Ever since offices and educational institutions shut down due to Covid-19, online video conferencing platforms such as Zoom and Skype have become staples in every household. However, it wasn't long before we started reading news about NASA and SpaceX prohibiting the use of Zoom over security concerns.
Most of these applications usually keep up with recommended encryption standards, but encryption alone does not guarantee complete safety from attackers. So, let us look at how safe these platforms actually are.
According to the Zoom website, they use an encryption called Advanced Encryption Standard (AES)-256. It has been argued that even a supercomputer would take millions of years to crack this code. However, it was reported that their encryption was substandard and flawed, which recently pressurised them into working on upgrades. Aside from that, a fair amount of Zoom's vulnerabilities arises from the user's lack of knowledge about the platform. Practices such as keeping your meeting ID private, locking meetings, etc. are no-brainers to amp up your security. You can read more on this online.
Even though Microsoft Teams claims to not have access to your data unlike Zoom, they are using a less secure encryption protocol. A malicious GIF file on Teams became the talk of the town when it was revealed that interacting with it could steal account details. Users are also vulnerable to phishing attacks where they receive emails that look like legitimate MS Teams notifications. The platform implemented multi-factor authentication for additional protection, but again, it comes down to the user's knowledge of the platform's security configurations and learning how to differentiate between sketchy and legitimate emails or links.
Skype uses the same type of encryption as Zoom when users communicate with each other, but it is not end-to-end encrypted, which means Microsoft and government agencies are able to decrypt the information and monitor them. It has been said that this routine monitoring is needed to prevent malware attacks. However, it is still unauthorised access to user's information and could be abused if it fell into the wrong hands.
A security upside of WhatsApp is that it is end-to-end encrypted, which means only the user and the user's device can decode the messages. On the downside, the messages are decrypted when you back them up to a cloud server, which makes them vulnerable if the cloud gets attacked. Even though WhatsApp's FAQ page mentions that they don't share data with Facebook, some people question the truthfulness behind it. Facebook, after all, is usually spot-on with their targeted ads.
We are not safe anywhere on the Internet. Hence, it is up to us to educate ourselves and implement effective practices that will help maximise our online security. Looking up alternatives and finding the safest option might safeguard us from many unknown dangers that lie out on the Internet.
Zarin Rayhana lives in the down under and occasionally craves biriyani. Send her recipes at firstname.lastname@example.org