As people around the world started following shelter-in-place orders, popular video conferencing platform Zoom quickly gained new users, noting in a recent blog post that it had reached more than 200 million daily users last month, up from 10 million in December. From virtual conferences to online birthday parties, thousands of individuals have flocked to Zoom in an attempt to remain social at a time when social gatherings are banned.
Yet, while Zoom may have seemed like the perfect alternative to in-person gatherings, a major security flaw has been lurking in the system. Following the sudden balloon in daily users, it was discovered last week that thousands of personal Zoom videos have been left viewable on the open web.
What’s the issue?
Ankit Bhatia, CEO and co-founder of the Sapien Network social platform, told Cointelegraph that signing into Zoom has never been a secure process:
“If you know the server the Zoom call is on, then you only need to run a script to generate the right sequence of numbers at a given time and you’re potentially in on a conference, be it a daily technical standup or an AA meeting. This is especially easy when Zoom users don’t password-protect their meetings.”
In addition to strangers having access to “private” Zoom videos, personally identifiable information such as email addresses and passwords have also been compromised.
Jeff Pulver, Voice Over Internet Protocol pioneer, told Cointelegraph that the main issue with all major communication services like Zoom is that it uses centralized data storage mechanisms. Due to this, Zoom poses security threats to the confidential information it gathers. He explained:
“Companies like Zoom say they cannot access user data, but they still mine the data generated by those apps, such as how often users talk to someone and whose phone numbers they have stored in their smartphone’s address book. Routing all business and personal data through a centralized server with one main point of contact poses an overwhelming number of threats for information security.”
Pulver, who authored the “Pulver Order” adopted by the U.S. Federal Communications Commission to ensure that users need not pay for communication apps such as FaceTime, understood early on the data issues posed by Zoom. He noted that the thousands of data breaches witnessed between 2018 and 2019 should have been a global wake-up call for people who are looking to better understand how their data was being used by third party platforms.
Blockchain can power a new era of communication
As such, Pulver believes that the best way of making high-security communications services universally available is through the use of blockchain technology. “By refraining from centralized control, we will be removing the weak link from the equation — the third parties,” he explained. Pulver has spent the past year developing a blockchain-based communications network called Debrief.
Unlike conventional video applications, Debrief is an open-source blockchain network upon which communication applications can be built. According to Pulver, leveraging blockchain creates a higher level of security when it comes to users’ personal information:
“Unlike Facebook Messenger or Google’s Hangouts, Debrief encrypts user messages by default and also retains virtually no information from users, including messages and address books, on its servers, since they are decentralized.”
Karen Sun, Debrief full-stack developer and former solution configuration manager of Ericsson, told Cointelergraph that, “Even if our servers get hacked, the perpetrators will not be able to decrypt the messages stored there.”
According to Pulver, Debrief has been primarily built for fast and private transactions. Unlike mainstream public chains like Ethereum, the Debrief infrastructure has been constructed to ensure fast and trusted connections specifically for communication. Pulver further noted that Debrief contains an open-source Middleware component, allowing for mainstream centralized applications such as Zoom to utilize Debrief's blockchain “by wrapping their code into our code.”
While the Debrief Testnet privately launched in February 2020, Pulver mentioned that the MainNet launch is expected in the fourth quarter of this year. The Middleware public launch is also projected for the same period.
A video conferencing DApp
For use in the meantime, Pulver explained that a decentralized application has been built on the Debrief network. The DApp provides HD video conferencing, peer-to-peer audio and video calling, messaging, decentralized file storage and more. The beta version of Debrief has just been released, which has already seen over 1.2 million transactions from over 3,000 participating users.
Pulver mentioned that the challenge moving forward will be generating public awareness for blockchain-based communication networks, adding, “We need to find developers who want to use our blockchain to see what they are able to do with the APIs.”
Additionally, regulatory and data standard challenges might also hamper the adoption of a blockchain-based communication network. A recent Telecoms Tech article highlights these challenges, stating, “The current telco industry adheres to a set of data standards, structures, and transmission infrastructure. As such, bringing blockchain applications to this existing framework presents significant challenges.” Pulver, however, remains optimistic, saying:
“We have the ability to bring this to the communications industry and my hope is to get thousands of people to connect and innovate in a positive, secure way.”