Privacy and security of video-conferencing apps - The Daily Guardian
Connect with us

News

Privacy and security of video-conferencing apps

India must create a culture of innovation where there’s respect for individual privacy

Brijesh Singh and Khushbu Jain

Published

on

Privacy
Privacy and security of video-conferencing apps

The pandemic struck suddenly, before the world could fully comprehend its import, humanity went into a paralysis. Life across the globe came to a standstill. Governments, corporates, families and individuals had to suddenly adapt to new modes of communication, transaction and service delivery. In this mayhem, the online and digital world offered viable alternatives to commute, collaboration and decision-making. Apps and services, which were popular before Covid-19, suddenly became the only fallback option. A case in point being the popular video-conferencing application called Zoom. Such has been the surge in work from home and other collaboration needs that Zoom, which had 10 million daily users, crossed the 200 million mark in March; as of date it is claiming a daily user base of 300 million participants. Zoom is used by over 30,000 companies and over 40 million people worldwide including hundreds of thousands of educational institutions. Other such apps and alternatives also saw a huge growth, but Zoom was at the sweet spot of pricing, features, familiarity, differentiation and market presence to benefit from the Covid-19 outbreak.

With popularity came cyberattacks, hackers zoomed in on Zoom and started digging for flaws in its code, privacy advocates started examining its privacy and data use policies, others dug out its server locations, roots of the software code, permissions the app takes on your device and the safety/security of users on the platform. Pursuant to this, after rising sharply, Zoom’s share prices experienced a sharp fall in March when serious issues came to fore. To the company’s credit, it has been quick to adapt and has been responding well to criticism by making desired changes in code, configurations and policies. However, the broader question of the privacy, security and threats to individuals-businessesgovernments still needs a close examination. Recently, a former NSA researcher disclosed two new bugs that could have been used to take over a Zoom user’s Mac computer, including tapping into the webcam and microphone.

To make matters worse, these exploits apart from compromising Zoom can become a gateway for the attacker to additionally install other Malware and virtually takeover the victim’s computer or his/her identity. Security researcher Felix Steele dissected the Mac Zoom installer package. To his surprise he discovered that certain techniques that were being used by the pkg file were similar to those used by actual macOS malware samples (for example Coldroot and Proton). These malwares often pretend to be an Apple process or completely fake the password prompt. The installer also actually asks the user to blindly enter their system password into a dialog that pops up and makes use of elevated privileges to access system files. There have been instances of restricting Zoom usage by various countries for critical work and also by corporates. Examples range from Google stopping its employees downloading the app for work to Elon Musk’s rocket company SpaceX banning its employees from using it, in wake of “significant privacy and security concerns”.

Zoom also does not use end2end encryption which has become the standard for all communication apps and messengers. It was also found by Citizen Lab researchers that Zoom was using weak encryption keys, only 128-bit against a claim of the stronger 256-bit AES keys, as the company was proclaiming. The company has access to all encryption keys and to all video and audio content traversing its cloud, it’s possible that governments around the world could be compelling the company to hand over copies of this data, some of its servers are also hosted in China. It is also noteworthy that the video-conferencing software appears to be developed by three companies located in China, known as Ruanshi Software. Only two of these are owned by Zoom, ownership of the third company, American Cloud Video Software Technology, remains unknown. On a closer examination, the usage terms and privacy policy of Zoom mandates transfer of data outside India and it is also subject to commercial exploitation.

Though Zoom updated its privacy policy which is better than it was, it still collects a huge amount of data about users. Consent is only valid where it is reasonable to expect that the individual understands the nature, purpose and consequences of the collection, use and/or disclosure of the personal information to which they are consenting whereas Zoom policy falls short on this aspect. It should be noted that it considers its home pages “marketing websites”, which means it’s still using thirdparty trackers and surveillance-based advertising. The policy of commercial exploitation and transfer of data outside India can have impact and invite punishment if used by the government officials/departments (due to such inevitable transfer of government data outside its jurisdiction) since the same may be in a violation of the Public Records Act, 1993, the Official Secrets Act, 1923, The Email Policy as well as Policy for Usage of IT Resources of Government of India. It should be noted that the ministries and departments may host their servers with third parties, but are not permitted third-party hosting in servers outside India (as per the guidelines issued by the Ministry of Home Affairs and CERT-IN). In wake of the above security concerns, the Ministry of Home Affairs issued an advisory stating that ‘Zoom’ app is not a safe platform for video-conferencing and none of the critical meetings to be conducted using Zoom platform.

Nonetheless, the security of video-conferencing and live-streaming apps needs urgent audit including a forensic audit of the possible breaches due to known and unknown vulnerabilities (even though some recently patched by Zoom). Our dependence on these technologies today is so complete that until viable alternatives emerge, we have no recourse but to keep using them. If we undertake a set of system hardening and tweaking of configuration settings, contingent risks can be mitigated to a large extent. Another way would be to use alternatives which are less popular or are self-hosted on company’s or personal servers/cloud accounts. Organisations should carefully consider the risk if they should continue working with the popular ‘free’ solutions. The general user should assert her rights in relation to these technology giants. We exhibit extreme caution and vigilance in using government apps and services, while paradoxically falling prey to corporate surveillance wilfully. The same standards (if not more stringent) of accountability as those applied to the services by administration should be made applicable to intermediaries and platforms which provide these technologies.

A free product commoditises you; even if one has accepted this position, the moral and ethical obligations of the service provider to protect the interests of the average user do not go away. The service provider must incorporate data privacy principles for the collection, use and disclosure of personal information such as: Accountability; Identifying Purposes; Informed/ Explicit Consent; Limiting Collection; Limiting Use, Disclosure and Retention; Accuracy; Safeguards; Openness; Individual Access; and, Challenging Compliance. Union Minister for IT Ravi Shankar Prasad has spurred innovators in India by challenging them to create a world-class, homegrown video-conferencing solution. India, as a rapidly digitising nation, should create a culture of innovation where the respect for individual privacy is built in by design. Brijesh Singh is Inspector General of Police, Maharashtra, and Khushbu Jain is practising Advocate in the Supreme Court.

The Daily Guardian is now on Telegram. Click here to join our channel (@thedailyguardian) and stay updated with the latest headlines.

For the latest news Download The Daily Guardian App.

News Plus

Aatmanirbhar bharat is a ‘phenomenal initiative’: Volvo group’s president, Kamal Bali

Published

on

The President and Managing Director of the Volvo group, India, Mr Kamal Bali joined NewsX for an exclusive round of interview. Mr Bali has a distinguished career traversing over 3 decades, predominantly in the automobile division.
He addressed what a stressful and unprecedented sort of situation the ongoing coronavirus pandemic has created for the automotive industry. “This pandemic came out like a bolt from the blue and no one was prepared for it and especially our industry, the automotive industry which was already reeling under a demand slowdown towards the end of last year”.

Mr Bali was looking for better times with a lot of optimism, especially with the new emission norms coming in and lots of new models which were to come in for the entire auto industry. He told how the automotive industry’s slowdown impacts the entire country. “It was very big of a U-turn for the auto industry, it accounts for 7-8 per cent of our GDP, so it is a big jolt to the country and to the whole economy as such”.

Mr Bali believes that in terms of numbers, the recovery in the sector will be very slow. “The reason is that the industry was already going through a slowdown as I mentioned and in the current financial year 2020-21. There are estimates of different kinds but its likely that the industry will see a further contraction of between 25-35 per cent”.

According to Kamal Bali, it’s very difficult to say that what exactly they will end at because it will depend on the pathways of the pandemic. “How it does, how as an industry and how as a society we come in terms with. As ultimately, itsalso a question of lives and livelihoods”. So he thinks that its going to be challenging but he is still optimistic.

“Seeing numbers in June, there has been some improvement over May. May to June has been a huge, a positive reinforcement, which is good news for the industry even though it is much much lower than the June of last year”. So he thinks that there are some positive things but he also thinks that a lot more can be done. “Of course, it won’t be business going forward as usual but, a lot of other factors are going to come into play but I think if we can get a good fiscal stimulus, this industry can bounce back sooner than we expect”.

The Volvo President appreciates the limited elbow room, the finance minister had, and he thinks that despite that, she did a wonderful job. “I think the supply side thing was largely addressed, a lot of liquidity and monetary measures have been taken for the economy as a whole and also, addressing several vulnerable sections of the society and economy including the MSMEs and people at the economically weaker sections of the society, having said that I think the demand side also needs to be looked at now, this is the right time”.

He further said, “I think as the supply side is getting addressed, as factories have started manufacturing and remanufacturing, now, we have come to levels of 50-60 per cent of our original pre-COVID levels. I think now is the time when we also need a demand stimulus because discretionary demands have gone down. Since the economy is not at its full throttle the demand is not there”.

Mr Bali feels and what according to him the industry would like is four or five key things. “One is, a temporary reduction in the GST rates, things like trucks and buses fall under the luxury rate of tax which is 28 per cent GST. If this can be brought down to 12 or 18 per cent, if not permanently then at least for the next 6 months”.

He thinks that this can be a big boost because in any case, the industry has to spend more cost on the vehicles because of “transition from BS 4 to BS 6”. So this cost probably cannot be passed on fully to the customer as there are weaker sentiments in the marketplace.

So, if this reduction in the GST can be done temporarily, just to jump-start the economy, that’s one. The customers would be excited and they would like to look at the possibilities. “The second thing is lower interest rates, if some subventions can go on from typically 9 to 10 per cent to 6 per cent, I think that would be a big booster”.

According to Mr Kamal Bali, the third thing which could be the game-changer for the industry is the “scrap pitch policy”. He said, “So if they can decide on a 15-year or an 18-year scrappage policy, I think that could be a game-changer for the industry”.

Talking about the “Aatm nirbhar” campaign of Prime Minister Narendra Modi, Mr Bali called it a phenomenal initiative. “We completely support it. I think this gives very very good confidence to the industry and the society at large. If you look particularly at the automotive industry, we are in a large way self-reliant. Our industry as such is well matured. There are still some gaps, which of course we will, if global companies can start doing more and more work in India, I think we can fulfil the dream of aatmnirbhar Bharat”.

He said that as far as Volvo is concerned, they are fully committed to India. “We have been serial investors in India. In fact, over the last 20 years, we have made serial investments”. Mr Kamal shared an anecdote about a venture Volvo made with Eicher motors. “Eicher motors, which is a very very successful joint venture as well. So we believe in the India story and we believe that India is the market which is going to grow. There can be a temporary pause because of pandemic and because of certain other structural reasons. But I think, our trajectory, our direction is spot on”!

He thinks that they need to make the supply chain more integrated with the global supply chains. “I think the industry will respond to the clarion call of the Prime Minister for making India aatmnirbhar”. On behalf of the Volvo group, he said that Volvo group is completely committed and will do whatever is required in the interest of the country as well as the group itself.

Continue Reading

News Plus

Need to bring in tech to make India Atmanirbhar, says Arjun Bajaaj, Director, Videotex & Founder, Shinco

Published

on

Director of Videotex & Founder of Daiwa & Shinco Arjun Bajaaj joined NewsX for an exclusive interview session and talked about his education, brands, making bases strong in the technology sector, India’s ban on Chinese apps, and more.

Mr. Arjun Bajaaj did his education from Pathways World School, a few kilometers away from Gurgaon, and then went to the University of Essex, UK to study Business Management.

The boarding school and the exposure overseas have really helped him become ‘confident and independent’. He also believes that this really helped him in the business world today.

The young entrepreneur, Arjun Bajaaj is really grateful to his parents for giving him this opportunity.

He also feels that the transition from college to his family business was not at all smooth and easy. He said that while he was in university, he did a lot of part-time jobs there. He went to retails, he also worked in some night clubs to get some exposure and understand the audiences. After completing his studies he came back to India and did his first internship in Samsung’s marketing department for a couple of months.
Mr. Arjun Bajaaj was put under six months of training when he joined his father’s company. That’s when he realized “we have a lot and we can take advantage of the infrastructure and the experience we have”.

When asked about his brand Daiwa, Arjun said that it isn’t easy creating one’s own brand. Sharing the details of the process, he said “My brand was pretty new in the market so I thought we will start with the e-commerce platforms. I reached out to a few e-commerce companies but they didn’t show a lot of interest initially. Then shop clues decided to support me.”

Arjun Bajaaj asked his father to lend him 50 TVs because no one was that confident that whether it would turn out well or not. Shopclues then predicted that they could sell probably around 100-150 TVs in the first month. So Arjun gave it a shot and ended up selling 50 TVs in a day. After this big achievement, he asked his father if he could lend some more TVs. He took around 150 more TVs which again were sold in 3 odd days. And that’s when they realized their potential that they can do well. In 2016, the journey of Daiwa began. They sold around 600 TVs in the first month. In 2018, Arjun Bajaaj took Daiwa to the offline space and it has been growing since then.

In 2018, Mr. Arjun launched another brand Shinco which is exclusively sold on the online space. Shinco became the best selling brand last year.
On asking how does Arjun makes his customer base strong, he replied that the manufacturing structure helps them today and they have the experience to build products for the Indian market. They design their products by knowing and understanding the likes of the audience, the problems they face.

The founder of Daiwa and Shinco also shared his views on the Chinese ban on 59 apps, the strict terms, and regulations on imports from China. He said that not many industry leaders are supporting the ban at the moment. A lot of things are manufactured in China and they have no choice but to buy certain parts from there. Talking about the TV industry, the biggest cost goes to the screen of the TV and that is not manufactured in India. ‘To make the Aatmnirbhar Bharat mission successful, we need to bring in that technology so that we can cover that major share that is missing.’

The government should ask the big brands who are selling in India today to bring the technology here because it requires very heavy investment and a lot of production. With that, it can open up gates for export. The entrepreneur, Arjun Bajaaj, advised other young entrepreneurs to learn from the mistake and try to fix them and keep moving forward. Sharing his success mantra on the NewsX A list show, Arjun Bajaaj said that he believes in staying positive. “If you stay positive and have the ability to work hard, then there is no way anyone can stop you”.

The products of Arjun’s brand are available in offline space with local retailers as well as some big retailers. Daiwa is present in the northern and western markets and in the Hyderabad area as well. By the end of this year, they will have coverage in entire India.

Shinco is available on Amazon as well as its website Shinco.in. So users can purchase the product either in the offline space or online space.

Continue Reading

News Plus

Health care should be available within 5 to 10 kilometers: Dr. Peddireddy Sridhar

Published

on

In an exclusive conversation with NewsX in a special segment, NewsX A-list, Dr Peddireddy Sridhar, CEO of the Omega Hospitals group catches up with us. With 20 plus years of service in Oncology, Dr Sridhar shares his experience in healthcare and his leadership journey.

Describing the unique leadership skills that he has acquired over the years, Dr Sridhar shares, “It’s very important to lead from the front. That’s what I’ve always done. I am an extremely aggressive and tough leader when it comes to deadlines, but still if one sees my core team they have been with me for the last 18 years. The reason is though I am tough when it comes to work,  I’m also very compassionate to make sure I’ve had them like hold their hands in all their ups and downs and that’s what actually matters.”

“They need the support of their leader from the back, which I believe I have done really good all these years apart from that it’s very important to understand people in your team, see what abilities they have which might encourage them to become leaders, to pull them into good managers because money is not always the motivator. But we need to give them the scope to grow in their careers.”

Opening about his journey and a high point in career, Dr Sridhar said, “People should always know when to enter and exit so I will tell my two high points. To start with the exit high point, I started my career in 1998 with probably one of the largest tertiary semi-government hospital, and during that period, I had a permanent job, and increment every year. But what happened is, after working for five to six years in the organisation I understood that this is not going to give me a platform to really show showcase my talent and potential.”

“So one fine day I decided to quit and joined a very small NGO with less than 40 employees. My reason for joining it was because it had some great potential and projects, which I thought will help me to really strengthen my grassroots knowledge of healthcare which would be important for me later in the career. That decision really changed my perspective towards healthcare and I learnt a lot of things during that period.”

With 20 plus years in Oncology, Dr Shridhar mentions how he decided to come back to mainstream administration in 2002 and took up oncology, “The reason is, I was sure that oncology is one sector which is going to grow leaps and bounds in next 30 years. And also when one see any cancer patients, they come with a lot of trauma both mentally and physically so apart from making a good career, I also could get a platform to help people and therefore I took the decision of entering into oncology as an administrator.”

Sharing his overall mantra as an expert in setting up new companies and taking them to new heights, Dr Sridhar says, “ It’s not a mantra but there is a particular bug in my mind where I can’t keep myself free, I need to have hands-on work on a regular basis, but what happens is when starting a new brand there is a lot of work in the first three or four years in terms of  establishing service in place and financial issues are too up there so you’re owning a lot of risks.”

“Now I am associated with three major brands, Omega hospitals, Renova Hospital and Ziva IVF. Omega hospitals are like my mother organisation. I have been here for the last 10 years though the team has been working together for the last 16 years. After five to six years of starting Omega, I felt I’m getting a little free. Then I got this idea of Midland Multispeciality brand.”

Public Healthcare in India especially in tier 2 and smaller cities made him realise the importance of multi specialities and that idea motivated him to set up small Midland Hospitals on the periphery of Hyderabad. “Most of the major healthcare providers are located in major metros or cities, for example in Hyderabad where I come from, most of the major corporate hospitals are located in two major locations. If a patient comes from the periphery of the city to a big corporate hospital it will be taking more than two hours. In case of emergency, the treatment outcome changes because one is losing the golden time so that is when I thought I should start a model where I put small hospitals and multi-speciality hospitals and on the periphery of a big city. In just one year, I have already started four hospitals and I’m in the process of setting up another  three hospitals.”

The doctor believes that health care should be available within five to 10 kilometres. The general public should not be forced to travel so much. “I started this model for the public and  probably by adding another three to four hospitals I will try to cover the entire peripheries of Hyderabad and following which will try to reach out to another tier 2-3 cities and If I can succeed, then I will take this model to different cities of India.”

Touching on the importance of corporate social responsibility, Dr Sridhar in a very inspiring way says, “It should come from your heart and not be forced by the government in terms of policies.” On an ending note, the doctor says CSR is extremely crucial and when one is settled at a particular level in life they should look back and give back to the society. “As a part of that, I’ve started my own foundation one year back through which we’re trying to help underprivileged people in areas of health, education and sports.”

Continue Reading

News Plus

SANAV, 8-YEAR-OLD INDIAN CREATES WORLD RECORD

Published

on

Sanav Ramsankar, an 8-year-old, from Tamil Nadu, India and a resident of Dubai, United Arab Emirates, created a World Record on 23rd November 2021 by reciting salient details of 186 Rivers from around the world covering the continents, length in kilometres, outflow/destination and countries each river flows through.

This record was administered through a virtual live event on 23rd November 2021 at 4:30 pm GST (6:00 pm IST) and was streamed live on Facebook and YouTube. During the event, Sanav recited the details of all the 186 world rivers in 15 mins 53 seconds and became the first in the world to create the “World Record” in this newly created category. Sanav is deeply interested in learning about geography and general landmarks in particular. To expand his knowledge, he has been avidly collecting and learning information through various sources from the Internet. Sanav also can recount the capitals and currencies of 196 countries. Noticing his talent and capabilities, his parents engaged Mr. Sushant Mysorekar (Founder of Brain Rhyme Pvt. Ltd., Singapore and an Internationally certified Intelligence Coach) to coach Sanav, and thus the journey towards this world record started.

It started about two months back under the mentorship of Mr. Sushant Mysorekar. Since then, Sanav has been training in memorizing the details through a combination of cognitive mindset and several creative learning and memory tools and techniques. A Grade Three student from GEMS The Millennium School (Indian CBSE Curriculum), Dubai, Sanav has put in around 60 hours of work to memorize the world river systems and its details.

Sanav shares the credit of his maiden world record achievement with his mentor and his parents. He says, ‘They have encouraged and worked hard to balance my day-to-day activities and priorities! They helped me practice effectively over the entire period.’ Sanav believes in “Work hard; have fun; learn from mistakes; make history!” and during the event, he conveyed a wonderful message – “Hard work never fails.”

Sanav loves his family comprising of his father, Ramsankar Rajendra Raja, from Tamil Nadu, India, a banking technology professional; his mother Aswini, a homemaker and his ever-playful younger brother, 3-year-old Sajiv.

Interestingly, Sanav also loves to play chess and soccer. He has earned medals and certifications from various internal tournaments in Dubai. His aim is to achieve international norms in chess. In addition, Sanav is a Brown Belt holder in Karate and is working towards receiving Black Belt at the earliest. He has also recently opened his own YouTube channel.

Continue Reading

News Plus

NISSAN WANTS EV TO ACCOUNT FOR 50% OF GLOBAL MODEL RANGE BY 2030

Published

on

Japanese car manufacturer Nissan unveiled its Ambition 2030 plan on Monday with which it intends to invest heavily in making electric and hybrid vehicles half of its global variety by introducing 23 new car models.

“Based on customer demands for a diverse range of exciting vehicles, Nissan will introduce 23 new electrified models [EV], including 15 new EVs by fiscal year 2030, aiming for an electrification mix of more than 50 percent globally across the Nissan and INFINITI brands,” Nissan said in a statement. The company is planning to build its long-term strategy, Ambition 2030, around the concept of electrification, with the intention of investing 2 trillion yen ($17.6 billion) within five years to accelerate electrification of its line-up as well as level of technology innovation.

Continue Reading

News Plus

COUNTERFEIT RUPEE MADE IN PAKISTAN GOES FROM BANGLADESH TO INDIA

Published

on

The counterfeit rupee is made in Pakistan—goes to India. The route of smuggling these counterfeit notes is Sri Lanka via Bangladesh, then India. This counterfeit rupee smuggling has been going on for a long time. Counterfeit rupee first arrives in Chittagong in a marble container from Pakistan. Then it was brought to Dhaka and stored. They are then smuggled across the border into India at convenient times. The police came to know about this after arresting two members of a fraud ring with a counterfeit currency of Rs 7.5 crore in a special operation in the capital. They were arrested by Gulshan police.

The arrested are Fatema Akhter Opi and Sheikh Mohammad. Abu Taleb. A case has been registered against the arrested at Khilkhet police station. The accused in the case have been sent to court for remand.

Dhaka Metropolitan Police (DMP) Gulshan Division Deputy Commissioner (DC) Assaduzzaman said this at a press conference held at the DMP Media Center on Saturday afternoon. He said two persons were arrested from Khilkhet and Demra areas of the capital on Friday night. DC Asaduzzaman said that Fatema Akhter Opi was arrested on the basis of information that a woman was standing in front of the gate of Banarupa residential area of Khilkhet with fake Indian rupees. Then 50,000 fake Indian rupees were recovered from him. On the basis of the information provided by her, another 7 crores 34 lakh 50 thousand counterfeit Indian rupees were recovered from his own house in Panditpara area of Dakshin Khan police station. Later, another member of the forgery ring Sheikh Mohammad from Demru’s Sarulia area.

DC Asaduzzaman said the arrested Fatema Akter was an active member of the International counterfeit Indian money-laundering ring. For a long time, he used to collect Indian counterfeit currency from Pakistan through international channels and smuggle it to India through marketing through domestic channels. Abu Taleb, who was arrested on November 23, handed over the recovered Indian counterfeit to Fatema Akhter Opi. Taleb, through Pakistani nationals Sultan and Shafi, skillfully smuggled out of 500 sacks of marble stones imported from Pakistan, 95 sacks marked with pink thread, to Bangladesh via Sri Lanka. Describing the ring as involved in the scam for nearly 10 years, DC Asaduzzaman said, “Fatima used to collect these counterfeit coins from Pakistani nationals Sultan and Shafi.

Fatema and Taleb used to hide these counterfeit rupees under the water tank of their house in Dhaka. Later, he used to smuggle it to India through various borders of the country. ‘ The police official further said that Danesh, the husband of Fatema Akter Opi, is a Pakistani citizen. He is ill and now lives at home. He was arrested by DB Motijheel Division a few years ago. There are two cases in his name. In addition, Abu Taleb was traveling to Pakistan. Since her husband is Pakistani, Fatima has also visited Pakistan many times. This is the source of their acquaintance with Sultan and Shafi, the leaders of the fake rupee cycle, and later they too became involved in this cycle.

Continue Reading

Trending