure way for hosts to store recordings” and provides guides for how users can enhance their call security.
“Should hosts later choose to upload their meeting recordings anywhere else, we urge them to use extreme caution and be transparent with meeting participants, giving careful consideration to whether the meeting contains sensitive information and to participants’ reasonable expectations.”
GIPHY App Key not set. Please check settings