While I’ve confined most of this blog to woodworking topics of some sort, my “day job” was nearly 50 years in the technology business, most recently software engineering and developing accessibility techniques for making the Internet an easier place for people with disabilities.
So, I’ll break away from Splinterville for a few moments to talk tech.
Main point: Don’t use Zoom. What!?! Doesn’t everybody use zoom? Unfortunately, too many.
I’ll be blunt. While Zoom is bright and shiny and easier to use than some other products, it is a Chinese product with close ties to the Chinese Communist Party. The CCP has absolutely ZERO respect for personal freedom, independence or personal privacy. Zoom is a security sieve, so full of holes that any of your personal information can be easily mined by the Chinese Communist Party and other malcontents.
Do you want your conversations with your doctor, your financial advisors, your insurers etc., known by others? Think very seriously about what information you exchange in Zoom meetings, or what information your reveal in your Zoom profile, and whether you want any of it known beyond the people you trust in those meetings. Zoom has a long history of security weaknesses; everything from the absence of encryption in some “free” meetings, to very weak encryption when used, to Chinese servers controlling those weak encryption keys, to weaknesses that lets others into your meetings, that lets others take over your webcams, to a backdoor that lets the CCP listen in anytime they please, and similar weaknesses that cybercriminals are now exploiting to steal your digital identity.
Amazingly, one of my healthcare providers chose Zoom for “tele-medicine” meetings. Their reason was because Skype wasn’t HIPAA compliant and Zoom was. I can’t imagine how Zoom is HIPAA compliant while being riddled with security and privacy holes. DOH!
Personally, I blame Microsoft. They’ve been very complacent in not upgrading SKYPE to meet modern commerce demands. Think: old cow whose milk is still bringin’ cash.
A collection of articles about Zoom’s security flaws:
- Zoom security issues: Here’s everything that’s gone wrong (so far)
- A Zoom Flaw Gives Hackers Easy Access to Your Webcam
- ZOOM ENCRYPTION CONTAINS A CHINESE BACKDOOR AND….
- Maybe We Shouldn’t Use Zoom After All
- Is Zoom a HIPAA Compliant Video and Web Conferencing Platform?
- Zoom Security Concerns Mount as New Flaws Identified
Hey Bob,
I think you shouldn’t blame Microsoft. The blame should be on the IT industry as a whole, and, more generally, every unregulated for-profit greed driven system out there. With the current state of technology we could have free video calling capabilities pretty much like TV or radio for about a decade now, if not for any corporation out there squashing anything remotely resembling a competition to their business model. So singling out Microsoft or CCP is not exactly fair, any remotely capable government or a company should be on your list too.
Oh, forgot to add: the Hanlon’s razor is well applicable to the Zoom’s security situation. As a fellow SWE you are definitely well aware that we aren’t particularly great at handling complexity in software design and implementation, that security is rarely a priority, also that other examples of deliberate backdoors look quite different.
Btw, Zoom is 100% US company, it’s based in CA and founded by a former Cisco employee, an American citizen. It would never get certified if all the servers would be in China. I guess their relationship with CCP is the cost of doing business there, that’s how it went with other top players wanting a presence in that country.
Well, H…
I can certainly agree with the Hanlon’s razor idea. From a couple of decades work with web accessibility technology, accessibility like security is never at the forefront of the designers’ / developers’ goals. Many still don’t have any concept of what’s needed for accessibility. Security is slightly better off. … and if a backdoor wasn’t intentionally designed in, there were enough opportunities in the open mesh of the security screen to insert one.
As for the CCP, the normal cost of a non-Chinese firm doing business there is surrendering to the CCP 51% ownership of the assets, intellectual property and revenue associated with the Chinese share of the business. Before thinking that getting in bed with the CCP is simply the cost of doing business there, check out how the CCP keps its promises, especially how the 50 year “One Country, Two Systems” agreement regarding Hong Kong is working out.
The only cure is to bring back manufacturing to North America (or the EU for those countries concerned), and keep global trade under control (I am against stopping global trade). Zoom is just a tiny tiny piece of the security puzzle. Look at PPE and drugs. Whom do we rely on? China.
Don’t blame China or MS or the conglomerates. Blame the Western governments that do not know who their enemies are.
I hope the banning of Hauwei in developing our 5G infrastructure is the wake-up call and beginning.
This is somewhat off topic but I’m presently angry with big tech so I’m going to vent here anyways.
My ten year old iPhone finally gave out,….
Far too far off topic… Go find some iPhone forums for your complaint.