September 27, 2023

Password compromise

Zoom use has been exploding during the COVID-19 crisis as an increasing number of people work from home. But as more people flock to the video conferencing service for business meetings or chats, security and privacy issues are quickly popouts

During zoom conference , in chat interface window if any url’s been shared , it converts in to a hyperlink that can be used through browsers

The problem with this is, according to Bleeping Computer: “When a user clicks on a UNC path link, Windows will attempt to connect to a remote site using the SMB file sharing protocol to open the remote cat.jpg file.”

And at the same time, by default, Windows sends a user’s login name and NTLM password hash. This can be cracked fairly easily by an attacker to reveal your password. 

Broken promises?

Zoom promises a bevy of protections for hosts who create meetings. At the top of that list is a promise that users can “secure a meeting with end-to-end encryption.” That sounds pretty great! Unfortunately, it also might not be exactly true.

A report published today by The Intercept finds that the claim might be misleading. Instead of end-to-end encryption for audio and video, Zoom offers something slightly different, called transport encryption.Advertisement

When The Intercept asked Zoom about its encryption capabilities, a spokesperson straight-up responded that they can’t do it. “Currently, it is not possible to enable E2E encryption for Zoom video meetings,” the spokesperson said, adding, “Zoom video meetings use a combination of TCP and UDP. TCP connections are made using TLS and UDP connections are encrypted with AES using a key negotiated over a TLS connection.”

If the data were truly encrypted end-to-end, only the users on either end of it would be able to access it. Under the TLS encryption it actually uses, though, Zoom itself could access the content that flows back and forth in meetings.

What to do, until Zoom issues a fix
The issue needs to be fixed by Zoom but until then, you can enable a group policy that prevents NTML credentials from automatically being sent as described. You can find this under Group Policy editor, and change it to “Deny All.”

Go to Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers.

Already Zoom not in compliant with CCPA… GDPR may come has a threat to zoom..

1 thought on “Zoom ! Zoom ! Why it’s issues are zooming ° big

Leave a Reply

%d bloggers like this: