<!--#include virtual="/server/header.html" -->
<!-- Parent-Version: 1.96 -->
<!-- This page is derived from /server/standards/boilerplate.html -->
<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
<!--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-
Please do not edit <ul class="blurbs">!
Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
See explanations in /proprietary/workshop/README.md.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-
-->
<title>Malware in Online Conferencing
- GNU Project - Free Software Foundation</title>
<link rel="stylesheet" type="text/css" href="/side-menu.css" media="screen,print" />
<!--#include virtual="/proprietary/po/malware-in-online-conferencing.translist" -->
<!--#include virtual="/server/banner.html" -->
<div class="nav">
<a id="side-menu-button" class="switch" href="#navlinks">
<img id="side-menu-icon" height="32"
src="/graphics/icons/side-menu.png"
title="Section contents"
alt=" [Section contents] " />
</a>
<p class="breadcrumb">
<a href="/"><img src="/graphics/icons/home.png" height="24"
alt="GNU Home" title="GNU Home" /></a> /
<a href="/proprietary/proprietary.html">Malware</a> /
By product /
</p>
</div>
<!--GNUN: OUT-OF-DATE NOTICE-->
<!--#include virtual="/server/top-addendum.html" -->
<div style="clear: both"></div>
<div id="last-div" class="reduced-width">
<h2>Malware in Online Conferencing</h2>
<div class="infobox">
<hr class="full-width" />
<p>Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its developers,
which puts them in a position of power over the users; <a
href="/philosophy/free-software-even-more-important.html">that is the
basic injustice</a>. The developers and manufacturers often exercise
that power to the detriment of the users they ought to serve.</p>
<p>This typically takes the form of malicious functionalities.</p>
<hr class="full-width" />
</div>
<div class="article">
<div class="important">
<p>If you know of an example that ought to be in this page but isn't
here, please write
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>
to inform us. Please include the URL of a trustworthy reference or two
to serve as specific substantiation.</p>
</div>
<div class="column-limit" id="malware-in-online-conferencing"></div>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202502280">
<!--#set var="DATE" value='<small class="date-tag">2025-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="https://arstechnica.com/gadgets/2025/02/on-may-5-microsofts-skype-will-shut-down-for-good/">
Microsoft is shutting down Skype</a> on May 5th, 2025. As with other
tethered proprietary programs, users have to rely on servers that are
controlled by the developer. When these servers shut down, the service
disappears. Instead of migrating to the service that Microsoft suggests
as a replacement, Skype users should regain control of their
communications by switching to one that is based on free software.
<a href="https://jitsi.org/jitsi-meet/">Jitsi Meet</a>, for example, is
appropriate for small video meetings. Anyone can set up a Jitsi server
and let other people use it, and indeed many of these are available
around the world.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202104090">
<!--#set var="DATE" value='<small class="date-tag">2021-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A zero-day vulnerability in Zoom which <a
href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/">can
be used to launch remote code execution (RCE) attacks</a> has been
disclosed by researchers. The researchers demonstrated a three-bug
attack chain that caused an RCE on a target machine, all this without
any form of user interaction.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202012190">
<!--#set var="DATE" value='<small class="date-tag">2020-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="https://www.washingtonpost.com/technology/2020/12/18/zoom-helped-china-surveillance/">
A Zoom executive carried out snooping and censorship for
China</a>.</p> the Chinese
government</a>.</p>
<p>This abuse of Zoom's power shows how dangerous that power is. The
root problem is not the surveillance and censorship, but rather the
power that Zoom has. It gets that power partly from the use of its
server, but also partly from the nonfree client program.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202011090">
<!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>According to FTC, the
company behind the Zoom conferencing software <a
href="https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/">has
lied to users about its end-to-end encryption</a> for years, at least
since 2016.</p>
<p>People can use free (as in freedom) programs such as <a
href="https://directory.fsf.org/wiki/Jitsi">Jitsi</a> or <a
href="https://directory.fsf.org/wiki/BigBlueButton">BigBlueButton</a>,
better still if installed in a server controlled by the users.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202009270">
<!--#set var="DATE" value='<small class="date-tag">2020-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many employers are using nonfree
software, including videoconference software, to <a
href="https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance">
surveil and monitor staff working at home</a>. If the program reports
whether you are “active,” that is in effect a malicious
surveillance feature.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202006120">
<!--#set var="DATE" value='<small class="date-tag">2020-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The company behind Zoom does not only deny
users' computer freedom by developing this piece
of nonfree software, it also violates users' civil rights by <a
href="https://www.theverge.com/2020/6/12/21288995/zoom-blocking-feature-chinese-government-censorship">banning
events and censoring users</a> to serve the agenda of governments.</p>
<p>Freedom respecting programs such as <a
href="https://directory.fsf.org/wiki/Jitsi">Jitsi</a> or <a
href="https://directory.fsf.org/wiki/BigBlueButton">BigBlueButton</a>
can be used instead, better still if installed in a server controlled
by its users.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202004301">
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
physically if those companies hand over data to governments.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-in-online-conferencing.html. -->
<li id="M202003260">
<!--#set var="DATE" value='<small class="date-tag">2020-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Apple iOS version of Zoom <a
href="https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account">is
sending users' data to Facebook</a> even if the user doesn't have
a Facebook account. According to the article, Zoom and Facebook
don't even mention this surveillance on their privacy policy page,
making this an obvious violation of people's privacy even in their
own terms.</p>
</li>
</ul>
</div>
</div>
<!--#include virtual="/proprietary/proprietary-menu.html" -->
<!--#include virtual="/server/footer.html" -->
<div id="footer" role="contentinfo">
<div class="unprintable">
<p>Please send general FSF & GNU inquiries to
<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
There are also <a href="/contact/">other ways to contact</a>
the FSF. Broken links and other corrections or suggestions can be sent
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>
<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
replace it with the translation of these two:
We work hard and do our best to provide accurate, good quality
translations. However, we are not exempt from imperfection.
Please send your comments and general suggestions in this regard
to <a href="mailto:web-translators@gnu.org">
<web-translators@gnu.org></a>.</p>
<p>For information on coordinating and contributing translations of
our web pages, see <a
href="/server/standards/README.translations.html">Translations
README</a>. -->
Please see the <a
href="/server/standards/README.translations.html">Translations
README</a> for information on coordinating and contributing translations
of this article.</p>
</div>
<!-- Regarding copyright, in general, standalone pages (as opposed to
files generated as part of manuals) on the GNU web server should
be under CC BY-ND 4.0. Please do NOT change or remove this
without talking with the webmasters or licensing team first.
Please make sure the copyright date is consistent with the
document. For web pages, it is ok to list just the latest year the
document was modified, or published.
If you wish to list earlier years, that is ok too.
Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
years, as long as each year in the range is in fact a copyrightable
year, i.e., a year in which the document was published (including
being publicly visible on the web or in a revision control system).
There is more detail about copyright years in the GNU Maintainers
Information document, www.gnu.org/prep/maintain. -->
<p>Copyright © 2020, 2021 2021, 2022, 2023, 2024, 2025 Free Software Foundation, Inc.</p>
<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by/4.0/">Creative
Commons Attribution 4.0 International License</a>.</p>
<!--#include virtual="/server/bottom-notes.html" -->
<p class="unprintable">Updated:
<!-- timestamp start -->
$Date: 2025/03/09 14:31:52 $
<!-- timestamp end -->
</p>
</div>
</div><!-- for class="inner", starts in the banner include -->
</body>
</html>