Zoom hires ex-Facebook security chief Alex Stamos as an adviser to beef up privacy of its video-conferencing app after internet trolls expose flaws that allow them to crash meetings

• Former Facebook security chief, Alex Stamos, revealed he’s been hired by Zoom 
• Stamos will serve as an adviser for the video-conferencing app and help the company beef up its privacy and security after it was criticized globally 
• Since the coronavirus lockdowns have forced millions of Americans to work  and learn from home, most have been turning to Zoom to host virtual meetings 
• But company faced backlash after internet trolls were able to crash meetings  

Zoom has tapped former Facebook security chief Alex Stamos as an adviser and set up an advisory board to improve the privacy and security of its rapidly growing video-conferencing app amid a global backlash.

‘Some personal news… After tweeting about Zoom last week I got a call from the CEO, @ericsyuan, and we had a great chat. Happy to say that I’ll be helping Zoom out as they build up their security program,’ Stamos tweeted on Wednesday.  

Millions of users flocked to Zoom’s platform in the past few weeks, attracted by its ease of use, as coronavirus-led lockdowns forced people to work from home. 

Zoom has tapped former Facebook security chief Alex Stamos as an adviser and set up an advisory board to improve the privacy and security of its rapidly growing video-conferencing app amid a global backlash

‘After tweeting about Zoom last week I got a call from the CEO, @ericsyuan, and we had a great chat. Happy to say that I’ll be helping Zoom out as they build up their security program,’ Stamos tweeted on Wednesday

Many schools around the world also started using its free offering for online classes.

That in turn attracted scrutiny of its platform and Zoom faced widespread criticism from users worried about the lack of end-to-end encryption of meeting sessions, routing of traffic through China and ‘zoombombing’, where uninvited guests crashed meetings.

In a series of tweets in late March, Stamos called on Zoom to be more transparent and roll out a 30-day security plan.

‘Zoom is going to need to demonstrate more transparency, including putting a security face to all of these responses, Stamos tweeted on March 31.

‘A documented 30 day security plan that includes a feature freeze, several professional pen-tests and rolling out coordinated disclosure policies would be smart.

‘Also, all of these shallow bugs demonstrate the value of the hundreds of enterprise vendor risk assessments Zoom has gone through in the last couple of years. 

Following those tweets, Zoom Chief Executive Officer Eric Yuan called up Stamos, asking him to help the company build up its security, privacy and safety capabilities as an outside consultant.

‘Zoom has some important work to do in core application security, cryptographic design and infrastructure security, and I’m looking forward to working with Zoom’s engineering teams on those projects,’ Stamos, now an adjunct professor at Stanford University, wrote in a Medium blog post on Wednesday.

Stamos left Facebook in 2018 due to the company’s response, or lack thereof, to the troubles relating to user data security and election interference.

In a series of tweets (pictured) in late March, Stamos called on Zoom to be more transparent and roll out a 30-day security plan

Following those tweets, Zoom Chief Executive Officer Eric Yuan called up Stamos, asking him to help the company build up its security, privacy and safety capabilities as an outside consultant. A teacher uses Zoom in Virigina 

Taiwan and Germany have put restrictions on its use, while Elon Musk’s SpaceX has banned the app over security concerns. The company has also been slapped with a class-action lawsuit. 

‘It would be in Zoom’s best interests to conduct a full scale investigation into the security lapses and provide a report of whether or not the lapses led to an actual compromise,’ said Theresa Payton, a former White House Chief Information Officer and currently CEO of Fortalice Solutions.

To address the concerns, Zoom has embarked on a 90-day plan and has formed a CISO Council, which includes chief information security officers of HSBC, NTT Data, Procore and Ellie Mae, to discuss about privacy, security and technology issues.

It has also set up a board to advise CEO Yuan on privacy issues. The initial members include executives from VMware, Netflix, Uber and Electronic Arts.

‘I would think, however, that whatever issues Mr Stamos and advisory board identify will take more than 90 days to fix, revise, or change in the network,’ said Summit Insights Group analyst Jonathan Kees.

Zoom, which competes with Microsoft’s Teams and Cisco’s Webex, has seen daily users jump to 200 million from 10 million and the stock surged to a record high in March.

The recent concerns, however, have shaved 31 per cent from the stock’s March high of $164.94 through Tuesday’s close. It was up 8 per cent in early trading on Wednesday on the Nasdaq.

Source: Read Full Article