Malware in Online Conferencing


Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; that is the basic injustice. The developers and manufacturers often exercise that power to the detriment of the users they ought to serve.

This typically takes the form of malicious functionalities.


If you know of an example that ought to be in this page but isn't here, please write to <webmasters@gnu.org> to inform us. Please include the URL of a trustworthy reference or two to serve as specific substantiation.

  • 2021-04

    A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. The researchers demonstrated a three-bug attack chain that caused an RCE on a target machine, and all without any form of user interaction.

  • 2020-12

    A Zoom executive carried out snooping and censorship for China.

    This abuse of Zoom's power shows how dangerous that power is. The root problem is not the surveillance and censorship, but rather the power that Zoom has. It gets that power partly from the use of its server, but also partly from the nonfree client program.

  • 2020-11

    According to FTC, the company behind the Zoom conferencing software has lied to users about its end-to-end encryption for years, at least since 2016.

    People can use free (as in freedom) programs such as Jitsi or BigBlueButton, better still if installed in a server controlled by the users.

  • 2020-09

    Many employers are using nonfree software, including videoconference software, to surveil and monitor staff working at home. If the program reports whether you are “active,” that is in effect a malicious surveillance feature.

  • 2020-06

    The company behind Zoom does not only deny users' computer freedom by developing this piece of nonfree software, it also violates users' civil rights by banning events and censoring users to serve the agenda of governments.

    Freedom respecting programs such as Jitsi or BigBlueButton can be used instead, better still if installed in a server controlled by its users.

  • 2020-04

    Proprietary programs Google Meet, Microsoft Teams, and WebEx are collecting user's personal and identifiable data including how long a call lasts, who's participating in the call, and the IP addresses of everyone taking part. From experience, this can even harm users physically if those companies hand over data to governments.

  • 2020-03

    The Apple iOS version of Zoom is sending users' data to Facebook even if the user doesn't have a Facebook account. According to the article, Zoom and Facebook don't even mention this surveillance on their privacy policy page, making this an obvious violation of people's privacy even in their own terms.