• Microsoft Teams, SharePoint and 365 Implementation Experts.
Capitol Presence LogoCapitol Presence LogoCapitol Presence LogoCapitol Presence Logo
  • Services
  • Who We Help
    • Government
    • Commercial
  • Tools
  • Contact
0Book a Call
Yammer Gets New Life as Microsoft Teams ‘Communities’ App
April 24, 2020
Top 10 Teams Tips
May 6, 2020

Zoom admits calls got ‘mistakenly’ routed through China

Published by Capitol Presence on May 1, 2020
Categories
  • Blog
Tags
  • Zoom has admitted that some call data was routed through China for non-China users.
  • CEO Eric Yuan said the calls were routed “mistakenly” after the company ramped up capacity to cope with a huge increase in demand.
  • Separately, researchers at Toronto’s Citizen Lab found Zoom used encryption keys issued via servers in China, raising further surveillance worries.
  • China does not enforce strict data privacy laws and could conceivably demand that Zoom decrypt calls, they said.

Zoom’s ongoing security woes just won’t let up.

The video conferencing provider has admitted that some non-China users had their calls routed through China.

In a statement late Friday, Zoom CEO Eric Yuan admitted to mistakenly routing calls via China.

“In our urgency to come to the aid of people around the world during this unprecedented pandemic, we added server capacity and deployed it quickly — starting in China, where the outbreak began,” Yuan said. “In that process, we failed to fully implement our usual geo-fencing best practices. As a result, it is possible certain meetings were allowed to connect to systems in China, where they should not have been able to connect.”

He did not say how many users were affected. 

During spells of heavy traffic, the video-conferencing service shifts traffic to the nearest data center with the largest available capacity – but Zoom’s data centers in China aren’t supposed to be used to reroute non-Chinese users’ calls.

This is largely due to privacy concerns: China does not enforce strict data privacy laws and could conceivably demand that Zoom decrypt the contents of encrypted calls.

Separately, researchers at the University of Toronto also found  Zoom’s encryption used keys issued via servers in China, even when call participants were outside of China. 

They wrote: “During a test of a Zoom meeting with two users, one in the United States and one in Canada, we found that the AES-128 key for conference encryption and decryption was sent to one of the participants over TLS from a Zoom server apparently located in Beijing, 52.81.151.250.”

They added: “A company primarily catering to North American clients that sometimes distributes encryption keys through servers in China is potentially concerning, given that Zoom may be legally obligated to disclose these keys to authorities in China.”

The researchers noted that Zoom has some 700 employees in China, across several Chinese subsidiaries.

Zoom has faced multiple high-profile security issues in recent weeks as it struggles to cope with an unprecedented surge in traffic and new users.

Zoom did not immediately respond to Business Insider’s request for comment and clarification.


Author: Charlie Wood

Source: businessinsider.com

Original Article

Share
0
Capitol Presence
Capitol Presence

Related posts

January 10, 2021

Reasons you should start using Microsoft Teams today


Read more
January 3, 2021

Cloud computing trends in 2021


Read more
December 27, 2020

6 technologies that changed the way we work


Read more

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Capitol Presence Logo

Capitol Presence is a Woman-Owned Small Business (EDWOSB) based in Tysons Corner, VA. We are an Agile Development and Solutions agency that specializes in customer-driven business solutions, born in the cloud. We focus on helping organizations communicate more effectively and work more efficiently together, to complete their mission.

Navigation

  • Tools
  • Services
  • Who We Are
  • Contact
  • Shop
  • Responding to COVID-19
  • Microsoft Office 365
  • Our Team

Industries & Information

  • Commercial
  • Federal Government
  • Employee Portal
  • Partner Portal
  • Remote Resources
  • Privacy Policy

Let’s Simplify Your Business

Book a Call
© 2020 Capitol Presence Consulting Group LLC. All Rights Reserved. Hosted on our Olympus Cloud by AWS