Zoom has really been a godsend in these times of being house bound. We will be doing a virtual Easter brunch at 11:00 with our friends from as far away as Singapore. I just got off a Zoom virtual church coffee hour that had 16 of us chatting and updating each other including 4 out of state snowbirds. I was involved in putting together three virtual worship services in the last week with 5 of us including a new pastor that most haven't even had a chance to meet yet using Zoom and PowerPoint. Thankful that we could record and edit it before posting it as a Facebook Premiere at 10:00. Last night we got together with the kids with the House party app.

I am curious: how is Zoom different from FaceTime, Skype, Facebook chats, or other video conferencing apps? I am having trouble keeping up with new technology.

Zoom can act as an equivalent to FaceTime and the like, but is also highly capable for conference type interaction, large scale meetings, online courses, and other high participant activities. It’s great until you spend day after day on it as you work from home.

Careful, the DoD, FBI, Senate, Google, SpaceX have banned Zoom (https://www.ft.com/content/dac7d60b-54fa-402b-8469-70f85aaace76) citing various security / privacy e.g.: encryption keys being shared with unknown parties in Beijing, personal data of users shared with Facebook whether they have an account or not, etc. They're also being sued by one of their shareholders over this (http://https://www.reuters.com/article/us-zoom-video-commn-privacy-lawsuit-idUSKBN21Q10V).

Ain't nothing "free" on the internets you know.

My kids do their e-school via Zoom. Picture 20 kindergarteners trying to talk at once and a teacher who doesn’t like the mute button.

Careful, the DoD, FBI, Senate, Google, SpaceX have banned Zoom (https://www.ft.com/content/dac7d60b-54fa-402b-8469-70f85aaace76) citing various security / privacy e.g.: encryption keys being shared with unknown parties in Beijing, personal data of users shared with Facebook whether they have an account or not, etc. They're also being sued by one of their shareholders over this (http://https://www.reuters.com/article/us-zoom-video-commn-privacy-lawsuit-idUSKBN21Q10V).

Ain't nothing "free" on the internets you know.

And this is something new?

Zoom's security / privacy issues, have been known for almost a year now. https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app. so not really new, no.

Looking forward to seeing them litigated out of existence.

Careful, the DoD, FBI, Senate, Google, SpaceX have banned Zoom (https://www.ft.com/content/dac7d60b-54fa-402b-8469-70f85aaace76) citing various security / privacy e.g.: encryption keys being shared with unknown parties in Beijing, personal data of users shared with Facebook whether they have an account or not, etc. They're also being sued by one of their shareholders over this (http://https://www.reuters.com/article/us-zoom-video-commn-privacy-lawsuit-idUSKBN21Q10V).

Ain't nothing "free" on the internets you know.

So what Bad Thing is going to happen if the Russians listen in on your church service, turning club meeting or chat with the grandkids? Yes, I can understand that the DoD shouldn't be revealing the nuclear launch codes in Zoom meetings (or whatever), but in the unlikely even that someone chooses to spend their time listening in to your coffee hour, who cares?

None of our modern communication methods are particularly secure without taking extraordinary measures that no one wants to bother with.

Would you like to have Facebook building a profile of you regardless of whether you gave them permission to or not?

https://i.imgur.com/EgHwoT3.png

Also, Zoom just hired Alex Stamos (https://www.reuters.com/article/us-zoom-video-commn-privacy/zoom-hires-former-facebook-security-chief-to-beef-up-privacy-safety-idUSKBN21Q1TY) from, drumroll, Facebook(!) as their new head of security. Same guy that presided over the Cambridge Analytica leak, proliferation of Russian disinformation on their platform, etc.

Not real surprising that public schools are banning Zoom now too. "Bothering" with online security is something we're all going to need to deal with sooner rather than later. Big Tech has been unregulated for far too long.

Supposedly the British government was using Zoom for cabinet meetings. There may well have been things said there that was not intended for public consumption.

Would you like to have Facebook building a profile of you regardless of whether you gave them permission to or not?

https://i.imgur.com/EgHwoT3.png



Peter, that bit you quoted looks a lot like it was taken from a legal pleading, probably a civil complaint. If so, it is simply an allegation by the person bringing the lawsuit, written by a plaintiff's lawyer. It might well be true, but it might not be. Do you know the source of the quote?

Jon, the quote source is an excerpt from Drieu et al. v. Zoom Video Communications Inc. et al., seeking a class action. Case number is 5:20-cv-02353 filed in the U.S. District Court for the Northern District of California. https://www.law360.com/articles/1261581 (free download).


Per that Reuters article (link (https://www.reuters.com/article/us-zoom-video-commn-privacy-lawsuit-idUSKBN21Q10V)) the shareholders were expecting a strong company launch, not revelations of security problems e.g.: issues with encryption keys, unauthorized Facebook access, etc.

Zoom bombing has been a development, but if you keep your meeting private, shouldn't be an issue. Not to worried about the Chinese hacking my family or church meeting.

I assume almost everything I ever type into a computer can become public information, mineable and useable by anyone without my permission. I do not trust the criminals to follow the rules, and assume the hackers are always a step or two ahead of the security guys. Fortunately there's almost nothing about my life I feel compelled to keep secret beyond actual financial account access information. I've always assumed that facebook's business is to gather information about me and resell it. I don't see why that behavior is surprising. I also have grave doubts as to whether my "private" life is really of interest to anyone, if so, I feel sorry for them.

I assume almost everything I ever type into a computer can become public information, mineable and useable by anyone without my permission. I do not trust the criminals to follow the rules, and assume the hackers are always a step or two ahead of the security guys. Fortunately there's almost nothing about my life I feel compelled to keep secret beyond actual financial account access information. I've always assumed that facebook's business is to gather information about me and resell it. I don't see why that behavior is surprising. I also have grave doubts as to whether my "private" life is really of interest to anyone, if so, I feel sorry for them.

I think the issue is that you should have both an expectation and a right to a reasonable level of privacy, even if you feel you have nothing to hide. I think you can see why it would be upsetting to most if their Zoom call or meeting was being eavesdropped by an interloper.

Now if Zoom gave a clear disclaimer at the outset that your communication on their platform may not be private and you should not assume that it is, that might be a different story.

The point is that the bad guys don't follow the rules. Companies can have wonderful privacy policies and up to the minute security protocols, but that does not guarantee privacy. You will be better off assuming that your communications are not private absent some fairly onerous security precautions on your own part, things like public key encryption for your emails. Yes the NSA can probably break that now, but if NSA is after you you have bigger problems; it will discourage casual hacking. I'm not suggesting this is how it "should" be.

Sure bad guys don't follow the rules, but there's a big difference between being paranoid that the NSA has found a way to break "strong" encryption, and using software from a company that "accidentally" configured its software to send keys to china, sent customer data to facebook without any agreement, and claimed to use "end-to-end" encryption without it being anything of the sort. The legitimate companies aren't doing anything of the sort.

Skype, for example, does none of those things. It offers "private" end-to-end encryption if you want, but doesn't enable it by default b/c there are tradeoffs most users don't like (difficulties adding new devices, getting old messages, searching messages, etc). You can use Signal if you always want end-to-end encryption.

Agree that nothing is guaranteed, but some companies put a hell of a lot more effort into it than others.

Bruce

I think the issue is that you should have both an expectation and a right to a reasonable level of privacy, even if you feel you have nothing to hide. I think you can see why it would be upsetting to most if their Zoom call or meeting was being eavesdropped by an interloper. Exactly this.

As far as Facebook and Google are concerned, Zoom broke off from both back in 2015 due to them dropping support for XMPP chat protocols.
https://support.zoom.us/hc/en-us/articles/204927135-Facebook-and-Google-To-Discontinue-XMPP-Chat-Protocol