cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?

Will Alex Stamos save Zoom from imploding??? He will need an army to rewrite their code and security, well just about everything...

Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?

@AppDefectsHere is an update from Tomsguide:

 

https://www.tomsguide.com/news/zoom-security-privacy-woes

 

It certainly is a dynamic field at the moment, some for and some against.

 

Regards

 

Caute_cautim

Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?

@kpinkhamThere has to be some overlooking there or even corruption or 'oversight"?

 

What a categorical mistake to make?

 

Regards

 

Caute-cautim

 

 

Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?

@CraginSI think you are absolutely correct:  Look at this next issue:

 

https://news.sky.com/story/coronavirus-teachers-stopped-from-using-zoom-in-singapore-after-very-seri...

 

From Singapore, this is serious.

 

Regards

 

Caute_cautim

Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?


@rslade wrote:

Since it seems likely that China can surveil basically any Zoom meeting/call/chat, I think it would be a good idea, in national security terms, for everyone, as much as possible, to use Zoom for inconsequential family parties and so forth, so that important business and government meetings might get lost in the chaff ...


Once upon a time, Webex was an early contender in the group video meeting market. The US Department of Defense (DoD) was using them to test group communication services capabilities and procedures. Several large corporations, like Lockheed around the time they were developing the F-35, used them for remote communication. They were nominally a San Francisco company, but some careful study revealed that the company was owned in China, their San Francisco employees were primarily Chinese nationals, and most of the developer team, as well as primary servers, were in China. As the DoD moved forward to field a full communication service, Webex was not on the list of finalists, possibly because of the foreign ownership. 

 

A year or two later, DoD put out a request for proposals on a communication service, By that time Citrix had bought Webex, so Webex was allowed to participate, as a US owned company. However, much of the sales, support, and developer staff were the same folks as before; only the corporate ownership had changed.

 

Move forward many years. Eric Yuan was on the Webex team at Citrix. He saw an opportunity to build a better mousetrap for group communication, so he left Citrix and started Zoom. From my superficial reading of history own Yuan, Zoom, and Webex, I have not been able to tell if he was a pre-Citrix Webex employee. According to a Forbes bio article, he joined Webex in 1997, and Cisco acquired Webex in 2007. [edited 4/13/2020] I do find it interesting that he apparently was not bound by a no-compete contract at Webex/Citrix, allowing him to launch Zoom in direct competition with Webex.

 

Now we learn that Zoom has developers and servers in China, just as Webex did. And that occasionally encryption keys and communication streams get "accidentally" routed through China, even for US-to-US conversation sessions. (If you buy that story, I have a bridge for sale I want to talk about with you.)

 

Kinda makes you think, dunnit?

 

Craig

 

Dr. D. Cragin Shelton, CISSP (D-11)
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
href="Not Passing a Cert Exam is Not the Same as Failing" target="new";;https://cragins.blogspot.com/2018/08/pass-rates-for-professional-exams.html
Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?


As professionals in the field of security and privacy, we have nothing to worry about. The public will stop using ZOOM just a quickly as they all jumped off of FaceBook once its perfidy was apparent.

You really have a nice turn in sarcasm ...


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?

Yet another voice, and some new vulnerabilities.  (Even after the updates?)


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?

Well, I cannot address the trust issues we may have, but the Electronic Frontier Foundation has published a protect yourself guide if you must use Zoom.

 

Craig

 

 

Dr. D. Cragin Shelton, CISSP (D-11)
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
href="Not Passing a Cert Exam is Not the Same as Failing" target="new";;https://cragins.blogspot.com/2018/08/pass-rates-for-professional-exams.html
Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?

Why are we not surprised?

 

https://www.cpomagazine.com/cyber-security/half-a-million-zoom-accounts-compromised-by-credential-st...

 

Anyone want some Zoom accounts?   They are cheap...

 

Regards

 

Caute_cautim

Highlighted
Community Champion

Re: Is Zoom conferencing safe to use or not?


@Caute_cautim wrote:

Why are we not surprised?

 

https://www.cpomagazine.com/cyber-security/half-a-million-zoom-accounts-compromised-by-credential-st...

 

More and more evidence piles up that Zoom is not to be trusted. See

Move Fast and Roll Your Own Crypto
A Quick Look at the Confidentiality of Zoom Meetings
By Bill Marczak and John Scott-Railton April 3, 2020

 

To quote Wolfman Jack,

"And the hits just keep on coming!"

 

Craig

 

 

Dr. D. Cragin Shelton, CISSP (D-11)
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
href="Not Passing a Cert Exam is Not the Same as Failing" target="new";;https://cragins.blogspot.com/2018/08/pass-rates-for-professional-exams.html