General Discussion
  >> General Broadband Chatter


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | >> (show all)   Print Thread
Standard User RobertoS
(elder) Sat 04-Apr-20 01:20:38
Print Post

Zoom security doubtful


[link to this post]
 
(Posting here as the Security forum seems to be almost moribund and this looks important)

A few days ago I read on a mainstream news site that the Cabinet was having virtual meetings using this software, yet the software is far from secure. Now we have further worrying information about it.

For instance it appears that data may be routing through China, including encryption and decryption keys, and 700 of the development team are in three companies in mainland China.

I did a quick search on these forums and see it is in use by some members, so posting to warn them and anybody else considering it in case they aren't aware of this.

My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - Three 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
==================================================
"Democracy means simply the bludgeoning of the people by the people for the people." Oscar Wilde
Standard User caffn8me
(eat-sleep-adslguide) Sat 04-Apr-20 08:31:50
Print Post

Re: Zoom lack of security in no doubt


[re: RobertoS] [link to this post]
 
I've been invited to join a group of friends on it for drinks but have refused because I'm deeply security paranoid.

That's as well as being deeply antisocial wink

By default all traffic to and from China is blocked by my firewall. I wonder if it would even work. It probably would if Zoom's explanation is correct.

Zoom has recently disabled web client access so users must now install an app to use the service - something which opens up even more potential security problems.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs

Edited by caffn8me (Sat 04-Apr-20 08:32:51)

Standard User dect
(experienced) Sat 04-Apr-20 08:44:47
Print Post

Re: Zoom security doubtful


[re: RobertoS] [link to this post]
 
I wonder how Zoom security compares to Cisco Jabber or Webex


Register (or login) on our website and you will not see this ad.

Standard User jchamier
(eat-sleep-adslguide) Sat 04-Apr-20 10:43:14
Print Post

Re: Zoom security doubtful


[re: dect] [link to this post]
 
In reply to a post by dect:
I wonder how Zoom security compares to Cisco Jabber or Webex

You might find this interesting:
https://www.schneier.com/blog/archives/2020/04/secur...

20 years of broadband connectivity since 1999 trial - Live BQM
Standard User Oliver341
(eat-sleep-adslguide) Sat 04-Apr-20 10:51:56
Print Post

Re: Zoom lack of security in no doubt


[re: caffn8me] [link to this post]
 
In reply to a post by caffn8me:
Zoom has recently disabled web client access so users must now install an app to use the service - something which opens up even more potential security problems.

I've used the Zoom web client a few times and indeed clicking on it now throws up "403 Forbidden".

Perhaps this is because the data sent via a browser was not secured sufficiently relative to the app (I'm giving Zoom the benefit of the doubt...).

Oliver.
Standard User Michael_Chare
(fountain of knowledge) Sat 04-Apr-20 10:59:34
Print Post

Re: Zoom security doubtful


[re: RobertoS] [link to this post]
 
A few days ago there was a picture on the BBC news of the cabinet using it!

AIUI the security depends on how you use it. You can configure it so that only the originator of a session can allow others to join. Even then the joiners have to know a 10 digit meeting ID.

Michael Chare
Standard User Andrue
(eat-sleep-adslguide) Sat 04-Apr-20 11:20:02
Print Post

Re: Zoom lack of security in no doubt


[re: caffn8me] [link to this post]
 
In reply to a post by caffn8me:
By default all traffic to and from China is blocked by my firewall. I wonder if it would even work. It probably would if Zoom's explanation is correct.
I suppose you refuse to order a Chinese take away as well.

---
Andrue Cope
Brackley, UK
Standard User dect
(experienced) Sat 04-Apr-20 11:30:10
Print Post

Re: Zoom security doubtful


[re: jchamier] [link to this post]
 
In reply to a post by jchamier:
You might find this interesting:
https://www.schneier.com/blog/archives/2020/04/secur...
Many thanks, its an interesting article.

I have used the Cisco products many times over many years but don't think I will be wanting to using Zoom anytime soon.

Edited by dect (Sat 04-Apr-20 11:30:50)

Standard User jchamier
(eat-sleep-adslguide) Sat 04-Apr-20 12:17:35
Print Post

Re: Zoom security doubtful


[re: dect] [link to this post]
 
In reply to a post by dect:
I have used the Cisco products many times over many years but don't think I will be wanting to using Zoom anytime soon.
My employer uses Cisco Webex (they bought them) exclusively, it seems to work very well. I am thankful I have good upstream bandwidth and VM in this area is not oversubscribed.

20 years of broadband connectivity since 1999 trial - Live BQM
Standard User caffn8me
(eat-sleep-adslguide) Sat 04-Apr-20 15:35:02
Print Post

Re: Zoom lack of security in no doubt


[re: Andrue] [link to this post]
 
In reply to a post by Andrue:
In reply to a post by caffn8me:
By default all traffic to and from China is blocked by my firewall. I wonder if it would even work. It probably would if Zoom's explanation is correct.
I suppose you refuse to order a Chinese take away as well.
Well, I wouldn't order one from China (it'd be cold by the time it arrived).

The other difference is I don't have Chinese restaurants trying to break in all the time whereas with Chinese computers it's a constant and coordinated onslaught.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Pages in this thread: 1 | 2 | 3 | 4 | 5 | >> (show all)   Print Thread

Jump to