Sometimes it takes years of criticism to get a company to do the right thing. Every once in a while, it can happen overnight.
Wednesday night was such a night.
After a series of investigative reports, blog posts, and Twitter threads examining Zoom’s design practices and security features, CEO Eric S. Yuan said the company would pause the development of new features and devote all of its engineering resources to fixing privacy and security issues. He also dropped an eye-popping statistic: in three months, Zoom has gone from an average of 10 million daily users to 200 million daily users. Yuan writes:
For the past several weeks, supporting this influx of users has been a tremendous undertaking and our sole focus. We have strived to provide you with uninterrupted service and the same user-friendly experience that has made Zoom the video-conferencing platform of choice for enterprises around the world, while also ensuring platform safety, privacy, and security. However, we recognize that we have fallen short of the community’s – and our own – privacy and security expectations. For that, I am deeply sorry, and I want to share what we are doing about it.
Yuan’s list of next steps is long and impressive. In addition to the feature development freeze, the company said it would conduct a “comprehensive review” with outside experts and users to understand the challenges that have come with such rapid expansion. It will improve its bug bounty program and form a council of chief information security officers. And Yuan will begin hosting a weekly webinar to update users on the company’s progress.
Notably, this is all basically exactly what Ben Thompson suggested that Zoom do.
And it’s in addition to some other steps, all announced Thursday — like fixing its bizarre MacOS installer, which made an end run around normal user permissions and involved using a misleading prompt. And removing a feature that mined users’ LinkedIn profiles without their consent. And patching a Windows vulnerability.
To the company’s critics — and I have been one myself — Zoom’s moves represent a welcome change in tone. The company has never been particularly hostile to critics, but I do think it has been at least a little slow to acknowledge their concerns.
And if Thursday was any indication, those concerns will still come. In addition to the LinkedIn issue, Brian Krebs reported that miscreants have written a program called zWarDial to guess Zoom meeting identification numbers and then join calls uninvited. You can password-protect your meeting, but many people don’t — either for convenience, or because they’re unaware of the security risk. Krebs writes:
Lo shared the output of one day’s worth of zWarDial scanning, which revealed information about nearly 2,400 upcoming or recurring Zoom meetings. That information included the link needed to join each meeting; the date and time of the meeting; the name of the meeting organizer; and any information supplied by the meeting organizer about the topic of the meeting.
The results were staggering, and revealed details about Zoom meetings scheduled by some of the world’s largest companies, including major banks, international consulting firms, ride-hailing services, government contractors, and investment ratings firms
At least one of the meetings, he writes, came from a “tech company that’s taken to social media warning people about the need to password protect Zoom meetings!”
So: there’s still some work to do. And yes, some of that work needs to be done by Zoom’s users. Anyone who is using the app to set up meetings should first read the company’s instructions for ensuring no uninvited guests show up.
But given how vital Zoom will remain in the weeks and months to come, we ought to be glad the company acted as quickly as it did.
Today in news that could affect public perception of the big tech platforms.
⬆️Trending up: Amazon plans to roll out temperature checks and face masks for staff at all its US and European warehouses, as well as Whole Foods, by early next week. The news marks a major win for workers who’ve been fighting for better safety measures for weeks.
⬇️Trending down: A leaked Amazon memo shows the company planned to smear the warehouse worker who organized the walkout on Staten Island. “He’s not smart, or articulate,” wrote Amazon General Counsel David Zapolsky. Yeesh.
⬇️Trending down: Some Amazon employees with fevers are being sent home without pay.
⬇️Trending down: Employees at Jeff Bezos’ aerospace firm Blue Origin say the company is pressuring them to launch a tourist rocket amid the coronavirus pandemic. The rocket is designed to take wealthy people into space.
Amazon is banning the sale of N95 and surgical masks to the general public. The company will only allow hospitals and government organizations to purchase the items. (Jason Del Rey / Recode)
Google lifted its coronavirus ad ban, which Democrats argued could give Trump an unfair advantage in the election. Now, the company will begin to allow some advertisers to run ads across its platforms that address the virus. (Sara Fischer / Axios)
A few high-profile lifestyle influencers have posted about fleeing New York City to smaller towns. Doctors say this behavior could put local communities at risk and inadvertently encourage more people to do the same. (Taylor Lorenz / The New York Times)
Screen-time limits for kids have gone out the window due to the coronavirus pandemic. With schools out and parents having to work from home, screens have become a necessity. (Helene Fouquet and Sarah Frier / Bloomberg)
Startups focused on deliveries and digital communications are growing amid the coronavirus pandemic. Here are five companies seeing a particular surge, including the social app Marco Polo. (The Information)
Brazil’s president, Jair Bolsonaro, is continuing to downplay the coronavirus pandemic. He’s dismissed the illness as mere “sniffles,” and denounced it as a “pretext” ginned up by his political enemies to “get” him. Social networks have removed several of his posts so far. (Jon Lee Anderson / The New Yorker)
Total cases in the US: At least 234,483
Total deaths in the US: At least 5,700
Reported cases in California: 9,816
Reported cases in New York: 92,381
Reported cases in Washington: 5,984
Facebook removed networks of accounts in France, Egypt, Russia, Ghana, and Nigeria for coordinated inauthentic behavior. The networks in Ghana and Nigeria were operating on behalf of Russian nationals. The news is part of Facebook’s March transparency report. (Facebook)
Twitter took down 9,000 accounts pushing coronavirus propaganda praising the government of the United Arab Emirates. (Jane Lytvynenko / BuzzFeed)
Facebook brought its Messenger app to desktop. You can now access Messenger — including unlimited and free group video calls — on MacOS and Windows. (Christine Fisher / Engadget)
TikTok got an early and unexpected lift from the controversial YouTuber PewDiePie. The creator mentioned the app in a video, which led to a slew of downloads outside the middle-school demographic that had already started using the app. (Yunan Zhang / The Information)
Amazon is investing hundreds of millions of dollars into becoming a leading creator and distributor of video games. The company is set to release its first original big-budget game, an ambitious science-fiction shooter called Crucible, in May after several coronavirus-related delays. (Seth Schiesel / The New York Times)
The calendar app IRL is pivoting to virtual events. It will now focus on helping people find, RSVP for, plan, share and chat about online events. (Josh Constine / TechCrunch)
Things to do
Stuff to occupy you online during the quarantine.
Read these treatments for coronavirus sitcom episodes of 30 Rock, Parks & Rec, Frasier, and more. Tina Fey’s take on a new 30 Rock episode is particularly great.
Download a free new family edition of Cards Against Humanity. If you have a printer, you’re good to go.
Remix Grimes’ new album. She posted all the stems and vocals and is encouraging you to do what you like with it.
Watch The Sopranos, The Wire, Veep, and a number of other classic HBO shows. They’re going free on Friday.
Those good tweets
Talk to us
Send us tips, comments, questions, and your Zoom meeting ID: firstname.lastname@example.org and email@example.com.