Patreon Early Access Full Episode
Zoom is trying to regain users’ trust. Over the last few weeks, the video conferencing service became the go-to platform for business meetings, education, even weddings and funerals. Then hate groups started to weaponize the platform, bombarding people with racist and pornographic content. The FBI warned about Zoombombing. Big school districts started to leave the platform. And now Zoom is scrambling to do damage control. We should mention that the company is a financial supporter of NPR. Zoom’s founder and CEO, Eric Yuan, joins us now.
ERIC YUAN: Thank you for having me.
SHAPIRO: You know, so many tech platforms have dealt with trolls, racists, neo-Nazis, pornography – I could list them all, all the big ones. Shouldn’t you have anticipated this?
YUAN: I never thought about this seriously. And occasionally, we had that over the past several years. And we have a team that we work together with the local, you know, law enforcement and the FBI whenever someone reported that. But this time, just for the first week, there was too many. And it is totally unexpected.
SHAPIRO: Part of Zoom’s appeal has been that it is so easy to use. You don’t have to download specific software. You don’t have to have passwords or jump through hoops. Does that ease of access which made it so appealing to so many also make the platform more vulnerable to these attacks?
YUAN: Yes, that’s why. Normally, you know, before this crisis, this service was used by business meetings. Meeting ID is unique, really hard to guess. For now, a lot of end users are using that now. Quite often, they might share the meeting ID to their social media. Without a password, for sure, you know, others can easily hack into that.
SHAPIRO: Tell me about your relationship with law enforcement. Did you know that the FBI was going to issue a warning calling out your company by name?
YUAN: I would say this – FBI can help. This is online crime.
SHAPIRO: It is online crime, yeah.
YUAN: Yeah. We’re very excited to know FBI involved. Actually, this is great.
SHAPIRO: As you know, a lot of people have said they’re not going to use Zoom anymore. You’ve lost their trust. Entire school districts have banned the platform. Major technology firms are saying they just no longer trust Zoom. What is your message to them?
YUAN: We have lots of users. We have very large user base. You know, take New York state – the public school, for example. You know, our team’s still working together with them. I think we have more users, more companies, you know, who are using Zoom now.
SHAPIRO: I have to say, I sort of expected you to say we’re going to do whatever we need to to win back their trust, but it sounds like instead you’re saying we’re getting so many more customers all the time that we can afford to lose a few.
YUAN: No. No, that’s not what I mean. I’m so sorry. One of my point is for any users who lost the trust, we do all we can to win their trust back. That is a given. But in addition to that, we also have a lot of users. We are working together with them for many, many years. They know actually, you know, our company has good intention. For those who are going to not use Zoom anymore, we double down our effort. That’s why we freeze everything. Next is 90 days of privacy, no feature, right? Just focus on privacy, security.
SHAPIRO: You’re saying over the next 90 days, you’re going to put these new features in place that will increase privacy.
YUAN: Yeah. No features, just privacy, security. We want to win all of those users back.
SHAPIRO: So what would you tell people who think Zoom is so accessible and easy to use but might be resistant to use the kind of password protections that you’re talking about? Given that you’ve built your brand on the low barrier to entry, do you think that barrier to entry now needs to be a little bit higher to keep people safer?
YUAN: That’s good question. You are so right. And when it comes to a conflict between usability and privacy and security, privacy and security is more important. Even you take two steps, three steps, I think we should do that.
SHAPIRO: And for you, as the founder of this company, is that a huge shift in the way you conceive of this platform, that if it takes two or three steps to enter, it’s OK as long as it makes it safer, even if that might drive some people away because it’s inconvenient?
YUAN: If you asked me this question one year ago, I would hesitate to say yes. For now, (unintelligible) yes. I think we want to do all we can to make sure people feel safe to use our platform and even at a cost of multiple clicks. Because whenever there’s a conflict, there is no perfect, you know, scenario. You’ve got to sacrifice something. From our perspective, welcome to transform our business to privacy and security first.
SHAPIRO: Eric Yuan is the founder and CEO of the video meeting platform Zoom.
Thank you for your time today.
YUAN: Thank you for making it, really appreciate it.
April 3, 20206:30 PM ET
Millions of people are using Zoom to communicate, but the company is facing mounting scrutiny over whether it is adequately protecting users.
Olivier Douliery/AFP via Getty Images
A powerful Senate Democrat is asking the Federal Trade Commission to investigate Zoom for deceptive practices, adding to the growing chorus of concerns over the popular video chat software’s privacy and security flaws.
Several state attorneys general are also probing Zoom, after users, including government officials, reported harassment, known as “Zoombombing,” on the platform.
Ohio Sen. Sherrod Brown, the ranking member of the Banking, Housing and Urban Affairs Committee, sent a letter Friday to the FTC.
In the letter, obtained by NPR, Brown said Zoom had made “deceptive” claims to users that their communications would remain private. Brown said Zoom incorrectly suggested its service offered end-to-end data encryption, which means that communications couldn’t be accessed by anyone other than the sender and the recipient at any point.
Zoom walked back on Wednesday its claim of end-to-end encryption. In a statement, it said, “While we never intended to deceive any of our customers, we recognize that there is a discrepancy between the commonly accepted definition of end-to-end encryption and how we were using it.”
Brown also wrote to Zoom CEO Eric Yuan on Friday asking for details on the company’s encryption and security practices by April 10.
With so many people stuck at home during the coronavirus pandemic, Zoom has become the go-to venue for millions to connect with co-workers, friends, family, teachers and students. The company says 200 million people used its video conferencing service daily last month, up from the previous peak of 10 million in December.
But the sudden popularity has highlighted the software’s shortcomings. Zoombombing, in which intruders hijack meetings with hate speech and offensive images, has become a new form of harassment. Software flaws have left users vulnerable to hackers.
Connecticut Attorney General William Tong said Friday that he and Connecticut’s lieutenant governor, Susan Bysiewicz, were “Zoombombed” early this week during a virtual town hall. Trolls posted racist, sexist and pornographic comments in the meeting’s chat section.
On Friday, he became the latest attorney general — along with those in New York, Florida and other states — to seek information on Zoom’s privacy and security practices.
AG William Tong
✔@AGWilliamTong · Apr 3, 2020 We are increasingly relying on technology to communicate right now. Video conferencing has become extremely popular. Learning how to use these platforms ‘on the fly’ is no small challenge, but it is important to take the time to learn how to use them securely and safely.
AG William Tong
✔@AGWilliamTong Earlier this week I was on a Zoom call bombed by hundreds of profane and racist comments. Needless to say, I’m new to navigating these platforms’ privacy and security features too. We’ve been in contact with Zoom to address this and other key privacy and security issues.
811:15 AM – Apr 3, 2020Twitter Ads info and privacy
See AG William Tong’s other Tweets
“I’m joining with other attorneys general across the country in calling on Zoom to provide information about what it’s doing to keep all of us safe,” Tong said at a press conference.
A Zoom spokesperson said of the inquiries from the attorneys general: “We appreciate the outreach we have received on these issues from various elected officials and look forward to engaging with them.”
Bysiewicz said several other town halls she held this week were also attacked. She said she asked the U.S. attorney for Connecticut — the top federal prosecutor in the state — to work with the Federal Bureau of Investigation to stop Zoombombing.
The FBI warned schools in particular to be careful using Zoom, after receiving multiple reports of attacks.
Sen. Richard Blumenthal, D-Conn., has also asked Zoom for information on how it handles users’ data.
Zoom says it has taken steps to fix the security flaws that have been uncovered and is educating users on how to safeguard their meetings. On Wednesday, the company said it would halt work on new features for 90 days to focus on security and privacy.
April 3, 20205:00 AM ETHeard on Morning Edition
Zoom is wildly popular, but it’s now under scrutiny for security and privacy issues.
Olivier Douliery/AFP via Getty Images
Updated at 11:22 a.m. ET
Dennis Johnson fell victim last week to a new form of harassment known as “Zoombombing,” in which intruders hijack video calls and post hate speech and offensive images such as pornography. It’s a phenomenon so alarming that the FBI has issued a warning about using Zoom.
Like many people these days, Johnson is doing a lot of things over the Internet that he would normally do in person. Last week, he defended his doctoral dissertation in a Zoom videoconference.
He had a big audience — he estimated it was about 40 people, including “my closest friends, family and my classmates and my dissertation committee” at California State University, Long Beach, he said.
Johnson is the first member of his family to graduate from college, let alone get a doctorate. He wanted to share the moment with them.
He said he was in the middle of presenting when someone started drawing male genitalia on the screen. At first, Johnson said, he was not sure what was happening.
“I’m like, ‘Whoa!’ And then I freeze, and everyone who’s watching the screen freezes,” he said.
It got worse. The attacker scrawled a racial slur that everyone on the Zoom call could see.
Johnson was horrified. The organizers blocked everyone’s screen until they could remove the intruder from the meeting. But, Johnson said, they were not able to identify that person.
Although he was shaken, Johnson managed to finish his presentation. But what should have been a triumphant celebration was ruined.
“The moment they [told] me, ‘Congratulations, Dr. Dennis Johnson,’ and it’s all over and I leave the Zoom meeting, everything sets in,” he said. “I couldn’t even, like, communicate. I had to just walk out [of] my house. … I didn’t want to talk or see anybody.”
With schools closed and millions of people working from home, Zoom has become wildly popular. The company said 200 million people used the app on a daily basis in March, up from just 10 million in December. But that newfound popularity is bringing new scrutiny.
The FBI is warning schools, in particular, to be careful.
“The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the bureau’s Boston office said this week.
✔@FBIBoston #FBI warns of Teleconferencing and Online Classroom Hijacking during #COVID19 pandemic. Find out how to report and protect against teleconference hijacking threats here: http://ow.ly/HEeJ50z0duZ
3022:37 PM – Mar 30, 2020Twitter Ads info and privacy
425 people are talking about this
As concerns have arisen, Zoom has worked to address them. It published a guide last month on how users can protect meetings. It also changed settings for accounts used by schools and universities to make their meetings more private by default.
New York Attorney General Letitia James has sent a letter to Zoom asking about its security and privacy protections.
“Things you just would like to have in a chat and video application — strong encryption, strong privacy controls, strong security — just seem to be completely missing,” said Patrick Wardle, a security researcher who previously worked at the National Security Agency.
He and other researchers have turned up flaws in Zoom’s software that could let hackers spy through a computer’s webcam or microphone. Zoom says it released fixes for these issues on Wednesday.
An Etiquette Primer For Zoom And Other Videoconferencing Services
Toggle more options
The website Motherboard found that Zoom was sharing data with Facebook, even data on people who are not Facebook users.
Zoom says that was a mistake and that it stopped sharing that data in March, but it’s now facing a class action lawsuit.
Wardle says Zoom may be easy to use, but he is wary of its track record.
“This product was designed to prioritize things other than privacy and security,” he said.
Zoom CEO Eric Yuan said in a blog post Wednesday that the company is freezing work on new features to focus on fixing its privacy and security problems.
“We recognize that we have fallen short of the community’s – and our own – privacy and security expectations,” he wrote. “For that, I am deeply sorry, and I want to share what we are doing about it.”
APRIL 06, 2020 05:00 AM
In the first week of online-only classes at Kansas State University in March, the student government senate convened for its first virtual meeting via the video conferencing app, Zoom.
Senate leaders tweeted the link to the session “to be more accessible to students,” said Jansen Penny, student body president.
About five minutes into the meeting “someone took over the screen and using the Zoom blackboard function started drawing explicit images,” Penny said. When the host tried to erase the images, more and more came up. Eventually the intruder put up a pornographic video. When the host tried to end the meeting, that function was locked and would not work. She had to power down her laptop to shut the meeting down.
It’s called Zoom bombing, an unfortunate growing trend in the age of COVID-19 stay at home orders.
The surge in online communication at schools, businesses and even places of worship has thrown open the cyber gates for computer hackers to intrude and disrupt.
Last Tuesday, three University of Missouri Zoom sessions were disrupted by individuals “using hateful, discriminatory and reprehensible language,” UM System President Mun Choi said in a notice to the campus community.
Choi said the “intrusive acts … are violations of our university’s policies and an affront to basic human values. They will not be tolerated.”
Neither University of Missouri-Kansas City nor University of Kansas responded to questions from The Star about Zoom bombing in their virtual classes.
The Chicago Tribune reported last week on a virtual mediation session interrupted by some young men who hacked in and began heckling the woman leading the meeting. They eventually took control of the screen and started searching for pornography. And when the group leader tried to mute them, the hackers scolded her and used a racial slur.
In Orange County, Florida, a man hacked into a public school’s online class and exposed himself to students, school officials said last week. They reported the incident to law enforcement.
Business Insider reported that several New York Alcoholics Anonymous meetings were interrupted by trolls shouting misogynistic and anti-Semitic slurs, along with crass references to drinking.
The FBI Boston Division put out a warning about Zoom bombing last week after receiving reports of school video conferences interrupted with hate speech, pornography and threatening language.
WHAT TO DO ABOUT IT
UM System officials say they immediately looked for ways to stop hackers from interrupting classes for the 70,000 students enrolled at their four campuses, which are all shuttered for the remainder of the school year.
First, Choi referred students and faculty to Zoom’s new guide on ways to secure a session by locking the virtual classroom control screen, locking chat sessions and removing participants. One key to keeping intruders out is to enable waiting rooms, which prevent guests from entering a session until the host allows them in.
Cyber security experts suggest requiring a meeting password.
“Using a password goes a long way to protect your conference,” said Matthew Gunkel, chief e-learning officer at MU. Gunkel also suggests the host get training in how to manage and moderate a meeting because, “it can be tricky,” he said, to understand all the options available.
And, he said, “for one-to-many events, like a preacher in front of a large audience, look at webinars as an option rather than an open Zoom room.”
Zoom, based in San Jose, California, has recently been under fire from users about privacy and security issues. On Wednesday the company apologized for “falling short” on security issues and promised to improve.
“Usage of Zoom has ballooned overnight,” executive director Eric Yuan said in a blog post, in ways he could not have foreseen before the coronavirus pandemic.
At the end of December, the maximum number of daily Zoom meeting participants was roughly 10 million, Yuan said. In March, Zoom reached more than 200 million.
In Kansas City, Bret Knighton, president of Complete Technology Service, has spent the last few weeks securing remote setups for a lot of small businesses adhering to the city’s stay at home orders.
“One reason this Zoom bombing is happening is because people have public sessions, they are open, so it is very easy to do,” Knighton said.
Schools and companies need to be extra careful, he said. When employees are connected to a company’s system through a virtual private network, or VPN, if their laptop is vulnerable to hackers, so is the company system.
“We live in this world where there’s a two-edged sword: a world where we can have video conferencing, but at the same time some things do need to be done to protect ourselves.”
Posting video conference links on social media, Knighton said, is a bad idea. “I recommend a private session be created, sending individual links for people to log in. And make sure the screen is locked.”
The people who are Zoom bombing school and company video conferences “are not your sophisticated hackers,” Knighton said. “The way the Zoom tool works is that it has made it easy for people to use. Zoom has provided us a great tool, but it also opened the gateway for people to be taken advantage of.”
Published:April 8, 2020
Updated:April 8, 2020 8:52 AM MDT
JAKARTA — Indonesian police said on Wednesday they would not bring murder charges against suspects accused of killing a transgender woman by dousing her with petrol and setting her on fire.
The 43-year-old died on Sunday from burns sustained in the incident a day earlier. Her death was reported by Indonesian media on Tuesday.
Police said on Wednesday they believed the suspects who set the fire had not burned her intentionally. They identified six suspects, three of whom had been arrested.
Budhi Herdi Susianto, the North Jakarta police chief, said the suspects had accused the woman of stealing and doused her with petrol. One of the suspects had lit a match, but did not intend to burn her, the police chief said.
The suspects could be charged with physical violence, carrying a maximum sentence of 12 years.
Usman Hamid, the Indonesian representative of Amnesty International, told Reuters it seemed too early for the police to conclude that there was no intent to set the woman on fire.
“The police need take investigative actions that are impartial and independent. They can’t seem like the perpetrators’ lawyers,” he said.
Andreas Harsono, a researcher with Human Rights Watch, said the incident was indicative of a rise in hostility and vilification of the lesbian, gay, bisexual and transgender (LGBT) community.
“Her death should be a reminder to many Indonesians that transgender women deserve justice and equal rights,” he said.
“Thousands of transgender women, gay men or lesbian women have been humiliated in Indonesia these past few years.”
Homosexuality is not regulated by law in Indonesia, except in Aceh province where same-sex relations are banned under sharia law. But growing social and religious conservatism has driven escalating vitriol toward sexual minorities in the world’s most populous Muslim-majority country.
Indonesia’s transgender community is locally known as “waria” – a combination of the Indonesian words for “woman” and “man.”