Zoom says its video calls are not end-to-end encrypted, users hacked with porn content: Here’s what happened

We have already told you that popular Houseparty video calling app has several privacy and security loopholes, can track you and extract your personal information even when you don't want it. Now, another video calling service called Zoom, which has become immensely popular during the coronavirus lockdown, confirms that it doesn't actually support end-to-end encryption. A separate report adds that hackers have also been able to breach Zoom video calls, exposing what you talk about within the call.

What about the hack?

You may be interested in

MobilesTablets Laptops

28% OFF

Samsung Galaxy S23 Ultra 5G

• Green
• 12 GB RAM
• 256 GB Storage

₹107,999₹149,999

Buy now

Google Pixel 8 Pro

• Obsidian
• 12 GB RAM
• 128 GB Storage

₹106,998

Check details

Vivo X100 Pro 5G

• Asteroid Black
• 16 GB RAM
• 512 GB Storage

₹89,999

Check details

Apple iPhone 15 Plus

• Black
• 6 GB RAM
• 128 GB Storage

₹87,900

Check details

35% OFF

Xiaomi Pad 6

• Mist Blue
• 6 GB RAM
• 128 GB Storage

₹25,999₹39,999

Buy now

55% OFF

Lenovo Tab M10 5G

• Abyss Blue
• 6 GB RAM
• 128 GB Storage

₹20,999₹47,000

Buy now

32% OFF

Realme Pad 2

• Imagination Grey
• 6 GB RAM
• 128 GB Storage

₹19,668₹28,999

Buy now

Honor Pad X9

• Gray
• 4 GB RAM
• 128 GB Storage

₹14,999

Check details

21% OFF

Acer Swift Go SFG14 41 NX KG3SI 002 Laptop

• Pure Silver
• 8 GB RAM
• 512 GB SSD

₹58,990₹74,999

Buy now

41% OFF

Acer Aspire 5 A515 57G Laptop

• Gray
• 16 GB RAM
• 512 GB SSD

₹52,990₹89,999

Buy now

41% OFF

Acer Aspire 3 A315 24 NX KDESI 004 Laptop

• Silver
• 8 GB RAM
• 512 GB SSD

₹34,490₹57,999

Buy now

40% OFF

Asus VivoBook 15 X515JA BQ322WS Laptop

• Transparent Silver
• 8 GB RAM
• 512 GB SSD

₹31,350₹51,990

Buy now

According to a recent report by AFP, the FBI's Boston office recently witnessed increased number of video call breach cases wherein the hackers can enter a video call and post porn content. The FBI reportedly, "received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language."

People has also been tweeting about it with screenshots.

As per FBI, hackers had 'Zoom-bombed' schools that are now taking online classes due to the lockdown. In one of the cases, someone dialed into a virtual classroom held by a Massachusetts high school teacher and shouted obscene language before revealing her home address.

The company however gave a response, stating that it "takes its users' privacy, security, and trust extremely seriously." It added that "During the COVID-19 pandemic, we are working around-the-clock to ensure that hospitals, universities, schools, and other businesses across the world can stay connected and operational."

Also read: Zoom updates iOS app with fix for Facebook data collecting bug

But then it confirmed that video calls are not end-to-end encrypted

In a separate report by The Intercept, Zoom video calling service confirmed that their video calls are not E2E protected as mentioned in their privacy policy pages and security white paper.

"Currently, it is not possible to enable E2E encryption for Zoom video meetings. Zoom video meetings use a combination of TCP and UDP. TCP connections are made using TLS and UDP connections are encrypted with AES using a key negotiated over a TLS connection," said the spokesperson to the news website.

It has been mentioned that Zoom uses TLS encryption, which is the same that is used in HTTPS websites. This means that the Zoom app running on your computer or smartphone has the same encryption level as it is between the browser and any other website. This is different from end-to-end encryption, which is there in services such as WhatsApp, Telegram and others.

Also read: Elon Musk's SpaceX bans Zoom over privacy concerns

Zoom has also confirmed that while the videos are safe from others trying to snoop-in, the company itself can access them. The privacy policy page, as pointed out by Consumer Reports, lets Zoom collect your data and share it with advertisers, which is the case with other social media websites and services as well.

However, Zoom is said to gather 'customer content' as well. This includes "information you or others upload, provide, or create while using Zoom." Some of the examples mentioned by the company are "Cloud recordings, chat/instant messages, files, whiteboards, and other information shared while using the service, voice mails." And the company says that these details are used to provide Zoom services, for easy search in chat log history, Zoom phone services and more.

In its latest blog post, the company has however, apologised for using the term 'end-to-end encryption', which indeed confirms the aforementioned claims. "In light of recent interest in our encryption practices, we want to start by apologizing for the confusion we have caused by incorrectly suggesting that Zoom meetings were capable of using end-to-end encryption. Zoom has always strived to use encryption to protect content in as many scenarios as possible, and in that spirit, we used the term end-to-end encryption," states the post.