The former Dropbox engineers, however, say Zoom's current woes can be traced back two years or more, and they argue that the company's failure to overhaul its security practices back then put its business clients at risk.
After Dropbox presented the hackers' findings from the Singapore event to Zoom Video Communications, the California company behind the videoconferencing service, it took more than three months for Zoom to fix the bug, the former engineers said. Zoom patched the vulnerability only after another hacker publicised a different security flaw with the same root cause.
Even critics acknowledge that Zoom remains the most user-friendly videoconferencing service on the market and has become a crucial communications tool during the pandemic. Security researchers also praised Zoom for improving its response times — quickly patching recent bugs and removing features that presented privacy risks to consumers.
Many companies, including Zoom, have"bug bounty programmes" in which they pay hackers to turn over flaws in the company's own software code. But Dropbox, which has integrated its file-sharing services with Zoom, did something novel. In early 2019, Dropbox sponsored HackerOne Singapore, the live hacking competition. To put pressure on Zoom to take security more seriously, former Dropbox engineers said, Dropbox included the videoconferencing service among companies for which it offered bug bounties at the event.
France Dernières Nouvelles, France Actualités
Similar News:Vous pouvez également lire des articles d'actualité similaires à celui-ci que nous avons collectés auprès d'autres sources d'information.
La source: ChannelNewsAsia - 🏆 6. / 66 Lire la suite »