Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Privacy

A Feature on Zoom Secretly Displayed Data From People's LinkedIn Profiles (nytimes.com) 39

Posted by msmash from the zoombombing dept.
After an inquiry from The New York Times reporters, Zoom said it would disable a data-mining feature that could be used to snoop on participants during meetings without their knowledge. From a report: For Americans sheltering at home during the coronavirus pandemic, the Zoom videoconferencing platform has become a lifeline, enabling millions of people to easily keep in touch with family members, friends, students, teachers and work colleagues. But what many people may not know is that, until Thursday, a data-mining feature on Zoom allowed some participants to surreptitiously access LinkedIn profile data about other users -- without Zoom asking for their permission during the meeting or even notifying them that someone else was snooping on them. The undisclosed data mining adds to growing concerns about Zoom's business practices at a moment when public schools, health providers, employers, fitness trainers, prime ministers and queer dance parties are embracing the platform. An analysis by The New York Times found that when people signed in to a meeting, Zoom's software automatically sent their names and email addresses to a company system it used to match them with their LinkedIn profiles.
This discussion has been archived. No new comments can be posted.

A Feature on Zoom Secretly Displayed Data From People's LinkedIn Profiles More

A Feature on Zoom Secretly Displayed Data From People's LinkedIn Profiles

Comments Filter:
  • ...I guess Zoom is SOL when you don't have a Linked in profile...or FB or twitter...etc.

    Why not ditch social media and give ALL of them a big goose egg when they search for you on social media?

  • The knives are really out for Zoom (Score:5, Interesting)

    by kalpol ( 714519 ) on Thursday April 02, 2020 @11:07AM (#59900732)
    Was this Zoom or was it a plugin? Was it the same as just looking up their profile on Linkedin? Does the profile owner opt into this? This is the fourth or fifth article I've seen in the last 24 hours with vague statements about Zoom issues. Is it real, or is it astroturfing?

    • Re: (Score:2)

      by guruevi ( 827432 )

      It's astroturfing, Zoom is doing extremely well in the stocks and people are trying to manipulate the market.

      - It is a Zoom plugin, basically you share your e-mail address with someone, the plugin automatically looks up whether you have a LinkedIn.
      - If you pay for Zoom, you can manipulate the data being shared over even get a HIPAA BA, so doctors and hospitals remain safe
      - Similar features exist on Slack, Office365, Salesforce pretty much any cloud platform you can think of

    • Re: (Score:2)

      by Luthair ( 847766 )
      From the article the author claimed it was able to de-anonymize someone using a pseudonym, in which case some third party service (perhaps even linkedin itself) was providing a name for the IP. Or the reporter is a dumbass and used his email.
    • Yea it's weird. Within a day or two the usual journalists suddenly all pile on Zoom. Did Zoom somehow offend them and now the journos are trying to get back at them for something with these hit pieces?

  • Zoom is addressing all the issues pretty quickly, or so it seems. However, all these issues show a company that uses any means to make money and I donâ(TM)t see how that will change in the future.
    Iâ(TM)m not going to use Zoom unless I can help it.....

  • I've not tried Zoom yet (Score:5, Funny)

    by OrangeTide ( 124937 ) on Thursday April 02, 2020 @11:08AM (#59900740) Homepage Journal

    I'm looking for a new service that can skim my personal data then leak it or have it hacked. Is Zoom the best for this, or would you recommend a better alternative?

    • Re: (Score:2)

      by kalpol ( 714519 )
      Teams and Hangouts beat Zoom for this by a country mile.

      • Can they leak more than my LinkedIn profile? I'm looking for something that could leak tax returns or my medical history. I'm kind of tired of the usual trash that can do little more than leak revealing pictures of my ex-girlfriend.

        • Re:I've not tried Zoom yet (Score:5, Funny)

          by AleRunner ( 4556245 ) on Thursday April 02, 2020 @12:05PM (#59901056)
          Probably what you need is Microsoft Windows 10 (TM), This is somewhat complex and difficult and will involve learning a complete new interface for your computer but it gets low level access to all of your data and can see your browser sessions as well as your files. It even has really neat naming with the spy features called "Telemetry". It's definitely not as convenient as Google Chrome or Zoom but it goes much deeper, especially when teamed up with Facebook for full on integrated monitoring of all your friends. Definitely the power user's choice.

    • I'm looking for a new service that can skim my personal data then leak it or have it hacked. Is Zoom the best for this, or would you recommend a better alternative?

      Well, Facebook is still probably in the lead but at least everyone knows that they're shit. With Zoom you can have a teleconferenced class of elementary students and have it Zoom-bombed with porn or cock pics. https://www.buzzfeednews.com/a... [buzzfeednews.com]

    • Re: (Score:2)

      by mccalli ( 323026 )
      [Experian](https://www.theguardian.com/business/2015/oct/01/experian-hack-t-mobile-credit-checks-personal-information).

  • Just goes from bad to worse (Score:3)

    by RotateLeftByte ( 797477 ) on Thursday April 02, 2020 @11:09AM (#59900752)

    for Zoom.
    What if you don't have a LinkedIn profile? does it display...

    "This sad sack has no friends."

    Can we turn the spotlight on Skype next? Since MS took over it has sucked.

  • Obligatory Zoom Response (Score:3)

    by phalse phace ( 454635 ) on Thursday April 02, 2020 @11:14AM (#59900780)

    "We take privacy extremely seriously"

    LOL

  • Bullshit (Score:5, Insightful)

    by darkain ( 749283 ) on Thursday April 02, 2020 @11:14AM (#59900782) Homepage

    This one seems kinda like bullshit to me. Zoom isn't "data mining" in this case, Zoom is simply showing PUBLICLY AVAILABLE LinkedIn information. People who use LinkedIn have the ability to be searched on that platform. That's literally how that platform works. If you use a WEB BROWSER, you can search for the same exact information (user's job title / employer) using the exact search information (real name or email address). This is just Zoom doing this automatically.

    But yes, this is all Zoom's fault... not LinkedIn (aka Microsoft)

    • Re:Bullshit (Score:4, Interesting)

      by ljw1004 ( 764174 ) on Thursday April 02, 2020 @12:25PM (#59901142)

      This one seems kinda like bullshit to me. Zoom isn't "data mining" in this case, Zoom is simply showing PUBLICLY AVAILABLE LinkedIn information

      I think this case highlights that people don't like unexpected dataflows. They get some video-conferencing software and they expect it to video-conference, not to also connect to other data-sources. They get a flashlight and expect it to show light, not to also send information about their location and contacts. They ask Siri a question and expect an answer, not also for their audio to be stored in a database. They get a vacuum cleaner and expect it to clean floors, not to also upload floormaps of their house for someone else's resale. They get a text-editor and don't also expect it to read their emails. http://www.catb.org/jargon/htm... [catb.org]

      (By the way, data-mining has nothing to do with "publicly available" or not. It refers solely to the practice of reading from a large database for information.)

      Maybe it's time for a law which says if a consumer product has unexpected dataflows then it's open to civil liabilities and class-action lawsuits. The statute needn't define what "expected" means - that can be left to case-law and the courts on a product-by-product basis, since it's already the courts' bread-and-butter to decide intent and expectation.

      • At what point should "unexpected dataflows" become expected? It seems like a never-ending drumbeat of "if you put info into a service, it gets sold and spread around" regardless of the company involved. So why is it still reasonable for people to assume that free software doesn't try to make money somehow?

        • Re: (Score:2)

          by ljw1004 ( 764174 )

          At what point should "unexpected dataflows" become expected? It seems like a never-ending drumbeat of "if you put info into a service, it gets sold and spread around" regardless of the company involved. So why is it still reasonable for people to assume that free software doesn't try to make money somehow?

          Good question. I think it's easy for tech-savvy people, or ones who follow tech news (like us), to understand the data-dealing business models of free software, and to underestimate how little other people understand. I think that a court and lawyers would be well places to figure out where your point is, and enshrine it in case law.

  • For their meetings. AAA has went to online meetings where everyone is anonymous, and recovering alcoholics go to meetings for support. Someone broke into the meeting posting porn and other disruptive things.

    https://www.cbsnews.com/news/zoom-hackers-aa-meetings-held-digitally-coronavirus-zoom-bombing-breaking-in-harassing-recovering-alcoholics/ [cbsnews.com]>br>
    For groups like this, this was a method to still help people. And Zoom was what they had come up with to continue. What else is out there for groups l

    • Re: (Score:1)

      by guruevi ( 827432 )

      Zoom has settings to allow people to join selectively. Just because the defaults on the free version suck, doesn't mean you can't fix it. This is just user education - in most cases, you can get a Zoom subdomain and private meeting ID's with PIN numbers. If you're sharing this data publicly, then yeah, anyone with that information can join and do weird things, unless you turn off screen sharing/video sharing for participants which is an option. If you go to an AA meeting, you can have a nudist join you just

    • AAAAA The car club for alcoholics.
  • Again and again, people privacy and security are at risk. We need more open source teleconferencing solutions, with full encryption, and a donation-based connection server system.

  • From the article:

    In tests conducted last week, The Times found that even when a reporter signed in to a Zoom meeting under pseudonyms — "Anonymous" and "I am not here" — the data-mining tool was able to instantly match him to his LinkedIn profile.

    In doing so, Zoom disclosed the reporter's real name to another user, overriding his efforts to keep it private.

    People need to know whether they have successfully controlled the release of their identity or not, and Zoom wasn't lifting a finger to help

Slashdot Top Deals

For God's sake, stop researching for a while and begin to think!

Close