Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 11 submissions in the queue.
posted by Fnord666 on Monday April 13 2020, @06:48AM   Printer-friendly
from the not-a-great-choice dept.

Zoom admits data got routed through China - Business Insider:

In a statement late Friday, Zoom CEO Eric Yuan admitted to mistakenly routing calls via China.

"In our urgency to come to the aid of people around the world during this unprecedented pandemic, we added server capacity and deployed it quickly — starting in China, where the outbreak began," Yuan said. "In that process, we failed to fully implement our usual geo-fencing best practices. As a result, it is possible certain meetings were allowed to connect to systems in China, where they should not have been able to connect."

He did not say how many users were affected.

During spells of heavy traffic, the video-conferencing service shifts traffic to the nearest data center with the largest available capacity – but Zoom's data centers in China aren't supposed to be used to reroute non-Chinese users' calls.

This is largely due to privacy concerns: China does not enforce strict data privacy laws and could conceivably demand that Zoom decrypt the contents of encrypted calls.

Separately, researchers at the University of Toronto also found  Zoom's encryption used keys issued via servers in China, even when call participants were outside of China.

[...] Zoom has faced multiple high-profile security issues in recent weeks as it struggles to cope with an unprecedented surge in traffic and new users.

Zoom did not immediately respond to Business Insider's request for comment and clarification.

Previously:

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2, Disagree) by MostCynical on Monday April 13 2020, @08:05AM (2 children)

    by MostCynical (2589) on Monday April 13 2020, @08:05AM (#981878) Journal

    Soi the Chinese now know (possibly) the IP and MAC addresses of a few people.

    If unencrypted, they may also know that CR038 failed two of the end-to-end test cases.

    If your company is working on cutting-edge research and/or development, use properly tested, encrypted software (or have your company ban using zoom - cf Tesla)

    Otherwise, so what?

    --
    "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
    Starting Score:    1  point
    Moderation   0  
       Disagree=1, Total=1
    Extra 'Disagree' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 1, Insightful) by Anonymous Coward on Monday April 13 2020, @11:16AM (1 child)

    by Anonymous Coward on Monday April 13 2020, @11:16AM (#981909)
    My relatives had a big zoom meeting to wish happy birthday to a 90+ year old relative. Think of all the schools, churches etc using zoom (before the security issues, bans etc).

    Will be hilarious if the Chinese Gov is spending resources to sift through all that. Storing all that successfully will make the network, hardware and HDD manufacturers very happy. As they say- like drinking from a firehose.

    If you want to troll them, continue using Zoom for very public stuff but randomly mention uighur, tiananmen, xinjiang, jihad and other juicy keywords.