- Alex Stamos told CNBC on Friday that Zoom has had to rethink its product "from the ground up," now that consumers and enterprises alike are using the service.
- With tens of millions of people on coronavirus lockdown using Zoom, concerns arose about “zoombombing” and other intrusions.
- "There's been discussion about Zoom's encryption not being end-to-end, and that's true. We're working on some options in that area," said Stamos.
With tens of millions of people on coronavirus lockdown using Zoom, concerns arose about “zoombombing” and other intrusions.
"All of the video products have security issues. They're actually quite complicated products to build securely," Stamos said on "Squawk Box."
"All the competing products have had big lists of bugs over the last couple years," he added. "The key thing is just to be really careful in your setups."
Stamos said he uses Zoom to conduct his work at Stanford University, where he is the director of the Stanford Internet Observatory, a research program that studies the abuse of information technologies. He said his three children use it for school.
Stamos, who left Facebook in 2018, announced last week he had begun consulting for Zoom as the company seeks to address a wave of privacy concerns that were revealed when tons of people started to use the service during coronavirus-related work-from-home and stay-at-home orders.
"I got the job tweeting of all things," said Stamos, recalling how Zoom CEO Eric Yuan contacted him about the role after he posted a series of tweets in late March about the company's security challenges.
Zoom's usage spike — from about 10 million daily users in December to around 200 million in March — is "pretty much unprecedented in the internet industry," Stamos told CNBC.
Stamos, one of the first people at Facebook to detect Russia's attempts to interfere in the 2016 presidential election, said Zoom is serious about security, rethinking its product "from the ground up," now that consumers and enterprises alike are using the service. Before the spiking demand from consumers during the pandemic, Zoom was primarily used by businesses whose employees signed in via more secure protocols.
"There's been discussion about Zoom's encryption not being end-to-end, and that's true. We're working on some options in that area," said Stamos, an NBC News contributor.
However, Stamos argued that the lack of end-to-end encryption isn't a feature specific to only Zoom. "Neither is Google Hangouts, neither is Microsoft Teams, neither is [Cisco's] Webex. None of those products provide that level of security." He said, "They all decrypt the communication on the network and then they have security controls in place to protect it."
Google did not respond to a request for comment and Cisco did not immediately have a response.
A Microsoft spokesperson said in an email that "protecting our customer's data is Microsoft's highest priority."
"Information shared within Teams is encrypted in transit and at rest in our data centers," the spokesperson added. "Teams also offers video meeting and channel policies to ensure that internal employees and external partners and collaborators have a secure experience. "
While acknowledging reports that some businesses and organizations were telling people to avoid using Zoom for company-related work, Stamos said there have also been governments who explored competing video services and "decided to come back" to Zoom.
"I think you'll just see this settle out over the next 30 days or so as companies try to figure out how do we work in this crazy environment," he said.