[Nottingham] Non-Zoom - Re: [Talk] *Tomorrow* Thursday 7:30pm 26/03/2020: Going Virtual!

Martin martin at ml1.co.uk
Sat Apr 4 14:47:42 UTC 2020 

... And to add a few more nails into the Zoom coffin:


Zoom 'unsuitable' for government secrets, researchers say

https://www.bbc.co.uk/news/technology-52152025


#####
... found that Zoom was using a non-standard type of encryption, and
transmitting information through China...

... found that Zoom sends traffic to China - even when all the people in
a Zoom meeting are outside of China. "During multiple test calls in
North America, we observed keys for encrypting and decrypting meetings
transmitted to servers in Beijing, China,"...

... Zoom has "rolled their own" encryption - using a variant of
something called AES-128 in "ECB mode". Among security researchers, ECB
mode "is well understood to be a bad idea", because it preserves some of
the patterns of the original [easing breaking the encryption]...

... [And] it uses "transport" encryption between devices and [Zoom's]
servers [not unbroken end-to-end encryption]...

... Zoom clarified its encryption policy on 1 April, apologising for
incorrectly suggesting that meetings were capable of end-to-end
encryption...

... Prof Woodward added: "I would not use Zoom for any sensitive or
secret discussions."
#####


Really, Zoom 'promises' to 'do better' amusingly announcing that on the
1st of April?!

To my personal view, all overly overtly suspicious!


Stay safe folks!
Martin



On 03/04/2020 19:34, Martin via Nottingham wrote:
> On 26/03/2020 16:44, J J via Nottingham wrote:
>> at least it's not Zoom, Skype or something.
> 
> ... And here's an example of why we didn't use those:
> 
> 
> Zoom boss apologises for security issues and promises fixes...
> 
> https://www.bbc.co.uk/news/technology-52133349
> 
> 
> Zoom vows to spend next 90 days thinking hard about its security and
> privacy after rough week...
> 
> https://www.theregister.co.uk/2020/04/03/zoom_security_improvements/
> 
> 
> And beware whatever 'fixes' you might wish for... As a user you get
> whatever you are given... User beware?
> 
> 
> Stay safe folks!
> Martin

More information about the Nottingham mailing list