Ces comptes sont tous disponibles à la vente pour une bouchée de pain sur le dark web, avec à la clé un accès facile à toutes les conversations des utilisateurs.
Pourtant, Zoom s’était enfin décidé à sécuriser vos appels. Mais visiblement ce n’est pas encore tout à fait le cas. D’après la société spécialisée en sécurité informatique Cyble, plus de 500 000 comptes Zoom ont été piratés et vendus sur le dark web contre une bouchée de pain, voire cédés gratuitement dans certains cas.
Problème, ces données contiennent ni plus ni moins que les adresses mails, les mots et identifiants ainsi que les URL des conférences privées des utilisateurs Zoom. Les pirates ont pu également se procurer les mots de passe qui régissent l’accès à ces conversations personnels. De fait, ces centaines de milliers d’utilisateurs sont à la merci d’un « Zoom Bombing » à répétition.
Dans quelles mesures l’application StopCovid pourrait-elle être privacy by design ?
Écartée par le gouvernement dans les premiers jours de la pandémie de coronavirus, la possibilité d’une application de backtracking conçue pour identifier les chaînes de transmission du Covid-19 est finalement au coeur des débats.
By Norimitsu Onishi and Constant Méheut 16-20 minutes
The French are cautiously considering digital tracking, which has proved effective in Asia. But can a country that so prizes personal freedom and privacy ever accept it?
Police officers in Paris checking for certificates that people are required to produce when they are outside.Credit…Dmitry Kostyukov for The New York Times
PARIS — As France sought clues last month on how to tame the coronavirus, experts looked at one tool that has been central to the strategy of some Asian nations: digital tracking. Citing threats to “individual liberties,” the powerful interior minister dismissed it as alien to “French culture.”
But three weeks — and a tenfold spike in deaths — later, French culture could be changing, along with those of other Western democracies as they struggle to adjust the balance between personal privacy and the public good while attempting to reopen their societies and economies without setting off another wave of coronavirus infections.
In Italy, politicians have proposed blood tests to detect antibodies to the virus before licensing people to leave their lockdowns. President Trump may push for hiring hundreds of people to perform contact tracing as part of his effort to allow Americans to go back to work and school.
And in France, as President Emmanuel Macron extended a nationwide lockdown by at least another month this week, he said his government was considering using a smartphone tracking app that would inform people if they have come in contact with an infected person.
Such steps are particularly fraught in Europe, the continent with the world’s toughest online privacy rules.
The fight against fascism and communism in the 20th century left societies wary of the intrusions of authoritarian power. That is true from Eastern Europe, through Germany and Italy. France, where the nation’s values sprang from revolution against monarchy, is particularly attached to notions of individual rights.
“It has to do with French history and a sensitivity to freedom that is inherent to French culture,” Cédric O, who is spearheading the development of the app as France’s junior minister in charge of digital affairs, said in an interview.
Even so, recent experience in Asia shows that comprehensive tracing of infection chains, along with aggressive testing, has proved critical to fighting the pandemic, which is calling into question a host of Western assumptions, whether the use of digital tracking or the wearing of face masks.
With nearly 18,000 official deaths, France’s toll is surpassed only by that of Italy and Spain, which have also prolonged restrictions on their populations, and the United States. But the authorities are cautiously optimistic that the worst is over.
As the country, like others, struggles to find a way out of a lockdown that is now entering its second month and has kept a population of 67 million confined to their homes and paralyzed its economy, options that once seemed unfathomable have steadily become more palatable.
“We gave up an absolutely fundamental freedom, that of movement, while most of the Asian countries chose instead to be much more coercive on the individuals,” said Gilles Babinet, vice president of the French Digital Council, a commission that advises the French government.
“You must have a device that is both coercive to those infected and as gentle as possible to the others,” Mr. Babinet said.
So far, many Asian governments have handled the crisis by limiting deaths to a fraction of those suffered in the West. In most cases, that was done not by resorting to debilitating nationwide lockdowns, but rather in part by employing digital tracking, a practice embraced even by strong democracies like South Korea and Taiwan.
In Europe, the possibility conjures up images of China’s authoritarian rulers. An app created by the semi-authoritarian government of Singapore, the longtime proponent of Asian values, is the inspiration for versions being developed by the French, Germans and other Europeans.
Those who argue in favor of allowing its intrusiveness say that it is fair to infringe on people who are infected rather than inhibit the freedom of society as a whole.
“We know the patient’s contacts, where the patient goes and stays, and so we don’t need to lock down everybody,” said Ki Mo-ran, an epidemiologist who is advising the South Korean government’s coronavirus response.
Sign up to receive an email when we publish a new story about the coronavirus outbreak.
Without digital tracking, governments cannot know precisely “which place is contaminated, which place is clean, so they need to lock down,” Ms. Ki said. “Everybody’s freedom is affected. We have to ask ourselves if one person’s privacy is more important than the lives of a family or other people.”
Thanks to multipronged digital tracking — of cellphones, credit card usage and security camera footage — the South Korean authorities are able to closely monitor the movements of infected people. Health officials can then carry out tests on people who are potentially infected. People ordered into self-quarantine are monitored through an app.
Faced with a major outbreak, South Korea, with 52 million people, has managed to limit its official deaths to 230.
The South Korean government can make use of such intrusive tracking — though only during epidemics — because lawmakers changed privacy laws after an outbreak of MERS killed nearly 40 people in 2015.
Back then, health officials practicing traditional contact-tracing found that infected people, including “super spreaders,” often failed to reveal all of the people with whom they had been in touch, or patients were too sick to be interviewed, Ms. Ki said.
Weakening privacy laws was a consequential step for South Korea, where people in their 50s and older remember snatching democracy from the country’s military rulers in 1987.
They included people like Ahn Byong-jin, a political scientist at Kyung Hee University in Seoul who was a student activist during the democratization era. He has come to regard Western liberal democracies, with their overriding emphasis on “personal liberty and privacy,” as being ill-equipped to respond to situations like terrorism or epidemics.
“In these kinds of emergency situations, we need to adapt,” Mr. Ahn said.
Early instances in which a large amount of personal information was released raised fears of a government overreach. But in what was regarded as a referendum on the handling of the crisis, voters handed South Korea’s governing party a landslide victory in parliamentary elections on Wednesday.
“If you look at Korea compared with Europe or the United States, the critical difference seems to be tracking and testing,” said Kim Seok-hyeon, a researcher at the Science and Technology Policy Institute in Seoul. “In the West, they will have to think more about those measures.”
But for some French, the idea of giving up personal liberties is a non-starter.
While tracking technology has been used by Asian democracies, they are “democracies where the rule of law is not as strong as it is here,” said Gaspard Koenig, a philosopher who has written about the relationship between technology and freedom, including in Asia.
When Mr. Macron said that France’s lockdown would be extended until May 11, he immediately framed the debate that lawmakers are expected to have on tracking technology.
“This epidemic cannot weaken our democracy, nor impinge on liberties,” he said.
Mr. O, the official leading the development of France’s technology, said that after studying the tracking technology used in Asia, France had settled on the least intrusive form — the Singaporean app, called “TraceTogether.”
But there are concerns that the app, relying mainly on a sense of civic duty, will be so watered down in France that it will prove ineffective.
The app — called “StopCovid” in France — would be installed voluntarily on people’s smartphones, would not track their locations or movements, and would use only Bluetooth technology to help trace a person’s recent contacts.
If users tested positive for the coronavirus and indicate their status on the app, their recent contacts would be automatically alerted, and it would be up to them to take the appropriate steps by getting tested, seeking treatment or self-quarantining.
The French version would be different from Singapore’s in at least one fundamental way, Mr. O said. In France, the list of recent contacts would never be made available to the government.
“To be honest, people are asking whether it’s enough and whether we need to take it up a notch,” Mr. Babinet said.
Mr. O acknowledged that one of his main worries was whether enough people in France would install the app on their smartphones to work as a broad contact-tracing tool. The French, he said, are “by nature cautious toward technology and even progress,” especially compared with Asians.
Even in Singapore, only about 20 percent of people have downloaded the app, and the authorities recently introduced stricter confinement measures to curb a jump in infections. Singapore — which has officially suffered only 10 deaths out of a population of 5.6 million — has said that three-quarters of the population needs to use the app in order for it to be effective.
Despite being a weakened version of the least intrusive tracking technology used in Asia, the app has already drawn fierce opposition from Mr. Macron’s party in Parliament, La République En Marche.
Sacha Houlié, a lawmaker, said that using the app would signify a “profound cultural shift” in France.
“We are France,” Mr. Houlié said. “In terms of civil liberties, being France means something. It means that, in a sense, the world is watching what we do.”
Updated April 11, 2020
When will this end? This is a difficult question, because a lot depends on how well the virus is contained. A better question might be: “How will we know when to reopen the country?” In an American Enterprise Institute report, Scott Gottlieb, Caitlin Rivers, Mark B. McClellan, Lauren Silvis and Crystal Watson staked out four goal posts for recovery: Hospitals in the state must be able to safely treat all patients requiring hospitalization, without resorting to crisis standards of care; the state needs to be able to at least test everyone who has symptoms; the state is able to conduct monitoring of confirmed cases and contacts; and there must be a sustained reduction in cases for at least 14 days.
How can I help? The Times Neediest Cases Fund has started a special campaign to help those who have been affected, which accepts donations here. Charity Navigator, which evaluates charities using a numbers-based system, has a running list of nonprofits working in communities affected by the outbreak. You can give blood through the American Red Cross, and World Central Kitchen has stepped in to distribute meals in major cities. More than 30,000 coronavirus-related GoFundMe fund-raisers have started in the past few weeks. (The sheer number of fund-raisers means more of them are likely to fail to meet their goal, though.)
What should I do if I feel sick?If you’ve been exposed to the coronavirus or think you have, and have a fever or symptoms like a cough or difficulty breathing, call a doctor. They should give you advice on whether you should be tested, how to get tested, and how to seek medical treatment without potentially infecting or exposing others.
Should I wear a mask? The C.D.C. has recommended that all Americans wear cloth masks if they go out in public. This is a shift in federal guidance reflecting new concerns that the coronavirus is being spread by infected people who have no symptoms. Until now, the C.D.C., like the W.H.O., has advised that ordinary people don’t need to wear masks unless they are sick and coughing. Part of the reason was to preserve medical-grade masks for health care workers who desperately need them at a time when they are in continuously short supply. Masks don’t replace hand washing and social distancing.
How does coronavirus spread? It seems to spread very easily from person to person, especially in homes, hospitals and other confined spaces. The pathogen can be carried on tiny respiratory droplets that fall as they are coughed or sneezed out. It may also be transmitted when we touch a contaminated surface and then touch our face.
Is there a vaccine yet? No. Clinical trials are underway in the United States, China and Europe. But American officials and pharmaceutical executives have said that a vaccine remains at least 12 to 18 months away.
What makes this outbreak so different? Unlike the flu, there is no known treatment or vaccine, and little is known about this particular virus so far. It seems to be more lethal than the flu, but the numbers are still uncertain. And it hits the elderly and those with underlying conditions — not just those with respiratory diseases — particularly hard.
What if somebody in my family gets sick? If the family member doesn’t need hospitalization and can be cared for at home, you should help him or her with basic needs and monitor the symptoms, while also keeping as much distance as possible, according to guidelines issued by the C.D.C. If there’s space, the sick family member should stay in a separate room and use a separate bathroom. If masks are available, both the sick person and the caregiver should wear them when the caregiver enters the room. Make sure not to share any dishes or other household items and to regularly clean surfaces like counters, doorknobs, toilets and tables. Don’t forget to wash your hands frequently.
Should I stock up on groceries? Plan two weeks of meals if possible. But people should not hoard food or supplies. Despite the empty shelves, the supply chain remains strong. And remember to wipe the handle of the grocery cart with a disinfecting wipe and wash your hands as soon as you get home.
Should I pull my money from the markets?That’s not a good idea. Even if you’re retired, having a balanced portfolio of stocks and bonds so that your money keeps up with inflation, or even grows, makes sense. But retirees may want to think about having enough cash set aside for a year’s worth of living expenses and big payments needed over the next five years.
What should I do with my 401(k)? Watching your balance go up and down can be scary. You may be wondering if you should decrease your contributions — don’t! If your employer matches any part of your contributions, make sure you’re at least saving as much as you can to get that “free money.”
Kiran Stacey in Washington DC and Hannah Murphy in San Francisco
15 hours ago
4-5 minutes
The US Senate has become the latest organisation to tell its members not to use Zoom because of concerns about data security on the video conferencing platform that has boomed in popularity during the coronavirus crisis. The Senate sergeant at arms has warned all senators against using the service, according to three people briefed on the advice. One person who had seen the Senate warning said it told each senator’s office to find an alternative platform to use for remote working while many parts of the US remain in lockdown. But the person added it had stopped short of officially banning the company’s products. Zoom is battling to stem a public and regulatory backlash over lax privacy practices and rising harassment on the platform that has sent its stock plummeting. The company’s shares have fallen more than 25 per cent from highs just two weeks ago, to trade at $118.91. Zoom was forced to apologise publicly last week for making misleading statements about the strength of its encryption technology, which is intended to stop outside parties from seeing users’ data. The company also admitted to “mistakenly” routing user data through China over the past month to cope with a dramatic rise in traffic – an issue it says it has now fixed. Zoom has two servers and a 700-strong research and development arm in China. It had previously stated that users’ meeting information would stay in the country in which it originated. The revelations triggered complaints from US senators, several of whom urged the Federal Trade Commission to investigate whether the company had broken consumer protection laws. It also prompted the Taiwanese government to ban Zoom for official business. The FBI warned last month that it had received reports that teleconferences were being hacked by people sharing pornographic messages or using abusive language — a practice that has become known as “Zoombombing”. A spokesperson for the company said: “Zoom is working around-the-clock to ensure that universities, schools, and other businesses around the world can stay connected and operational during this pandemic, and we take user privacy, security and trust extremely seriously. “We appreciate the outreach we have received on these issues from various elected officials and look forward to engaging with them.”
Coronavirus business update
How is coronavirus taking its toll on markets, business, and our everyday lives and workplaces? Stay briefed with our coronavirus newsletter. Sign up here However, the US Department of Homeland Security said in a memo to government cyber security officials that the company was actively responding to concerns and understood how grave they were, according to Reuters. The Pentagon told the Financial Times it would continue to allow its personnel to use Zoom. The Senate move follows similar decisions by companies including Google, which last week decided to stop employees from downloading the app for work. “Recently, our security team informed employees using Zoom Desktop Client that it will no longer run on corporate computers as it does not meet our security standards for apps used by our employees,” Jose Castaneda, a Google spokesperson, said. However, he added that employees wanting to use Zoom to stay in touch with family and friends on their mobiles or via a web browser could do so. The Google decision was first reported by BuzzFeed. Zoom has tried to stem the tide of criticism in recent days. The company said on Wednesday it had hired Alex Stamos, the former Facebook security chief, as an outside security consultant, days after saying it would redirect its engineering resources to tackle security and privacy issues. Additional reporting by Katrina Manson
