Zoom Data Scandal Shows Blockchain May Be the Future of Communications

Published at: April 8, 2020

As people around the world started following shelter-in-place orders, popular video conferencing platform Zoom quickly gained new users, noting in a recent blog post that it had reached more than 200 million daily users last month, up from 10 million in December. From virtual conferences to online birthday parties, thousands of individuals have flocked to Zoom in an attempt to remain social at a time when social gatherings are banned.

Yet, while Zoom may have seemed like the perfect alternative to in-person gatherings, a major security flaw has been lurking in the system. Following the sudden balloon in daily users, it was discovered last week that thousands of personal Zoom videos have been left viewable on the open web.

What’s the issue?

Ankit Bhatia, CEO and co-founder of the Sapien Network social platform, told Cointelegraph that signing into Zoom has never been a secure process:

“If you know the server the Zoom call is on, then you only need to run a script to generate the right sequence of numbers at a given time and you’re potentially in on a conference, be it a daily technical standup or an AA meeting. This is especially easy when Zoom users don’t password-protect their meetings.”

In addition to strangers having access to “private” Zoom videos, personally identifiable information such as email addresses and passwords have also been compromised.

Jeff Pulver, Voice Over Internet Protocol pioneer, told Cointelegraph that the main issue with all major communication services like Zoom is that it uses centralized data storage mechanisms. Due to this, Zoom poses security threats to the confidential information it gathers. He explained:

“Companies like Zoom say they cannot access user data, but they still mine the data generated by those apps, such as how often users talk to someone and whose phone numbers they have stored in their smartphone’s address book. Routing all business and personal data through a centralized server with one main point of contact poses an overwhelming number of threats for information security.” 

Pulver, who authored the “Pulver Order” adopted by the U.S. Federal Communications Commission to ensure that users need not pay for communication apps such as FaceTime, understood early on the data issues posed by Zoom. He noted that the thousands of data breaches witnessed between 2018 and 2019 should have been a global wake-up call for people who are looking to better understand how their data was being used by third party platforms.

Blockchain can power a new era of communication 

As such, Pulver believes that the best way of making high-security communications services universally available is through the use of blockchain technology. “By refraining from centralized control, we will be removing the weak link from the equation — the third parties,” he explained. Pulver has spent the past year developing a blockchain-based communications network called Debrief.

Unlike conventional video applications, Debrief is an open-source blockchain network upon which communication applications can be built. According to Pulver, leveraging blockchain creates a higher level of security when it comes to users’ personal information:

“Unlike Facebook Messenger or Google’s Hangouts, Debrief encrypts user messages by default and also retains virtually no information from users, including messages and address books, on its servers, since they are decentralized.” 

Karen Sun, Debrief full-stack developer and former solution configuration manager of Ericsson, told Cointelergraph that, “Even if our servers get hacked, the perpetrators will not be able to decrypt the messages stored there.”

According to Pulver, Debrief has been primarily built for fast and private transactions. Unlike mainstream public chains like Ethereum, the Debrief infrastructure has been constructed to ensure fast and trusted connections specifically for communication. Pulver further noted that Debrief contains an open-source Middleware component, allowing for mainstream centralized applications such as Zoom to utilize Debrief's blockchain “by wrapping their code into our code.”

While the Debrief Testnet privately launched in February 2020, Pulver mentioned that the MainNet launch is expected in the fourth quarter of this year. The Middleware public launch is also projected for the same period.

A video conferencing DApp

For use in the meantime, Pulver explained that a decentralized application has been built on the Debrief network. The DApp provides HD video conferencing, peer-to-peer audio and video calling, messaging, decentralized file storage and more. The beta version of Debrief has just been released, which has already seen over 1.2 million transactions from over 3,000 participating users.

Pulver mentioned that the challenge moving forward will be generating public awareness for blockchain-based communication networks, adding, “We need to find developers who want to use our blockchain to see what they are able to do with the APIs.”

Additionally, regulatory and data standard challenges might also hamper the adoption of a blockchain-based communication network. A recent Telecoms Tech article highlights these challenges, stating, “The current telco industry adheres to a set of data standards, structures, and transmission infrastructure. As such, bringing blockchain applications to this existing framework presents significant challenges.” Pulver, however, remains optimistic, saying:

“We have the ability to bring this to the communications industry and my hope is to get thousands of people to connect and innovate in a positive, secure way.”

Tags
Technology
Blockchain
Security
Data
Related Posts
Oracle wants to bring blockchain to the masses through a crypto-secure data offering
While blockchain is known for bringing trust and transparency to multi-party workflows, it can also ensure the immutability of business-critical data. Realizing this potential, technology giant Oracle has announced a crypto-secure data management offering that will be provided as a free feature for Oracle converged database users. Juan Loaiza, executive vice president, Mission-Critical Database Technologies at Oracle, told Cointelegraph that it’s become apparent that customers deploying blockchain solutions often do not require the full capabilities of these implementations. Loaiza also pointed out that the complexity of introducing a completely new technology stack into an IT environment can be burdensome. Blockchain …
Technology / March 3, 2021
The role of decentralized networks in a data-abundant, hyperconnected world
When it comes to computer data storage, it can seem like we are running out of numbers. If you are old enough, you may remember when diskette storage was measured in kilobytes in the 1980s. If you are a little younger, you are probably more familiar with the thumb drives denominated in gigabytes or hard drives that hold terabytes today. Humanity’s unfathomable data footprint But we are now producing data at an unprecedented rate. As a result, we are going to need to be able to grasp numbers so large that they seem almost beyond human comprehension. In order to …
Decentralization / March 14, 2021
Zoom Will Offer End-to-End Encryption to All Users
On June 17, the popular video conference app, Zoom, officially announced that end-to-end encryption, or E2EE, has finally arrived for their software. It will be provided to both free and paid users, so long as their account has passed the company’s verification process. According to the announcement, during the beta phase that will start from July, users should verify their phone numbers via a text message. The aim of this step is to prevent the mass creation of abusive accounts. Zoom commented: “We are confident that by implementing risk-based authentication, in combination with our current mix of tools - including …
Technology / June 17, 2020
Digital identity platform integrates with zkSync for on-chain KYC
RNS.id, a digital Web3 identity platform developed to support the application and issuance of sovereignty-backed IDs, announced on Nov. 30 that it is integrating with zkSync for on-chain KYC. RNS.ID indicated in a release shared with Cointelegraph that its on-chain KYC solution is designed on a “privacy engine” to encrypt users' identity attributes or properties into different “hashed slices” with multiple signature verifications. RNS.ID aggregates users’ fragmented identity properties data and uses ZK-proofs to generate encrypted proofs from metadata. Additionally, the company stated that RNS.ID enables users to create their own "minimal disclosure identifying information system" for constrained usages, thereby …
Technology / Nov. 30, 2022
Fujitsu launches Web3 acceleration platform for startups and partner companies
The Japanese-based multinational tech company Fujitsu announced the launch of a new platform on Feb 8, designed to support Web3 developers worldwide. According to a report by the Fintech Times, Fujitsu’s Web3 Acceleration Platform seeks to provide a development environment, blockchain-based service APIs, high-computing technologies, simulations, AI, combinatorial optimization, for start-ups, partner companies, and universities building Web3 applications and services. The company said its platform aims to support the creation of a diverse ecosystem of Web3 applications across a range of use cases, such as digital content rights management, business transactions, contracts, and processes. It will also offer free access …
Technology / Feb. 8, 2023