![\"\"](\"\/\/www.iser-br.com\/Themes\/Release\/images\/responsive\/ettelecom-default.jpg\")
The FTC alleged that the company deceived users about the level of security for Zoom meeting platform<\/a> and unfairly undermined a browser security feature
The settlement would require Zoom to implement a robust information security programme to settle allegations that the video conferencing provider engaged in a series of deceptive and unfair practices that undermined the security of its users.
\"During the pandemic, practically everyone -- families, schools, social groups, businesses -- is using videoconferencing<\/a> to communicate, making the security of these platforms more critical than ever,\" said Andrew Smith, Director of the FTC's Bureau of Consumer Protection.
\"Zoom's security practices didn't line up with its promises, and this action will help to make sure that Zoom meetings and data about Zoom users are protected,\" he said in a statement late on Monday.
Zoom's user base skyrocketed from 10 million in December 2019 to 300 million in April 2020 during the Covid-19 pandemic.
In reality, the FTC alleged, Zoom maintained the cryptographic keys that could allow Zoom to access the content of its customers' meetings, and secured its Zoom Meetings, in part, with a lower level of encryption than promised.
Zoom's misleading claims gave users a false sense of security, according to the FTC's complaint, especially for those who used the company's platform to discuss sensitive topics such as health and financial information.
In numerous blog posts, Zoom specifically touted its level of encryption as a reason for customers and potential customers to use Zoom's videoconferencing services.
According to the FTC's complaint, Zoom also misled some users who wanted to store recorded meetings on the company's cloud storage by falsely claiming that those meetings were encrypted immediately after the meeting ended.
Instead, some recordings allegedly were stored unencrypted for up to 60 days on Zoom's servers before being transferred to its secure cloud storage.
The FTC also alleged that the company compromised the security of some users when it secretly installed software, called a ZoomOpener web server, as part of a manual update for its Mac desktop application in July 2018.
The ZoomOpener web server allowed Zoom to automatically launch and join a user to a meeting by bypassing an Apple<\/a> Safari browser safeguard that protected users from a common type of malware.
Without the ZoomOpener web server, the Safari browser would have provided users with a warning box, prior to launching the Zoom app, that asked users if they wanted to launch the app.
The complaint alleged that Zoom did not implement any offsetting measures to protect users' security, and increased users' risk of remote video surveillance by strangers.
\"The software remained on users' computers even after they deleted the Zoom app, and would automatically reinstall the Zoom app -- without any user action -- in certain circumstances,\" the FTC said.
Apple removed the ZoomOpener web server from users' computers through an automatic update in July 2019.
A Zoom spokesperson told The Verge that the security of its users is a top priority.
\"Today's resolution with the FTC is in keeping with our commitment to innovating and enhancing our product as we deliver a secure video communications experience,\" the spokesperson said in a statement.<\/body>","next_sibling":[{"msid":79143510,"title":"Apple Mac with own silicon chips $15bn sales opportunity","entity_type":"ARTICLE","link":"\/news\/apple-mac-with-own-silicon-chips-15bn-sales-opportunity\/79143510","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":79143548,"entity_type":"ARTICLE","title":"US FTC reaches settlement with Zoom over poor security practices","synopsis":"The US Federal Trade Commission (FTC) has announced a settlement with video conferencing platform Zoom, after it alleged that Zoom misled users by touting that it offered \"end-to-end, 256-bit encryption\" to secure communications while it only provided a lower level of security.","titleseo":"telecomnews\/us-ftc-reaches-settlement-with-zoom-over-poor-security-practices","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":275,"shares":0,"engagementtimems":1348000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2020-11-10 10:46:26","lastupd":"2020-11-10 10:48:30","breadcrumbTags":["Zoom","apple","Videotelephony","Us FTC","zoom security issues","zoom meeting platform","international","Videoconferencing","Cloud computing","MVAS\/Apps"],"secinfo":{"seolocation":"telecomnews\/us-ftc-reaches-settlement-with-zoom-over-poor-security-practices"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2020-11-10" data-index="article_1">
- Telecom乐动扑克News
- 3分钟阅读
美国联邦贸易委员会与放大达到和解可怜的安全实践
美国联邦贸易委员会(FTC)宣布了一项解决变焦视频会议平台,之后它声称变焦误导用户兜售“端到端,256位加密”提供安全通信,它只提供了一个较低的安全级别。
读到
联邦贸易委员会声称该公司欺骗用户的安全级别变焦会议平台和不公平损害浏览器安全特性
解决需要变焦实现可靠的信息安全方案来解决视频会议提供者从事一系列欺骗性和不公平的行为,破坏了它的用户的安全。
“流感大流行期间,几乎每个人——家庭、学校、社会团体、企业使用视频会议沟通,使这些平台的安全比以往任何时候都更重要,“联邦贸易委员会主任安德鲁•史密斯(Andrew Smith)表示消费者保护局。
“变焦的安全实践没有与自己的诺言,这一行动将有助于确保变焦会议和缩放用户数据保护,”他周一晚间在一份声明中说。
变焦的用户在2019年12月从1000万猛增到3亿年的2020年4月在Covid-19大流行。
事实上,联邦贸易委员会声称,变焦维护密钥,可以允许缩放访问的内容其客户的会议,并担保其变焦会议,在某种程度上,比承诺级别较低的加密。
变焦的误导给用户一种虚假的安全感,根据联邦贸易委员会的指控,特别是对于那些使用公司的平台,讨论敏感话题,如健康和财务信息。
在众多的博客文章,变焦专门被加密的水平作为一个原因的客户和潜在客户使用变焦的视频会议服务。
根据联邦贸易委员会的指控,变焦也误导了一些用户想存储记录会议在公司的云存储通过错误地声称这些会议会议结束后立即加密。
相反,一些记录被存储加密的长达60天之前在变焦的服务器上转移到其安全的云存储。
联邦贸易委员会还称,公司妥协一些用户的安全秘密安装软件时,称为ZoomOpener web服务器,作为手动更新的一部分,2018年7月Mac的桌面应用程序。
ZoomOpener web服务器允许变焦自动启动并加入用户绕过一个会议苹果Safari浏览器从一个常见的一种保护,保护用户恶意软件。
未经Safari浏览器ZoomOpener web服务器,为用户提供了一个警告框,启动缩放应用程序之前,询问用户是否想启动应用程序。
起诉书称,变焦没有实现任何抵消措施来保护用户的安全,增加用户的远程视频监控被陌生人的风险。
“软件仍在用户的电脑甚至删除缩放应用程序后,就会自动重新安装缩放应用程序——没有任何用户操作——在某些情况下,“联邦贸易委员会说。
苹果将ZoomOpener web服务器从用户的电脑通过一个自动更新在2019年7月。
变焦发言人告诉边缘用户的安全是首要任务。
“今天与美国联邦贸易委员会的决议符合我们致力于创新和增强我们的产品我们提供一个安全的视频通信体验,”该发言人在一份声明中说。
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动