Yesterday I was on a zoom call which was hijacked or zoombombed with something not just horrible but totally illegal. Because of this I have pretty much lost all trust in zoom.
This is of course very difficult as its what we use at work and of course being in the middle of the covid19 lockdown, makes things tricky. Because of this, I’m going to still use it but with much more caution and I’m going to be a lot more forceful about the hosting side of it.
Its clear war-dialers for public Zoom meetings is so easy and well used by inscrutable groups of people. Zoom could make sharable links much more difficult to war dial, similar to the way Google docs uses combinations of characters and numbers to make a much longer url, a lot harder to war-dial.
The defaults of Zoom, is setup for a semi trusted corporate environment. I understand the covid-19 pandemic changed everything but there has been many updates and only now is the defaults only just safe. Their share prices have rocketed but they are only now focused on security ahead of more features?
Their idea of end to end encryption is a total dump on top of the security findings saying some calls are being routed via China.. Today they announce you can choose your routing but you need to pay for it. More governments and companies are blocking zoom because they just don’t trust it.
Likewise neither do I… but I will use it… with caution.
I have been thinking about an equivalent, and thought about two.
- I lost trust in Facebook a long while ago but still use it for volleyball events and the occasional post about something I feel could be important for friends, family and the public who don’t read my blog (as its posted on the internet already, I post publicly adopting the indieweb Posse approach, much to the surprise of some friends). For example I posted what happened on zoom yesterday there today.
Facebook was hardly trustworthy to start with and over and over again they took the living daylights with our data. - There was a point when Windows Vista pushed as the step/edition of Windows XP and I didn’t like what Microsoft had done to it. To be fair I didn’t trust them and saw shadows of where things were heading. So I switched to Ubuntu.I know the new Microsoft is quite different of course but the damage was done.
If you are hosting a Zoom call, please do lock it down theres a number of guides to help including this one.
I lost it with Microsoft when they did Windows 8.. The said that I was part of the “community” but just made Windows 8 so bloody awful. But when they used the DCMS int he states to block what I had written about it on betanews, I stopped trying to help.
And then, once they released Windows 8 the whole world panned it, just as I said they would.
Some years later and they’ve fixed all of the things I said about it! WIndows 10 is more-or-less OK now.
But yes, it’s the easiest thing in the world to put a simple long-random-code thing onto the room IDs. This isn’t rocket science and it seems incredible that someone did it in 2020.