well-temperedforum.groupee.net    The Well-Tempered Forum  Hop To Forum Categories  Off Key    Zoom, FB, and privacy issues

Moderators: QuirtEvans, pianojuggler, wtg
Go
New
Find
Notify
Tools
Reply
  
Zoom, FB, and privacy issues
 Login/Join
 
Has Achieved Nirvana
Picture of wtg
posted
quote:
Acouple of months ago, Zoom was a dull, if successful, videoconferencing app that not many people knew about. Now, it is a household name and an integral part of many of our quarantined lives. We conduct business meetings on it; we chat to our mates on it; some people even have sex parties on it.

Yet there are growing concerns over what it does with users’ data. You may think you are working from the privacy of your own home, but the software is probably sharing a lot more information about you than you realise. Zoom has an attention-tracking feature, for example, which notifies the host of some video calls if participants click away to look at something else. The company has actively promoted this feature to educators, explaining it’s a good way to monitor which of your students is slacking off.

In any article about privacy violations, it is pretty much a given that Facebook will be mentioned. This is no exception. Recent analysis by Vice found that Zoom’s iOS app was sending analytics data to Facebook, even when the user did not have a Facebook account and even though this was not addressed in Zoom’s privacy policy. This data included things such as the user’s location and the device’s advertiser identifier information, a unique ID that lets companies send you targeted ads. On Friday, Zoom issued a statement saying “whoops!’” and announcing it had updated its software to stop sending iOS data to Facebook.


https://www.theguardian.com/co...heres-why-you-should


--------------------------------
We are all visitors to this time, this place. We are just passing through. Our purpose here is to observe, to learn, to grow, to love… and then we return home. - Australian Aboriginal proverb

Bazootiehead-in-training



 
Posts: 37794 | Location: Somewhere in the middle | Registered: 19 January 2010Reply With QuoteReport This Post
Minor Deity
Picture of Doug
posted Hide Post
quote:
Originally posted by wtg:
quote:
Acouple of months ago, Zoom was a dull, if successful, videoconferencing app that not many people knew about. Now, it is a household name and an integral part of many of our quarantined lives. We conduct business meetings on it; we chat to our mates on it; some people even have sex parties on it..




Wait a damn minute. You’re telling me that other people are having sex parties on zoom, while I got to watch Chas play the banjo?
 
Posts: 10334 | Registered: 20 April 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of wtg
posted Hide Post
hysteric


--------------------------------
We are all visitors to this time, this place. We are just passing through. Our purpose here is to observe, to learn, to grow, to love… and then we return home. - Australian Aboriginal proverb

Bazootiehead-in-training



 
Posts: 37794 | Location: Somewhere in the middle | Registered: 19 January 2010Reply With QuoteReport This Post
"I've got morons on my team."

Mitt Romney
Minor Deity
Picture of Piano*Dad
posted Hide Post
quote:
some people even have sex parties on it.


Now THAT is an invitation to hackers!
 
Posts: 12513 | Location: Williamsburg, VA | Registered: 19 July 2005Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of Daniel
posted Hide Post
Yeah, the words Facebook and privacy don't really belong in the same sentence.

Oh well.
 
Posts: 24655 | Registered: 31 March 2007Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of wtg
posted Hide Post
quote:
Some school districts around the country have started to ban the use of Zoom for online learning from home during the coronavirus crisis because of growing concerns about security, and others are reassessing how and whether to use the teleconferencing platform.

Days after the FBI issued a warning to the public about the “hijacking” of online classrooms and teleconferences, the New York City Department of Education, which runs the largest school district in the country, said teachers should no longer use Zoom and should instead work through Microsoft Teams.

Other school districts, too, have banned Zoom or are trying to beef up security around its use. Clark County Public Schools in Nevada said in a statement that it had decided to “disable access to Zoom out of an abundance of caution due to instances of hacking that created unsafe environments for teachers and students,” but that it was looking at options to that might allow it to resume access.


https://www.washingtonpost.com...ine-security-issues/


--------------------------------
We are all visitors to this time, this place. We are just passing through. Our purpose here is to observe, to learn, to grow, to love… and then we return home. - Australian Aboriginal proverb

Bazootiehead-in-training



 
Posts: 37794 | Location: Somewhere in the middle | Registered: 19 January 2010Reply With QuoteReport This Post
Minor Deity
Picture of Axtremus
posted Hide Post
With regards to the “hijacking” of online classrooms and teleconferences:

Zoom allows a mode of operation where any one with the right "meeting ID" (and optionally a corresponding password) can get in. For expedience, that's what most people/organizations use when they use Zoom (we did the same thing with our virtual piano party the lat time). The "meeting ID" (and the optional password) is shared for all participants, and when you have dozens of participants sharing the same "meeting ID"/password, it's hard to keep that a secret. It is human problem rather than a technology problem.

To achieve better access control, you need to go to a model where each participant gets a unique login/password that s/he's supposed to keep secret; then if one person leaks his login/password, you can disable just that one login/password without changing the login information for the other few dozen people. To get there, you have to start managing an "account" (or at least a login/password) for every participant -- one for every student, for example.

Zoom also support the model where every participant is required to log in. The problem is that most organizations/people are not yet set up to have a Zoom login.

If you are already a Microsoft shop where every one already has a Microsoft login, or a Google shop where every one already has a Google login, then using a Microsoft/Google tool can easily leverage that Microsoft/Google login. But if you try to use Zoom, you have to spend extra time/money to either get every participant set up to have an individual Zoom login, or do some sort of IT integration with Zoom such that Zoom can use a standard protocol to leverage whatever user login system your people already use.

Zoom does some ****** things that I think deserve scrutiny, but the “hijacking” of online classrooms and teleconferences, in my opinion, is mostly due to people not using Zoom in the right ("secure") way.


--------------------------------
www.PianoRecital.org -- my piano recordings -- China Tune album

 
Posts: 12682 | Registered: 01 December 2006Reply With QuoteReport This Post
Has Achieved Nirvana
Picture of wtg
posted Hide Post
Absolutely, Ax. I think people got thrown into this so quickly they were just scrambling to set *anything* up so they could get their classes going and didn't have time to figure out security issues.

But the thing about the analytics data going to FB is pretty crummy....


--------------------------------
We are all visitors to this time, this place. We are just passing through. Our purpose here is to observe, to learn, to grow, to love… and then we return home. - Australian Aboriginal proverb

Bazootiehead-in-training



 
Posts: 37794 | Location: Somewhere in the middle | Registered: 19 January 2010Reply With QuoteReport This Post
Minor Deity
Picture of Axtremus
posted Hide Post
https://www.pcmag.com/news/zoo...o-china-report-finds

Short version:

1. A U. of Toronto research lab found Zoom sending encryption keys to China.

2. Zoom says: (a) yes, they f'd up when they quickly spun up additional servers to handle the rapidly increasing load, and some of those additional servers that are physically located in China got mixed up and were used to handle extra load from other parts of the world; (b) that they have fixed the issue as of April 3, they no longer send extra load to servers in mainland China.


--------------------------------
www.PianoRecital.org -- my piano recordings -- China Tune album

 
Posts: 12682 | Registered: 01 December 2006Reply With QuoteReport This Post
(self-titled) semi-posting lurker
Minor Deity
Picture of ShiroKuro
posted Hide Post
quote:
the “hijacking” of online classrooms and teleconferences, in my opinion, is mostly due to people not using Zoom in the right ("secure") way.


One big thing is just to set up the meeting so that the host has to actively "admit" each person. This could be a pain if it's a huge group, but with a smaller group (say 20 or less) it's manageable. That's what I'm doing for my classes.

Separate from my online teaching, I'm also working with the organizers of a conference helping them troubleshoot/brainstorm changes to make in order to have the conference be held online (since it was originally scheduled as an in-person conference for end of May). Anyway, the university of the main organizer is the default contract for the webinar platform, and that uni right now only has an account with Zoom. I recommended they consider WebEx as well. But maybe Zoom will have those issues remedied before then. We'll see how it goes.


--------------------------------
My piano recordings at Box.Net: https://app.box.com/s/j4rgyhn72uvluemg1m6u

 
Posts: 18330 | Location: not in Japan any more | Registered: 20 April 2005Reply With QuoteReport This Post
knitterati
Beatification Candidate
Picture of AdagioM
posted Hide Post
Some measured thoughts on Zoom and security.

I’m inclined to agree.


--------------------------------
http://pdxknitterati.com

 
Posts: 9789 | Location: Oregon | Registered: 06 June 2005Reply With QuoteReport This Post
  Powered by Social Strata  
 

    well-temperedforum.groupee.net    The Well-Tempered Forum  Hop To Forum Categories  Off Key    Zoom, FB, and privacy issues