Go | New | Find | Notify | Tools | Reply | |
| Zoom, FB, and privacy issues | Login/Join |
Has Achieved Nirvana |
https://www.theguardian.com/co...heres-why-you-should
| ||
|
Minor Deity |
Wait a damn minute. You’re telling me that other people are having sex parties on zoom, while I got to watch Chas play the banjo? | |||
|
| Has Achieved Nirvana |
| |||
|
| "I've got morons on my team." Mitt Romney Minor Deity  |
Now THAT is an invitation to hackers! | |||
|
Has Achieved Nirvana |
Yeah, the words Facebook and privacy don't really belong in the same sentence. Oh well. | |||
|
| Has Achieved Nirvana |
https://www.washingtonpost.com...ine-security-issues/
| |||
|
Minor Deity |
With regards to the “hijacking” of online classrooms and teleconferences: Zoom allows a mode of operation where any one with the right "meeting ID" (and optionally a corresponding password) can get in. For expedience, that's what most people/organizations use when they use Zoom (we did the same thing with our virtual piano party the lat time). The "meeting ID" (and the optional password) is shared for all participants, and when you have dozens of participants sharing the same "meeting ID"/password, it's hard to keep that a secret. It is human problem rather than a technology problem. To achieve better access control, you need to go to a model where each participant gets a unique login/password that s/he's supposed to keep secret; then if one person leaks his login/password, you can disable just that one login/password without changing the login information for the other few dozen people. To get there, you have to start managing an "account" (or at least a login/password) for every participant -- one for every student, for example. Zoom also support the model where every participant is required to log in. The problem is that most organizations/people are not yet set up to have a Zoom login. If you are already a Microsoft shop where every one already has a Microsoft login, or a Google shop where every one already has a Google login, then using a Microsoft/Google tool can easily leverage that Microsoft/Google login. But if you try to use Zoom, you have to spend extra time/money to either get every participant set up to have an individual Zoom login, or do some sort of IT integration with Zoom such that Zoom can use a standard protocol to leverage whatever user login system your people already use. Zoom does some ****** things that I think deserve scrutiny, but the “hijacking” of online classrooms and teleconferences, in my opinion, is mostly due to people not using Zoom in the right ("secure") way.
| |||
|
| Has Achieved Nirvana |
Absolutely, Ax. I think people got thrown into this so quickly they were just scrambling to set *anything* up so they could get their classes going and didn't have time to figure out security issues. But the thing about the analytics data going to FB is pretty crummy....
| |||
|
| Minor Deity |
https://www.pcmag.com/news/zoo...o-china-report-finds Short version: 1. A U. of Toronto research lab found Zoom sending encryption keys to China. 2. Zoom says: (a) yes, they f'd up when they quickly spun up additional servers to handle the rapidly increasing load, and some of those additional servers that are physically located in China got mixed up and were used to handle extra load from other parts of the world; (b) that they have fixed the issue as of April 3, they no longer send extra load to servers in mainland China.
| |||
|
| (self-titled) semi-posting lurker Minor Deity  |
One big thing is just to set up the meeting so that the host has to actively "admit" each person. This could be a pain if it's a huge group, but with a smaller group (say 20 or less) it's manageable. That's what I'm doing for my classes. Separate from my online teaching, I'm also working with the organizers of a conference helping them troubleshoot/brainstorm changes to make in order to have the conference be held online (since it was originally scheduled as an in-person conference for end of May). Anyway, the university of the main organizer is the default contract for the webinar platform, and that uni right now only has an account with Zoom. I recommended they consider WebEx as well. But maybe Zoom will have those issues remedied before then. We'll see how it goes.
| |||
|
| knitterati Beatification Candidate  |
Some measured thoughts on Zoom and security. I’m inclined to agree.
| |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
|