UK government defends PM's use of Zoom

The UK government has defended using Zoom to hold cabinet video conferences.

Questions had been raised about potential security risks after the prime minister tweeted a picture in which a meeting ID was visible.

"In the current unprecedented circumstances, the need for effective channels of communication is vital," a government spokeswoman told BBC News

A source added the app was quick to set up between the varying systems used by different government departments.

Over time, a more coherent system was expected to be introduced, the person said.

Self-isolating ministers
Zoom has become widely used by individuals, companies and schools.

But questions have been raised about its use by governments, amid fears others could spy on conversations.

"Covid-19 has created - and continues to create - awe-inspiring intelligence-collection opportunities," says Thomas Rid, at Johns Hopkins University.

"Zoom would be a big part of that intelligence bonanza."

The UK government does have highly secure video teleconferencing at key sites, including the intelligence agencies.

This can be used for "top secret" conversations.

It has also been rolling out a system called Rosa for secret-level working more broadly across government.

But a number of members of the Cabinet have been self-isolating at their houses, which are not equipped with these systems.

These ministers have needed to communicate with their staff and attend cabinet meetings.

And that has left little option but to use commercial systems, of which Zoom has become the most popular.

"NCSC [National Cyber Security Centre] guidance shows there is no security reason for Zoom not to be used for meetings of this kind," the government spokeswoman said.

'Dismal security'
Security researchers have been examining Zoom for flaws.

Among their discoveries are:

earlier versions of the app used to send analytics data to Facebook without making this clear to users
the product does not use end-to-end encryption, as had been claimed, which would have made it impossible for the developer to listen in to chats
the software sometimes exposes people's email addresses and photos to strangers
On Tuesday, details of a issue that could expose Windows passwords was reported.

And this Wednesday, a former US government hacker published details of two newly disclosed vulnerabilities that he said could be exploited on Mac computers.

"Though Zoom is incredibly popular, it has a rather dismal security and privacy track record," blogged former US National Security Agency employee Patrick Wardle.

In response, Zoom told BBC News it "takes its users' privacy, security, and trust extremely seriously".