Recommending Zoom or not

@Leo I suggest you read these before leaping to recommend Zoom


Blog post by HIPAA lawyer Jeff Drummond.
https://hipaablog.blogspot.com/2020/03/zoom-information-get-baa.html

2 Likes

Luckily, I don’t know anyone who uses Zoom. I’ve been a Skype user since its launch in 2003. I’ve also had Trillian, AIM, ICQ, Yahoo! Messenger etc. over the years, but Skype is the only one I’ve used regularly, although according to my logs, the last message was nearly 3 years ago…

For business, I’ve used WebEx and GoTo Meeting in the past.

At work, we’ve had Teams for over a year, but disabled by management decree. They are looking at enabling it now, due to SARS-CoV-2.

But what I would say is, if you are going to use a video conferencing solution for work, then do due diligence first and ensure that it isn’t spying on you, even if you have to pay for it.

Privately, I’d probably stick with Skype for now, out of habit.

I’ve found Zoom to be a bit easier to use than WebEx and GTM. A couple of our vendor support teams have switched over to using Zoom so must be a big improvement on that end or they got a really good price.

But in addition to the ad tracking concerns, we seem to have forgotten the security flaws uncovered last year that Zoom tried to brush away as “features.” Security flaws happen but what matters is how they’re handled.

Were you guys holding on to Skype for biz or did management just not want any sort of chat platform? Curious about the reasoning here.

No, we never had Skype for Bus. We are still using face-to-face meetings, telephone and email.

At my previous employer, we had our own Jabber server.

1 Like

The whole of department is getting Office 365 and teams rolled out here - that’s nearly 18,000 thousand users across the state. It has generally been working well, though with my BeatsX, my laptop does not like using it’s microphone and earphones at the same time, so it’s a no go for meetings. The VPN got a bit of a hammering today though and the link is running out of bandwidth. Upgrade due on Thursday. Teams meeting with 22+ members have been working fine, with the usual caveat of mics and cameras not working at first. I like the way you can share a single window rather than the whole screen and pinning the main speaker’s video to full screen. We also have Skype for Business on premises, but I reckon that’s going to be phased out soon.

I was on my first Zoom conference this week, there were about 60 attendees and it worked well.

Apparently Zoom have disabled that suspect info sharing now. My thought is that it might turn out to be an unintended effect of an included software library - that seems to be something that catches developers out regularly because too often there isn’t enough awareness about the consequences of what’s being included in an app to get the desired functionality.

1 Like


A couple of related stories

2 Likes

I would agree with Dr.Flay on this if Zoom is indeed using ad tracking in their software. Unfortunately, some companies feel this is the way to do business and many of them like to use cloud-based solutions that they would not have much control over.

More importantly, without disclosing this information up front, it is more difficult for users to know the difference. I’m just lucky to have a more advanced ad-blocking/tracking solution.

We are unfortunately running headlong into things and abandoning all we teach and have been taught.
Fear is already a powerful tool for the advertising and media industry, because it makes people click-happy.

Those of us that know better are going to have to step up our game on behalf of everyone, or risk having to undo an absolute mess later.
Old Brucie is going to be doing his nut over this for the conceivable future.
https://www.schneier.com/blog/archives/2020/03/privacy_vs_surv.html

1 Like

I had to switch to teaching remote music lessons. Zoom is the only one that offers extra/advanced audio features, where you can hear the audio uncompressed (or much less compressed). So in the right circumstances, it’s the best product for that. I have it offered as the “enhanced audio” option along side FaceTime and Skype. Only about 1/10 have opted for Zoom, with a vast majority using FaceTime. I will probably do a clean install of MacOS next update.

2 Likes

The SANS Institute is pretty well regarded in the security world, and they just devoted most of today’s (March 31) quick Stormcast podcast to the Zoom issues. Their conclusion seems to be that it’s not that serious, was probably caused by the sort of mistakes that startups make rather than ill-intent, and appears to be fixed now, although Zoom have fumbled the PR somewhat. See what you think:

Which video conferencing software to use is the least of our problems.

A user just had an invite to a Teams meeting. He wanted to know if his laptop had a microphone and camera. Yes, yes it had… Only the image was black. I asked him if there was a lens cap over the camera, he said he couldn’t find a camera.

I did a quick google and found a photo of the laptop. There, dead centre above the screen is a camera… Back to the user, no, nothing. Slight pause. “Do you want me to give you the model of the monitor as well?”

Argh! He had the laptop docked and the screen closed and was using the external monitor!

7 Likes

Forgot that I meant to edit this with supporting evidence, just happened to see a good thread detailing the specifics from an academic I follow on Twitter this morning: https://twitter.com/random_walker/status/1244987617676050434?s=20

Ain’t no cure for stupid! :rofl:

2 Likes
1 Like

And on the other hand, The Register has spotted they’re basically lying about their encryption…

Oh, should have said. Do not go into the comments on that site unless you are untroubled by very strong language…

1 Like

Yeah the comments there can be very …
Hey, I comment there ! :roll_eyes:

1 Like

I’d encourage everyone to check that Bleeping Computer article, because apart from detailing the weakness, at the end it also gives suggested temporary fixes for Windows Pro and Home users while Zoom is working on a patch. I also saw some Twitter chatter around the discovery in which someone claimed the same thing could be done with Skype, but not Teams. Haven’t seen anything to back up those statements yet.

Here’s Zoom’s own support page on using controls to minimise the risk of disruption in a call:

These tips from TechCrunch were also quoted in a Sophos article on “Zoombombing”:

  • Disable “Join Before Host” so people can’t cause trouble before you arrive.
  • Enabling “Co-Host” so you can assign others to help moderate.
  • Disable “File Transfer” so there’s no digital virus sharing.
  • Disable “Allow Removed Participants to Rejoin” so booted attendees can’t slip back in.

The whole article can be found here:

Good summary of what Zoom is doing now and in the future to address security and privacy issues:

2 Likes