Zoom video conferencing has no role on a college campus. The pandemic, as noted previously pushed many colleges to deploy a video conferencing solution under a less than workable timeframe.
Fair to suggest no risk assessment was completed. Some colleges hold a campus-wide license agreement while smaller schools have more limited host deployments.
Colleges need only review their mission and organizational goals to confirm a change from Zoom is needed. Many colleges have adopted strong mission and vision language to promote student learning and inclusiveness.
Truly accepting your College’s mission, vision and language is essential to understanding why Zoom violates their lives. Many do not seem to care or understand the true security and privacy vulnerabilities.
My initial post just scratched the surface. The cool factor juicing up your background image may in fact be more important than security and privacy of students.
Yea, its a videoconferencing app and during a pandemic — how bad can it be?
Enter hate groups
In addition to the racist Zoombombing at California State University Long Beach in late March, hate groups have begun hacking Zoom meetings.
As widely reported Jewish groups, teachers and families are being Zoombombed by white supremacists. The Verge reported White supremacists are targeting Jewish groups on Zoom
University of Colorado Bolder:
An online biology lecture was hijacked and anti-semitic messages were displayed. One professor is Jewish. A news article by Colorado public radio addressed this source: a student enrolled in the class posted the lecture’s Zoom ID number to reddit, an American social news aggregation, web content rating, and discussion website. Hate groups then entered the Zoom meeting.
University of Washington:
Students, instructors face threats and hateful speech as Zoom meetings get ‘bombed’
Binghampton University:
Racist interruptions affect Zoom classes at BU
Arizona State University and The University of Southern California:
‘Zoombombing’ Attacks Disrupt Classes Online Zoom classes were disrupted by individuals spewing racist, misogynistic or vulgar content.
University of Texas:
Virtual meeting of black UT students interrupted with racist slurs, students say
Just imagine a racist zoombombing during your next online class, campus event, Dean’s meeting, or public art performance. And the damage to your College brand becomes front and center in a social media world.
Still want to use Zoom on your campus?
Be willing to move the conversation (and ownership) from IT to the offices of Risk Management and Legal Affairs. From my post on April 11th the security and privacy issues have only grown:
Deccan Herald:
Ransomware threats to Kolkata execs working from home, using Zoom
Reuters:
Zoom users top 300 million as ban list grows
Medium:
Zoom Is Full of Security Flaws — But You Can Protect Yourself? Your best bet is still to ditch Zoom
The intercept:
Zoom meetings aren’t end-to-end encrypted, despite misleading marketing.
Arstechnica:
Attackers can use Zoom to steal users’ Windows credentials with no warning
New York Times:
A Feature on Zoom Secretly Displayed Data From People’s LinkedIn Profiles
Zoom’s Security Woes Were No Secret to Business Partners Like Dropbox
Vice:
Zoom is Leaking Peoples’ Email Addresses and Photos to Strangers
Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000
AsiaAge:
Only paid Zoom users can opt not to have Zoom calls routed through China, free users can’t choose
9to5mac:
Zoom lets paying users opt out of Chinese servers, as 500k credits sold
ComputerWeekly:
Zoom and WebEx users targeted by credential stealing attempts
JPost:
Personal information of hundreds of Zoom accounts found on dark web
Zoom’s own blog:
Data routing
A member of academic support reached out to our HelpDesk last week to install Zoom. I responded the College has licensed Google Hangouts and Meet to all users across our organization: students, faculty, staff and administrators. My reply included the above Zoombombings, concerns for security and privacy and how this software does not comply with our College’s mission. The staff member nevertheless again asked for Zoom.