Mozilla Reviews Security of Video Calling Apps

By Ava McKinneyOnline Safety

Mozilla Reviews Security of Video Calling Apps

This week, as part of the Privacy Not Included project, Mozilla engineers examined 15 platforms and apps used for video conferencing and video calls. With the ongoing COVID-19 pandemic forcing many people to work from home, video conferencing has become a crucial tool for staying connected, collaborating, and increasing productivity. As a result, interest in video communication platforms has surged, prompting Mozilla experts to create a guide to help users understand which products are the most reliable and secure.

Key Findings from Mozilla’s Research

The analysts reviewed 15 popular video communication solutions and found that 12 out of 15 products met the organization’s minimum security standards. These include Zoom, Google Hangouts, Apple FaceTime, Skype, Facebook Messenger, WhatsApp, Jitsi Meet, Signal, Microsoft Teams, BlueJeans, GoTo Meeting, and Cisco WebEx. However, Mozilla engineers note that meeting minimum security standards does not mean these solutions are completely safe or risk-free.

Meeting the minimum security standards means that the apps use encryption, have automatic update systems, require strong passwords, run their own bug bounty programs, allow users to easily contact developers to report issues, and have clear privacy policies.

Apps That Did Not Meet Mozilla’s Standards

Only three of the reviewed apps failed to meet Mozilla’s standards: Houseparty, Discord, and Doxy.me. The issue with Houseparty and Discord was that they allowed users to set very weak passwords, such as “12345” or “111111,” putting accounts at risk. After the report was published, Discord’s developers quickly fixed this issue, and the app now meets all requirements.

The telemedicine app Doxy.me, however, has more significant problems. It also does not require strong passwords when setting up an account and does not support two-factor authentication. Worse, patients essentially do not need to prove their identity at all.

Additional Insights and Privacy Concerns

There is some good news: all the apps reviewed notify users if a call is being recorded, and most allow hosts to set rules for meetings. Every app uses some form of encryption, though not all offer end-to-end encryption.

The report’s authors also highlight privacy concerns:

  • It’s unclear whether Facebook Messenger uses metadata (such as information about who you communicate with) for targeted advertising.
  • Houseparty appears to collect a lot of personal data (though their privacy policy clearly informs users about this).
  • Discord collects information about your contacts if you link your social media accounts.

Conclusion

There is no such thing as perfect software, but Mozilla’s research can help users and organizations make informed choices. For some, security and privacy are top priorities, while others may value a broader range of features.

Leave a Reply