Zoom’s Security Woes Were No Secret to Business Partners Like Dropbox
Dropbox privately paid top hackers to find bugs in software by the videoconferencing company Zoom, then pressed it to fix them.
“Dropbox grew so concerned that vulnerabilities in [Zoom] might compromise its own..security that..[it] began privately offering rewards to top hackers to find holes in Zoom’s software..they were stunned by the volume & severity of the security flaws”
Zoom security is so bad Dropbox itself paid for disclosures: “The former Dropbox engineers said they were stunned by the volume and severity of the security flaws that hackers discovered in Zoom’s code — and troubled by Zoom’s slowness in fixing them” 😲
Read this if you are still using Zoom: and is your password for sale on the Dark Web?
The New York Times
Former Dropbox engineers say Zoom’s security woes can be traced back two years or more, and they argue that the company’s failure to overhaul its security practices back then put its business clients at risk
Great story on
Plus, a great piece in the Atlantic on how Facebook works, and my colleagues
on the warning signs of Zoom's risks.
I'm sympathetic to Zoom, because there are tradeoffs to balancing security and privacy. But when your customers warn you about risks to Zoomboming, and you don't do anything...
Zoom’s Security Woes Were No Secret to Business Partners Like Dropbox - The New York Times