Connect with us

Business

Zoom’s Sudden Popularity Draws Attention to App’s Privacy Risks

Published

on

  • As more and more people use Zoom for virtual gatherings, several have raised concerns about privacy issues in the app.
  • One issue is that meeting hosts have the ability to save meetings to a cloud and monitor some behavior of attendees.
  • Many using the app have also experienced “zoombombers,” which are trolls making their way into calls, showing graphic and explicit content. 
  • Zoom has responded to one major criticism: its ability to share data with Facebook. Vice’s Motherboard found that the app could do so on Thursday and by Friday, Zoom got rid of that code.

Host Capabilities

As video chatting app Zoom increases in popularity while students and employees work from home, critics are afraid the app may have glaring privacy issues that users are unaware of. 

Zoom has become widely-used since millions of people across the country were forced inside because of the coronavirus. From meetings, to lectures to virtual boozy Sunday brunches, it has become the app of choice for video chatting in quarantine. Even Prime Minister Boris Johnson has used it to conduct government meetings in the U.K.

Calls on the app can be set up by a “host” who initiates scheduling the call, but many allege that these hosts are given too much power on Zoom. The app offers tools that, depending on the subscription tier-one belongs to, allow hosts to access what some may consider private information. 

One feature called “attention tracking” lets the host of a meeting see if an attendee does not have Zoom in focus for more than 30 seconds. This means that if an attendee is active in a window other than Zoom– to look at other documents, message a colleague, or watch the world collapse live on Twitter for 30 seconds– the host is made aware of this. They don’t see what the attendee is specifically doing, just that the Zoom window has become inactive. 

Still, the idea of this happening while you could be completely unaware has made a lot of people uneasy. Justin Brookman, director of privacy and technology policy at Consumer Reports  said this kind of feature should not exist. 

“If you’re teleworking on a home computer, your boss shouldn’t be able to monitor what’s on your screen,” he said in an article on Consumer Reports. “Zoom should get rid of attention tracking mode, or at the very least make participants aware when it’s on.” 

And this isn’t the only thing hosts can do that some see as potentially dangerous. There are several options that allow Zoom meetings to be recorded. One that some find particularly concerning is cloud recording, which is exclusively for paid subscribers and can only be done by hosts. It allows the video, audio, and a transcription of the meeting to be stored in the Zoom cloud. From there it can be accessed and downloaded by authorized employees at a company so that people who were not part of the meeting can read or watch it back. 

“Zoombombing”

Zoom’s issues extend past the powers a host has. There have also been reports about trolls being able to hack into Zoom meetings, something that has been called “zoombombing.” According to a report from TechCrunch, zoombombers are hopping into meetings and showing graphic content like pornography or violent imagery.

In one case, a public Zoom Work From Home Happy Hour was attacked with sexually explicit video and images. Despite the hosts’ many attempts to boot the zoombomber out of the meeting, they were able to re-enter under a new name. To stop this from happening, the hosts had to end the call.

That’s not the only time something like this has happened. NBC talked to a couple that read children’s books to kids stuck at home via Zoom. Ruha Benjamin, an associate professor of African American studies at Princeton University, was leading the call and told NBC that while she was reading to the kids, an image of a “chubby white man in a thong” popped up.

At first, she did not know if everyone could see it, but then a male voice began to repeatedly say the n-word for all 40 kids on the call to hear. She then had to shut the call down and told the outlet, “we knew it was a malicious, targeted thing. My husband and I are both African American.”

Virtual classrooms, religious services, and various other places have also been targets of this kind of harassment. Zoombombers have the ability to do this for a couple of reasons. First, if a Zoom call is public or if the link has been made public, anyone who wants to join can. Second, Zoom’s default settings allow anyone in a call to get screen time. A host does not need to grant an attendee access. Some of this can be changed in Zoom’s advanced settings if a user knows to look for it, but otherwise, this is the way the app will do things on its own.

Entrepreneur Alex Miller shared a Twitter thread giving tips on how to best protect your Zoom calls from hackings like this. 

You can disable the “join before host” feature so that no one can enter a chat and do something inappropriate without the host knowing. Zoom users can also add a co-host so that multiple people can remain on guard. Screen sharing can also be changed to host only.

On top of this, users can also disable file transfers and prevent removed people from joining the call again.

Info Sharing With Facebook

Zoom has also responded to another issue that was found within the app. A Thursday report from Vice’s Motherboard found that Zoom could send data to a company that is perhaps most well known for data privacy controversies: Facebook. This could happen even if you don’t even have a Facebook account.

One day after this report came out, Zoom removed the code that allowed this. According to Motherboard, Zoom would connect to Facebook’s Graph API, which is the main way developers get data in or out of Facebook. Zoom would then notify Facebook when a user opens the app and give details on the device they are doing so from, including the model, location, phone carrier, and a “unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements.” Nothing in their privacy policy explicitly addressed this. 

When Zoom told Motherboard they were getting rid of this code, they explained that the issue had to do with their SDK, or software development kit, which is a bunch of code that can be used to implement app features, but can also send data to third parties.

“Zoom takes its users’ privacy extremely seriously,” they said in a statement to Motherboard. “We originally implemented the ‘Login with Facebook’ feature using the Facebook SDK in order to provide our users with another convenient way to access our platform. However, we were recently made aware that the Facebook SDK was collecting unnecessary device data.”

Zoom also confirmed that the information being collected was not personal user information, but device information, which lined up with Motherboard’s findings. 

See what others are saying: (The Guardian) (Forbes) (BBC)

Business

FDA Recalls 11,000 Ice Cream Containers and Sportsmix Pet Food Products

Published

on

  • Over 11,000 cartons of Weis Markets ice cream were recalled after a customer discovered an “intact piece of metal equipment” inside a 48-ounce container of the brand’s Cookies and Cream flavor. 
  • The FDA also expanded a recall of Sportsmix pet food over concerns that the products may contain potentially fatal levels of aflatoxins.
  • So far, more than 70 dogs have died and more than 80 pets have become sick after eating Sportsmix food. The agency recommends taking your pet to a veterinarian if they have eaten the recalled products, even if they aren’t showing symptoms.

Metal Pieces in Weis Ice Cream Cause Massive Recall

The Food and Drug Administration announced two major product recalls this week following serious consumer complaints.

The first came Sunday when the agency revealed that over 11,000 cartons of Weis Market ice cream were recalled. “The products may be contaminated with extraneous material, specifically metal filling equipment parts,” the FDA’s statement explained.

At least one customer discovered an “intact piece of metal equipment” inside a 48-ounce container of the brand’s Cookies and Cream flavor.

Those containers were available in 197 Weis Market grocery stores, but they have already been pulled from shelves. The products have a sell-by date of October 21, 2020, and customers who purchased the product can return it for a full refund.

Along with removing 10,869 units of the Cookies and Cream containers, the brand also recalled 502 3-gallon bulk containers of Klein’s Vanilla Dairy Ice Cream.

Those bulk containers were not for retail sale, but were instead sold to one retail establishment in New York and have since been removed.

Sportsmix Recall Follows 70 Pet Deaths, 80 Illnesses

The second major recall came Tuesday when the FDA expanded a recall of Sportmix dog food.

According to the agency, the product may contain potentially fatal levels of aflatoxins – toxins produced by the Aspergillus flavus mold, which can grow on corn and other grains used as ingredients in pet food.

As of Tuesday, more than 70 pets have died and more than 80 have gotten sick after eating Sportsmix pet food. Not all the cases have been officially confirmed as aflatoxin poisoning at this time. This count also may not reflect the total number of pets affected.

For now, the FDA is asking pet owners and veterinary professionals to stop using the impacted Sportsmix products that have an expiration date on or before July 9, 2022, and have “05” in the date or lot code.

More detailed information about the recalled products can be found on the FDA’s announcement page.

Pets experiencing aflatoxin poisoning may have symptoms like sluggishness, loss of appetite, vomiting, jaundice, and/or diarrhea. In some cases, this toxicity can cause long-term liver issues without showing any symptoms. Because of this, pet owners are being advised to take their animals to a veterinarian if they have eaten the recalled products, even if they aren’t showing symptoms.

There is currently no evidence that pet owners who have handled the affected food are at risk of aflatoxin poisoning. Still, the FDA recommends that wash your hands after handling pet food.

See what others are saying: (CNN) (USA TODAY) (PEOPLE)

Continue Reading

Business

Signal and Telegram Downloads Surge After WhatsApp Announces It Will Share Data With Facebook

Published

on

  • Downloads for Signal and Telegram have skyrocketed in the last week, with the encrypted messaging apps boasting 7.5 million and 9 million new followers, respectively.
  • The growth comes after WhatsApp said it will require almost all users to share personal data with its parent company Facebook.
  • It also comes after Parler’s shutdown and bans against President Trump from Twitter and Facebook, which prompted his supporters to turn specifically to Telegram.

Telegram and Signal See Big Boost

Downloads for the encrypted messaging apps Signal and Telegram have surged in the last week after WhatsApp announced that it will start forcing all users outside the E.U. and U.K. to share personal data with Facebook.

Last week, WhatsApp, which is owned by Facebook, told users that they must allow Facebook and its subsidiaries to collect their phone numbers, locations, and the phone numbers of their contacts, among other things.

Anyone who does not agree to the new terms by Feb. 8 will lose access to the messaging app. The move prompted many to call for people to delete WhatsApp and start using other services like Signal or Telegram.

Now, it appears those calls to use other encrypted messaging apps have been heard. According to data from app analytics firm Sensor Tower, Signal saw 7.5 million installs globally through the App Store and Google Play from Jan. 6 to Jan. 10 alone, marking a 4,200% increase from the previous week.

Meanwhile, Telegram saw even more downloads. During the same time, it gained 9 million users, up 91% from the previous week. It was also the most downloaded app in the U.S.

WhatsApp responded to the exodus by attempting to clarify its new policy in a statement Monday.

“We want to be clear that the policy update does not affect the privacy of your messages with friends or family in any way,” the company said. “Instead, this update includes changes related to messaging a business on WhatsApp, which is optional, and provides further transparency about how we collect and use data.”

Other Causes of App Growth

Notably, some of the spikes in the Telegram downloads, specifically, also come from many supporters of President Donald Trump flocking to alternative platforms after Parler was shut down and Trump was banned from Twitter and Facebook.

Far-right chat room membership on the platform has increased significantly in recent days, NBC News reported. Conversations in pre-existing chatrooms where white supremacist content has already been shared for months has also increased since the pro-Trump insurrection at the U.S. Capitol last week.

According to the outlet, many of the president’s supporters have moved their operations to the app in large part because it has very lax community guidelines. Companies like Facebook and Twitter have recently cracked down on groups and users sharing incendiary content, known conspiracy theories, and attempting to organize events that could lead to violence.

There have been several documented instances of Trump supporters now using Telegram channels to discuss planned events and urge acts of direct violence. Per NBC, in one channel named “fascist,” users have called on others to “shoot politicians” and “encourage armed struggle.” A post explaining how to radicalize Trump supporters to become neo-Nazis also made rounds on the “fascist” channel, among others. 

Membership one channel frequently used by members of the Proud Boys has grown by more than 10,000 in recent days, seeming to directly attract users from Parler.

“Now that they forced us off the main platforms it doesn’t mean we go away, it just means we are going to go to places they don’t see,” a user posted in the chatroom, according to NBC.

See what others are saying: (NBC News) (Business Insider) (CNBC)

Continue Reading

Business

Pornhub Removes All Unverified User Uploads, Taking Down Most of Its Videos

Published

on

  • Pornhub is now removing all videos that were not uploaded by verified users.
  • Before the massive purge, the site hosted around 13.5 million videos. As of Monday morning, there were only 2.9 million videos left. 
  • The move is part of a series of sweeping changes the company made days after The New York Times published a shocking op-ed detailing numerous instances of abuse on the site, including nonconsensual uploads of underage girls.
  • Following the article, numerous businesses cut ties with the company, including Mastercard and Visa, which both announced Thursday that they will not process any payments on the site.

Pornhub Purges Videos

Pornhub removed the vast majority of its existing videos Monday, just hours after the company announced that it would take down all existing videos uploaded by non-verified users.

According to reports, before the new move was announced Sunday night, Pornhub hosted about 13.5 million videos, according to the number displayed on the site’s search bar. As of writing, that search bar shows just over 2.9 million videos. 

The decision comes less than a week after the company announced it would only allow video uploads from content partners and members of its Model program.

At the time, Pornhub claimed it made the decision following an independent review launched in April to eliminate illegal content. However, many speculated that it was actually in large part due to an op-ed published in The New York Times just days before. That piece, among other things, found that the site had been hosting videos of young girls uploaded without their consent, including some content where minors were raped or assaulted.

The article prompted a wave of backlash against Pornhub and calls for other businesses to cut ties with the company. On Thursday, both Visa and Mastercard announced that they would stop processing all payments on the site.

“Our investigation over the past several days has confirmed violations of our standards prohibiting unlawful content on their site,” Mastercard said in a statement.

Less than an hour later, Visa tweeted that it would also be suspending payments while it completed its own investigation.

Pornhub Claims It’s Being Targeted

However, in its blogpost announcing the most recent decision, Pornhub claimed that it was being unfairly targeted.

Specifically, the company noted that Facebook’s own transparency report found 84 million instances of child sexual abuse content over the last three years. By contrast, a report by the third-party Internet Watch Foundation found 118 similar instances on Pornhub in the same time period.

Notably, the author of The Times report, Nicholas Krisof, specifically said the Internet Watch Foundation’s findings represented a massive undercount, and that he was able to find hundreds of these kinds of videos on Pornhub in just half an hour.

Still, the site used the disputed numbers to point a finger at others.

“It is clear that Pornhub is being targeted not because of our policies and how we compare to our peers, but because we are an adult content platform,” the statement continued.

“Every piece of Pornhub content is from verified uploaders, a requirement that platforms like Facebook, Instagram, TikTok, YouTube, Snapchat and Twitter have yet to institute,” the company added. 

However, Pornhub’s implication that it is somehow more responsible because it only let verified users post content is a highly impractical comparison. First of all, Pornhub is a platform created exclusively for porn, content the social media companies the company name-checked explicitly prohibit.

Second of all, and the vast majority of people who use those platforms are not verified, and it would be impossible for a company like Facebook or YouTube to limit content to only verified users without entirely undermining their own purposes.

Verification Concerns

Even beyond that, there are also still questions about Pornhub’s verification process. According to their site, all someone needs to do to become verified is to simply have a Pornhub account with an avatar and then upload a selfie of themselves holding a piece of paper with their username and Pornhub.com written on it.

While the company did tell reporters the process would be made more thorough sometime next year, they did not provide any specific details, prompting questions about exhaustive the verification process will ultimately be.

That question is highly important because, at least per its current policies, the verification process makes it so users are eligible to monetize their videos as part of the ModelHub program.

If the new verification process is still weak or has loopholes, people could easily slip through the cracks and continue to profit. However, on the other side, there are also big concerns among sex-workers that if the process is too limited, they will be able to make money on the platform.

That concern has already been exacerbated by some of the other actions taken since The Times article was published. For example, after Mastercard and Visa made their announcements, numerous sex workers and activists condemned the decision, saying it would seriously hurt how porn performers collect income —  not just on Pornbub, but on other platforms as well. 

“By targeting Pornhub and successfully destroying the ability for independent creators to monetize their content, they have made it easier to remove payment options from smaller platforms too,” model Avalon Fey told Motherboard last week. “This has nothing to do with helping abused victims, and everything to do with hurting online adult entertainers to stop them from creating and sharing adult content.”  

Other performers also expressed similar concerns that the move could spillover to smaller platforms. 

“I am watching to see if my OnlyFans will be their next target and sincerely hoping not,” amateur performer Dylan Thomas also told the outlet.

“Sex workers are scared by this change, despite not having uploaded any illegal content,” Fey continued, “because we have seen these patterns before and have had sites and payment processors permanently and unexpectedly shut down.”

See what others are saying: (Motherboard) (The Verge) (Bloomberg)

Continue Reading