Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Google Privacy Security

Google Told Its Workers That They Can't Use Zoom On Their Laptops Anymore (buzzfeednews.com) 25

BuzzFeed News has learned that Google has banned the popular videoconferencing software Zoom from its employees' devices. From the report: Zoom, a competitor to Google's own Meet app, has seen an explosion of people using it to work and socialize from home and has become a cultural touchstone during the coronavirus pandemic. Last week, Google sent an email to employees whose work laptops had the Zoom app installed that cited its "security vulnerabilities" and warned that the videoconferencing software on employee laptops would stop working starting this week.

"We have long had a policy of not allowing employees to use unapproved apps for work that are outside of our corporate network," Jose Castaneda, a Google spokesperson, told BuzzFeed News. "Recently, our security team informed employees using Zoom Desktop Client that it will no longer run on corporate computers as it does not meet our security standards for apps used by our employees. Employees who have been using Zoom to stay in touch with family and friends can continue to do so through a web browser or via mobile.â
Earlier this month, Elon Musk's SpaceX also banned employees from Zoom, citing "significant privacy and security concerns." And on Monday, New York City's Department of Education urged schools to abandon Zoom and switch to a service from Microsoft.
This discussion has been archived. No new comments can be posted.

Google Told Its Workers That They Can't Use Zoom On Their Laptops Anymore

Comments Filter:
  • by SuperKendall ( 25149 ) on Wednesday April 08, 2020 @04:38PM (#59923002)

    Employees who have been using Zoom to stay in touch with family and friends can continue to do so through a web browser or via mobile

    Well that's great... except that's how everyone already uses Zoom, do they not understand that using Zoom on the web means it downloads and installs a native complement that is then used for the actual videoconferencing?

    Saying they are banning Zoom, but saying you can "continue using it on the web" seems to make no sense.

    They certainly cannot ban it altogether as it's how a lot of people stay in contact with lots of other people.... Zoom has too much of a network effect going now to realistically ban.

    • by markus ( 2264 ) on Wednesday April 08, 2020 @04:54PM (#59923052) Homepage

      Zoom has all sorts of different ways to access it. On my Chromebook, I can use the Chrome app (crashes after a few minutes, though), the Android app (works fine, but is extraordinarily difficult to start, because of some stupidity by Zoom), and the HTML5 web site (slightly easier to start, works fine, but has limited features).

      From what Google has said, the first two options are no longer allowed. That't no big loss. They were buggy anyway. The third option still works and is allowed to be used.

      On Mac and Windows, there also are options for native applications. Again, these would not be allowed by Google for security reasons. That's a bit more disappointing for users, as these apps have more features than the browser interface.

      In an ideal world, Zoom would put resources into properly implementing the HTML5 version of its service and abandon all the broken and insecure other clients. It's bizzare that they would have spent so much effort in writing per-platform solutions, when they already have a cross-platform solution that is more stable, but needs a couple of extra features.

    • You dont keep personal contacts on your work machine. I mean wtf...
    • . Zoom has too much of a network effect going now to realistically ban.

      yeah..no. Zoom was banned by my employer last month and banned by several other places I contract into last week. it is not essential, especially in this day an age when there are a shitload of alternatives.

    • by trawg ( 308495 )

      Well that's great... except that's how everyone already uses Zoom, do they not understand that using Zoom on the web means it downloads and installs a native complement that is then used for the actual videoconferencing?

      You can use Zoom in web client only using this browser extension [github.com].

      If you view the source for the extension - it's only a few lines of JavaScript - you can see what it does. You can do it manually - basically if you get a Zoom invite URL it looks something like zoom.us/j/1234567. If you change this to zoom.us/wc/1234567/join, it will open using the web client only - no need to install third party software.

      I have used this successfully for one meeting already. I tried it again last night and this time it aske

  • I would have thought that a block on using Zoom (and Skype and...) would be already in place with instead Google employees using their own product Hangouts. I know that Hangouts is blocked in some countries, but I would have thought that Zoom was blocked in those countries as well. Last I heard Hangouts was on the way out, but I just checked and it's still there.

    • Re: (Score:3, Informative)

      by SuperKendall ( 25149 )

      instead Google employees using their own product Hangouts.

      Even Google is not that cruel.

      I had to use hangouts for a bit, it was hands-down the absolute lowest quality conferencing software I've ever used.

      Mainly in terms of video/audio quality.

      • by markus ( 2264 )

        It's also in the process of being shut down. Google has a long-standing tradition of building messaging products, stopping work once the product is 80% complete and then discontinuing before a replacement is fully developed. Rinse and repeat. They've been doing this for more than a decade.

  • Today, Alex Stamos (ex of facebook, currently of Stanford University) announced that he is consulting with them on their issues:

    https://medium.com/@alexstamos/working-on-security-and-safety-with-zoom-2f61f197cb34

    Obviously, claiming to have end-to-end encryption when you don't is more in the nature of a lie than a stumble, but they have a lot going for them in the ease-of-use and breadth of adoption, so maybe they can turn it around.

    • Obviously, claiming to have end-to-end encryption when you don't is more in the nature of a lie than a stumble, but they have a lot going for them in the ease-of-use and breadth of adoption, so maybe they can turn it around.

      The fact that IE6 was dominant for so long attests to that. Plus the fact that, unfortunately, most people couldn't care less about security.

      Zoom says it's devoting the next 90 days to security and bugfixes. Let's see how things look after that - it's not as if any of the alternatives don't have their own concerns (which aren't always security-related, per se).

      • Zoom says it's devoting the next 90 days to security and bugfixes.

        No, fuck that. They outright LIED about a fundamental part of their security model.

        Bugs happen, I can forgive a few missteps. Hell, heartbleed was a thing, but it wasn't intentional.

        This is a company that intentionally created an insecure product and advertized it as secure.

    • Re: (Score:3, Insightful)

      by jrumney ( 197329 )

      Claiming you have end-to-end encryption when you don't to build up a paying customer base is FRAUD.

  • Zoom has two problems: their code is shit and the CCP loves stealing corporate secrets. This is why installing any applications for using Zoom is out. However, the web client is sandboxed so it's as secure as any other webpage.

  • ...maybe if Google had actually put some effort into hangouts years ago rather than deciding to kill it because they couldn't make a ton of money off it, and deciding to begin to move it to the graveyard.

  • by fermion ( 181285 ) on Wednesday April 08, 2020 @07:39PM (#59923590) Homepage Journal
    So Google gives away Stadis in exchange for users registering for gmail, thus increasing the chance the user will log into when harassed by an app like gmail thus allowing Google to track every movement and sell user data.

    Then complains that Zoom is doing the same.

    Don't get me wrong. Zoom leaks data like sieve, and Google is right to ban the use from Google kit. Google is big enough that it should have a secure way for employees to communicate. That google employee would use Zoom says something about how bad Hangouts is.

    That enterprise would use Hangouts says how security insensitive most eneterprise is.

    • Google is banning the usage of Zoom apps on company provided hardware which employees are provided to use for work. They are not banning their employees from using zoom on their own personal devices. This ban has nothing to do who has the right to track, but rather google not wanting apps with plenty of knows security issues, and/or a competitor app collecting information while running on their hardware and their networks. Zoom is free to ban google apps, or even block connections to google.com from their h

    • That google employee would use Zoom says something about how bad Hangouts is.

      All Google-internal video conferencing is done with Hangouts Meet, which is actually very high quality, and well-integrated with the rest of GSuite (email, calendaring, room reservations, electronic whiteboards, etc.). This is about employees using Zoom to communicate with friends and family, which they almost certainly do only because that's what said friends and family are already familiar with, not because the Googler recommended it.

      That enterprise would use Hangouts says how security insensitive most eneterprise is.

      Hangouts security is very good, both in its original incarnation and in

  • by sad_ ( 7868 )

    your own dog food,
    eat it.

  • Employees who have been using Zoom to stay in touch with family and friends can continue to do so through a web browser or via mobile.

    What difference does it make? The vulnerabilities that were mentioned recently are data sharing with Facebook and lack of end-to-end encryption. I fail to see how the web client would mitigate those issues. Now, maybe there are other issues with the Zoom client app.

    • Don't you get it? Google simply doesn't want zoom on laptops provided to their employees. Other than that, the employees are still free to use it on their personal devices. As long as zoom doesn't get installed on a google owned device, they don't care. Get it?
  • Google thinks Zoom is a risk and they have every right to ban their employees from using it on the company laptops. Of course if their employees insist on using zoom on their personal devices, Google has no right to speak about that.

"You'll pay to know what you really think." -- J.R. "Bob" Dobbs

Working...