It's time for Zoom to look at the bigger picture
(Source: Pixabay)
Zoom正迅速成為視訊會議的代名詞-所以它需要好好發展並認真對待數據安全性。
Zoom is rapidly becoming a synonym for video conferencing – so it needs to grow up and take data security seriously.
如果一週對政治來說是很漫長的一段時間,那對於流行病來說就是一場永恆。一個月前,沒有人聽說過視訊會議系統Zoom,除了可能分佈在全球各地的公司員工外。
If a week is a long time in politics, then it’s an eternity in a pandemic. A month ago nobody – save perhaps employees of globally dispersed corporations – had heard of Zoom, the video-conferencing system.
現在,由於許多人口試圖在家中工作,它顯然已成為我們國家基礎設施的重要組成部分。 Zoom是目前全球最受歡迎的Apple系統下載程式和第二大最受歡迎的Android系統下載程式。正如“用Google查詢”已成為“網上查詢”的同義詞一樣,現在“Zoom”已變成動詞。
Now it has apparently become a critical part of our national infrastructure as many in the population try to work from home. Zoom is currently the most popular Apple download and the second most popular Android download in the world. Just as “to Google” has become a synonym for “search online”, now “Zoom” has become a verb.
當然,這對Zoom Video Communications Inc.來說非常好。在大多數股票暴跌的同一周內,其股價已上漲了一倍以上。但是,成為網路市場中的佼佼者有其不利之處。其中之一是,記者開始挖掘您的過去。另一個是您要承擔新的責任。
This is, of course, great for Zoom Video Communications Inc. Its share price has more than doubled in the same few weeks that most stocks have plummeted. However, becoming the top dog in a networked marketplace has its downsides. One of them is that journalists start digging into your past. Another is that you acquire new responsibilities.
歷史第一。 Zoom遵循網路公司劇本中的第一條規則:快速壯大。這樣做的方法是免費提供服務-可以選擇收取優質服務的費用。目前,Zoom為多達100位參與者提供了免費的視訊會議,時間限制為40分鐘。如果您需要更長的會議時間,則必須付費。
History first. Zoom followed rule No 1 in the playbook for internet companies: get big fast. The way to do that is to offer your service free – with the option of charging for superior services. At the moment Zoom offers free video conferencing for up to 100 participants, with a 40-minute time limit. If you want longer meetings, you have to pay for it.
與所有此類“免費”網路服務一樣,Zoom也有其反社會用途,例如虐待兒童,色情和侵犯隱私權。現在,這些問題中又增加了一個新問題“ Zoombombing”,在該問題中,家庭和團體之間的談話偶爾會被色情片,納粹宣傳和其他廢話打斷。
As with all such ‘free’ internet services, Zoom has had its share of anti-social uses – child abuse, porn, and privacy violations, for example. To these has now been added a new problem of ‘Zoombombing’, where occasionally families and groups have had their discussions interrupted by trolls broadcasting pornography, Nazi propaganda and other crap.
我是為滿意的Zoom用戶-更正:客戶,因為我為此服務而付費。我更喜歡使用Skype,FaceTime和Microsoft Teams之類的替代工具來進行大型會議,部分原因是它可以使隨時在講話的人”突出“。而且很明顯,該服務目前對大多數國家的偏遠地區的人們來說是福音,因此它為我們的生活增加了實際的社會價值。
I write as a satisfied Zoom user – correction: customer because I pay for the service. I prefer it to alternatives such as Skype, FaceTime and Microsoft Teams for larger conferences, partly because of the way it “foregrounds” the person who happens to be speaking at any moment. And it’s clear that the service is a boon for people in the isolation zones of most countries at the moment, so it’s adding tangible social value to our lives.
但是,關於它的某些事情還需要修復或至少要弄清楚。首先涉及Zoom與Facebook的關係。 Motherboard進行的一項調查顯示,即使用戶沒有Facebook帳戶,Zoom iOS應用程式也正在向Facebook傳送數據。
But some things about it need to be fixed or at least clarified. The first of these involves Zoom’s relationship with Facebook. An investigation by Motherboard revealed that the Zoom iOS app was sending data to Facebook even if the user didn’t have a Facebook account.
這是因為Zoom決定使用Facebook的軟件開發工具包(SDK)提供“使用Facebook登錄”功能的目的-顯然是為了使新用戶更容易註冊。
This stemmed from a decision by Zoom to use Facebook’s Software Development Kit (SDK) to provide a “Login with Facebook” facility – ostensibly to make it easier for new users to sign up.
毫無疑問,這都是快速獲得成功的規則的一部分,但是Zoom處理披露的方式並不完全令人放心。它確實快速更新了應用程序並停止了數據傳輸。但隨後,它在其公司的部落格上吹牛了。
This was all part of the Get Big Fast rule, no doubt, but the way Zoom handled the disclosure was not exactly reassuring. It did quickly update the app and stopped the data transfer. But then it blew the gaff on its corporate blog.
它寫道:“我們在2020年3月25日(星期三)獲悉,Facebook SDK正在收集對於我們提供服務而言不必要的設備信息。” 思考一下。
“We were made aware on Wednesday, March 25, 2020,” it wrote, “that the Facebook SDK was collecting device information unnecessary for us to provide our services.” Ponder that for a moment.
“我們注意到了”這句話所隱含的粗心程度是驚人的。正如資深分析師Ben Thompson在時事傳報中所觀察到的那樣,Zoom顯然不知道Facebook正在收集什麼數據。
The level of carelessness implied by “we were made aware” is staggering. As the veteran analyst Ben Thompson observed in his newsletter, Zoom clearly had no idea what data Facebook was collecting.
唯一可以得出的推論是,公司中沒有人真正閱讀過Facebook的SDK條款和條件-意思是:“我們可以出於任何目的(包括商業目的)分析您的應用程式,網站,內容和數據。”
The only inference one can draw is that nobody in the company had actually read Facebook’s terms and conditions for the SDK – which say: “We can analyze your app, website, content, and data for any purpose, including commercial.”
然後是安全性問題,尤其是加密問題。
Then there’s the issue of security, and of encryption in particular.
Zoom網站說:“我們非常重視安全性,我們為超越貴組織的通信標準而感到自豪。”會議的任何主持人都可以“使用端到端加密保護會議”。嗯,這不太正確,至少在“點到點”的意思是,在加密的情況下,服務提供商無法解密內容(例如,使用WhatsApp或Signal)。
“We take security seriously and we are proud to exceed industry standards when it comes to your organization’s communications,” says the Zoom website. Any host of a meeting can “secure a meeting with end-to-end encryption”. Well, that’s not quite right, at least if by “end to end” you mean encryption where the service provider has no way of decrypting the content (as, say, with WhatsApp or Signal).
目前,Zoom通訊中的加密可以保護您與任何網址中帶有“ https”的網站之間的通訊。但是,當內容通過Zoom的雲服務器時,內容未加密。
The encryption on Zoom communications at the moment is the kind that protects your communications with any website with ‘https’ in its URL. But the content is unencrypted while it is passing through Zoom’s cloud servers.
這樣做可能有充分的理由,但至少該公司的網站不應誇大其詞。它應該優先考慮事實而不是行銷手段。
There may be good reasons for this, but at the very least the company’s website shouldn’t be making exaggerated claims about encryption. It should privilege facts over marketing puffery.
這一切的道德是?在這些絕望的時代,Zoom提供了真正的價值服務,但是它需要成長,畢竟它目前是身為該領域中的主角。
And the moral of all this? Zoom is providing a service of real value in these desperate times, but it needs to grow up. It’s playing in the big league now.
Source: The Guardian(英國衛報)