cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CraginS
Defender I

Invite Your Adversary to the Meeting

Well here is a bit of national security intersecting with popular technology:

From the Washington Post on March 3, 2021

Opinion: The White House’s use of Zoom for meetings raises China-related security concerns

Opening paragraph:

"The Biden White House is using the teleconference platform Zoom for most of its unclassified government-related virtual interactions, even as the Justice Department is prosecuting one of the company’s China-based executives for working with Beijing’s intelligence services to interfere in Zoom calls. Some lawmakers, former officials and experts are warning that the Biden administration may be ignoring the risks."

=-=-=-=

There have been extensive concerns over how Zoom is engineered in China, and has extensive server capability in China, raising legitimate concerns over what data on those servers are available to the Chinese government. Zoom was caught lying about the level and type of encryption used in Zoom calls: their use of "end to end encryption" turns out to have meant https (TLS) between clients and servers. Sheesh! Trustworthy much?

I have heard reports that selected US government agencies have blocked Zoom from their desktop computers. They get it.

How can senior executives ignore the situation so blatantly?

One contribution to the mess is the combination of ease of use and wide promotion. Chinese designers have proven themselves, in both Zoom and TikTok, as expert in human factors usability design and features inclusion.

Be wary, be very very wary.

(c) 2021 D. Cragin Shelton

[Originally published on my Blog]

 

Craig

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
3 Replies
sventester
Newcomer II

Re: Invite Your Adversary to the Meeting

Zoom was caught lying about the level and type of encryption used in Zoom calls: their use of "end to end encryption" turns out to have meant https (TLS) between clients and servers.

Not only that; traffic was proven to be redirected to Chinese server farms: https://techcrunch.com/2020/04/03/zoom-calls-routed-china/

 

I think one of the biggest problems is that many people are not even willing to entertain the idea of China is an "adversary", because they conflate it with being xenophobic. I'm convinced this state of thinking is a result of subversion.

denbesten
Community Champion

Re: Invite Your Adversary to the Meeting

The White House is not using the same Zoom as you and I. The article acknowledges  "...the White House uses Zoom for Government...".  The simple fact that they have their own "SKU" tells us that risk is not being blatantly ignored.

 

It is good to ask if they (Gov't) are analyzing risks and coming up with an appropriately balanced solution, but I also realize we we likely never get an answer any deeper than "that is why we have Gov Zoom" and "we do not discuss security details". 

 

Do note that this appears on WaPo's "Opinion" page, which is where all articles containing the word "may" belong.  No comment on "consumer" Zoom's security practices.

tmekelburg1
Contributor II

Re: Invite Your Adversary to the Meeting

Thanks for chiming in @denbesten. I was afraid this was going to turn into a full-on confirmation bias thread. I'm not defending Zoom's past mistakes but they have addressed all of these issues in these "Opinion" news articles. Also, let's try to not let mistakes the company makes turn into conspiracy theories without the proper evidence supported.