Zoom app sends data back to Facebook

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Zoom's privacy policy isn't explicit about the data transfer to Facebook at all.
As people work and socialize from home, video conferencing software Zoom has exploded in popularity. What the company and its privacy policy don't make clear is that the iOS version of the Zoom app is sending some analytics data to Facebook, even if Zoom users don't have a Facebook account, according to a Motherboard analysis of the app.

This sort of data transfer is not uncommon, especially for Facebook; plenty of apps use Facebook's software development kits (SDK) as a means to implement features into their apps more easily, which also has the effect of sending information to Facebook. But Zoom users may not be aware it is happening, nor understand that when they use one product, they may be providing data to another service altogether.

Further details at VICE.
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
We originally implemented the “Login with Facebook” feature using the Facebook SDK for iOS (Software Development Kit) in order to provide our users with another convenient way to access our platform. However, we were made aware on Wednesday, March 25, 2020, that the Facebook SDK was collecting device information unnecessary for us to provide our services. The information collected by the Facebook SDK did not include information and activities related to meetings such as attendees, names, notes, etc., but rather included information about devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space.

Our customers’ privacy is incredibly important to us, and therefore we decided to remove the Facebook SDK in our iOS client and have reconfigured the feature so that users will still be able to log in with Facebook via their browser. Users will need to update to the latest version of our application that’s already available at 2:30 p.m. Pacific time on Friday, March 27, 2020, in order for these changes to take hold, and we strongly encourage them to do so.
 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
More Zoom news - Administrators and User Tracking & Attendee Attention-Tracking

 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
More bad Zoom news -




The last link, about the UK government using Zoom and what that idiot Johnson shared in a screenshot made me laugh. Digital security? U're havin' a laff, inya.

But, this is my government and my fellow citizens digital security!:(
 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
I hope nobody here has any investments in Zoom!




 
Last edited:

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
More Zoom & Gloom -




From the Krebs on Security article - "By far the largest group of companies exposing their Zoom meetings are in the technology sector, and include a number of security and cloud technology vendors. These include at least one tech company that’s taken to social media warning people about the need to password protect Zoom meetings!"
 
Last edited:

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
"By far the largest group of companies exposing their Zoom meetings are in the technology sector, and include a number of security and cloud technology vendors.

The people who should know about tech not investigating/understanding the software yet still using Zoom with its many problems. They should have done their homework and warned employees before using an app full of holes! Unbelievable! But not!
 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
Anyone here still using Zoom?!

"A recent analysis of the Zoom video conferencing application revealed that the keys used to encrypt and decrypt meetings may be sent to servers in China, even if all participants are located in other countries."


"Over the past few weeks, Zoom's use has exploded since it became the video conferencing platform of choice in today's COVID-19 world. (My own university, Harvard, uses it for all of its classes. Boris Johnson had a cabinet meeting over Zoom.) Over that same period, the company has been exposed for having both lousy privacy and lousy security. My goal here is to summarize all of the problems and talk about solutions and workarounds.
In general, Zoom's problems fall into three broad buckets: (1) bad privacy practices, (2) bad security practices, and (3) bad user configurations."


 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
Apparently this has since been plugged and no longer an issue, but not sure if this is true or not.

~LDogg
Which of the numerous issues with Zoom are you referring to as being plugged? I am aware that some have been fixed and I feel that I should have posted about that rather than just adding to the list of negative points about their app, to be fair.
 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
Which of the numerous issues with Zoom are you referring to as being plugged? I am aware that some have been fixed and I feel that I should have posted about that rather than just adding to the list of negative points about their app, to be fair.
A step that Zoom have taken to clean up their act -
Zoom removes meeting IDs from client title bar to boost security

"A new update to the Zoom client has been released that removes the meeting ID from the title bar when conducting meetings to increase security and to prevent them from being exposed in screenshots."

 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
814
"Thousands of compromised Zoom credentials were discovered in underground forums as cybercriminals look to tap into the burgeoning remote workforce.
Researchers have uncovered a database shared on an underground forum containing more than 2,300 compromised Zoom credentials.
The database contained usernames and passwords for Zoom accounts – including corporate accounts belonging to banks, consultancy companies, educational facilities, healthcare providers and software vendors. Some of the accounts included meeting IDs, names and host keys in addition to credentials."

 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top