- From: Ryan Grant <w3c@rgrant.org>
- Date: Mon, 26 Oct 2020 07:07:13 +0000
- To: W3C Credentials CG <public-credentials@w3.org>
Hi Everyone, I would like to attend the next W3C-CCG meeting, sure to be full of juicy IIW news, but I won't be able to attend using Zoom, or POTS-routed-through-Zoom. I uninstalled Zoom after their horrible vulnerability in July of 2019. https://www.theverge.com/2019/7/8/20687014/zoom-security-flaw-video-conference-websites-hijack-mac-cameras Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed. That's possible in part because the Zoom app apparently installs a web server on Macs that accepts requests regular browsers wouldn't. In fact, if you uninstall Zoom, that web server persists and can reinstall Zoom without your intervention. I have never reinstalled it, because you don't make a "mistake" like that if you're moderately culturally aligned with security. I was glad I didn't reinstall it when I found out in April that Zoom was actively using servers under CCP jurisdiction. You don't make a "mistake" like that if you care about privacy. https://www.secureworldexpo.com/industry-news/zoom-traffic-through-china-data-routing-controls [...] Zoom was routing some of its virtual meeting traffic, and the digital keys that keep the meetings confidential, through servers in China. I was sad today to hear that Zoom is actively censoring paying customers who talk about political things that Zoom does not want discussed. You don't silence people by "mistake". https://www.buzzfeednews.com/article/janelytvynenko/zoom-deleted-events-censorship Zoom Deleted Events Discussing Zoom “Censorship” The action follows the company canceling an event at San Francisco State University where Leila Khalid was meant to give a talk. on | October 24, 2020 by | Jane Lytvynenko [...] “Zoom is committed to supporting the open exchange of ideas and conversations and does not have any policy preventing users from criticizing Zoom,” a spokesperson for the company said. [...] However, Zoom did not respond to questions about which specific policy was violated or whether other events have been shut down by the company. Adam Saeed, a student at University of Leeds, said he used his personal Zoom account to organize the event. He told BuzzFeed News that the company deleted his event and disabled his account without explanation. He contacted the company's customer support line, but said he has not yet heard back. Sometimes there's a lot of peer pressure to do a Zoom call. I won't make the mistake of attending.
Received on Monday, 26 October 2020 07:07:54 UTC