Is Your Video Chat App Secure?
I confess I was so tired of quarantine that I let my guard down. I’ve found that I don’t really care about the services I use to stay in touch with my friends – and that’s not ideal, because some video chat apps take security and privacy more seriously than others.
You’re probably guessing this will be another Zoom article. While it is true that the company has suffered from one security breach since the pandemic made it a household name, you may also be surprised to find that it is one of the most popular security video chat apps in the latest Mozilla analysis .
Does this mean that he is perfect? No, but Zoom – and a number of other video applications – at least meet some of the basic security and privacy criteria that Mozilla believes any decent application should have. Consider removing any unnecessary items from your phone, tablet, or computer in favor of better options, if possible. Otherwise, use Mozilla’s guides to help you identify weaknesses in your service of choice / necessity.
Of the 15 applications Mozilla polled, 12 met the minimum security standards in five separate categories, receiving some sort of participation award. (You should, of course, expect more than the minimum from your applications.)
- Encryption: is it in the app / service?
- Security Updates: How regularly is the app / service updated?
- Strong passwords: how strong are the password rules in the app?
- Manages vulnerabilities: Is there a way to report bugs and other security issues in the application?
- Privacy policy: does it exist?
Again, I wouldn’t use an app just because it deserves Mozilla approval to clear that low bar, but I would definitely question any app that doesn’t. The three not rated by Mozilla are:
- Houseparty : The minimum password must be five characters and allow weak passwords (eg “12345”).
- Discord : Minimum password requirement of six characters and allows for weak passwords (eg “123456”).
- Doxy.me : to allow incredibly weak passwords (eg “123”) and to seemingly not be able to report bugs or other vulnerabilities.
While this hardly sounds like a judgmental characteristic – since you have to be smart and create strong unique passwords for everything – there is no reason why these services cannot include the simple practice of asking for complex passwords. It’s like a few lines of code; hardly even a day of work for an engineer on any of them.
To add a little gasoline to the flames, each of Mozilla’s reports explain what could go wrong if an attacker took advantage of a security issue in a service to break into your account. Or, for that matter, if you don’t go into the service’s settings to keep your chats private. For example, here’s Mozilla’s warning about Houseparty:
What to do with a Mozilla video chat dossier? I wouldn’t compare them all to find the best video chat service in terms of privacy and security. Rather, if there is one that you use – or are thinking about using it in the future – take a quick look at the service description and its features. Pay attention to any features that might affect your security, and be sure to check everything you can do to increase the privacy of your video chats.
This includes scanning some of the related security and privacy articles that Mozilla has, from the links at the bottom of each service’s profile. If the Mozilla manual doesn’t give you all the details you need to know to stay safe with whatever video chat service you prefer, chances are you’ll find the answers among these many guides.
And if the app you plan to use doesn’t appear on Mozilla’s list (coughs, Google Meet coughs) , use one of its guides as your own guide to assessing whether the service is safe and private. Ask yourself the same questions that Mozilla uses to evaluate other services, and write down anything you might need to do — for example, create a stronger password or tinker with advanced settings — to make it work better for you.