Due to COVID-19 and its highly infectious nature, governments have asked schools and workplaces to operate remotely. These measures have contributed to a sharp rise in Zoom video conference usage. For example, in one day, the Zoom app was downloaded 343,000 times with about 18% of those downloads originating in the United States [2]. Further, despite the panic and the precipitous decline in the S&P 500 index, Zoom’s stock has increased 74% this year alone [3]. However, Zoom has major security flaws that users are unable to fix because it is a privately owned closed-source platform. Fortunately, there are open-source alternatives that provide a more secure, adaptable alternative.
Throughout Zoom’s history it has experienced many security flaws and has been slow to react because it is a large publicly-owned company with closed source software. In July 2019 security researcher Jonathan Leitschuh released a public report regarding a bug that allows nefarious hackers to easily hack Macbook cameras. Leitschuh only went public after Zoom refused to act for over 90 days, leaving their users at risk. Because Zoom is closed source, the entire user base was forced to wait until the sluggish company could react. More recently, The Los Angeles Times documented a Zoom security issue that occured in Conejo Valley, a school district twenty minutes from my home [4]. During a virtual school administrator meeting, several unknown users joined the meeting where they yelled racial slurs and used the screen sharing function to share wildly inappropriate photos. Not only did this make participants extremely uncomfortable, it also caused already stressed educators to question the security of their Zoom meetings [4]. Since Zoom is closed source, organizations are completely dependent on Zoom’s security system and cannot even look at the code to see where their vulnerabilities lie. As a result, some grade-school teachers have shied away from teaching their youngest students on this platform. Considering the stress our education systems are already under, it is tragic that they must also experience fear when using softwares that allows them to communicate directly with their students.
Fortunately there are alternatives to Zoom that allow for more customized, secure experiences because they are open source. One of these alternatives is Jitsi, an open source platform that allows users to build personalized secure video conferencing solutions. Jitsi was started nearly 15 years ago and has “survived by customizing Jitsi for different clients to meet their needs.” [1] Jitsi customization options include robust security features allowing it to adapt quickly as hackers and other nefarious actors become more advanced. Jitsi Meet uses hop-by-hop encryption. This means that anything that you send traveling to the server is encrypted, then decrypted on the server, re-encrypted and sent to everyone who is meant to receive it [1]. When the code is open, anyone who has doubts about questionable practices has the option to check themselves whether such practices actually occur. Emil Ivov, the original author of Jitsi explained that having the same security options with other applications is “ a matter of negotiation and/or trusting third party auditing agencies.” [1] Whereas with Jitsi, the firm that employs them can correct security bugs and make the connection as secure as possible. In a time where fear is rampant, it is valuable for administrators to understand how their software works and where their vulnerabilities are making Jitsi and other open-source softwares a better option than their closed source competitors.
Zoom and other video-conferencing solutions follow a network effect meaning that people join because their networks are already using the platform. Thus, it is our responsibility as educated individuals to host our video conferences using open-source technologies that are safer for us as individuals and as a society at large.
Bibliography:
- Belu, A. M. (n.d.). Jitsi video conferencing – open source and privacy enhancing. Retrieved from https://dataethics.eu/interview-emil-ivov-jitsi-video-conferencing-snowden/
2. Konrad, A. (2020, March 14). Exclusive: Zoom CEO Eric Yuan Is Giving K-12 Schools His Videoconferencing Tools For Free. Retrieved from https://www.forbes.com/sites/alexkonrad/2020/03/13/zoom-video-coronavirus-eric-yuan-schools/#74f655b74e71
3. Novet, J. (2020, March 18). Zoom CFO explains how the company is grappling with increased demand. Retrieved from https://www.cnbc.com/2020/03/18/zoom-cfo-explains-how-the-company-is-grappling-with-increased-demand.html
4. Xia, R. (2020, March 25). USC, school districts getting ‘Zoom-bombed’ with racist taunts, porn as they transition to online meetings. Retrieved from https://www.latimes.com/california/story/2020-03-25/zoombombing-usc-classes-interrupted-racist-remarks
Paul Rodriguez's Blog 