<div dir="ltr">Are we still safe with zoom amidst all the flaws that have been identified?<div><br></div><div>There was a time when a simple flaw was discover during an ICANN meeting, and Adobe Connect was shutdown. Is there an analysis of the effects. </div><div>What is the security guarantee that we have on zoom?</div><div><br></div><div>Daniel KN</div></div><div hspace="streak-pt-mark" style="max-height:1px"><img alt="" style="width:0px;max-height:0px;overflow:hidden" src="https://mailfoogae.appspot.com/t?sender=aZG5kYW5uYW5nQGdtYWlsLmNvbQ%3D%3D&type=zerocontent&guid=70e9e0e1-3e46-43e5-878e-a40906b5b076"><font color="#ffffff" size="1">ᐧ</font></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, 18 Apr 2020 at 17:17, Alfredo Calderon-Serrano via ttf <<a href="mailto:ttf@atlarge-lists.icann.org">ttf@atlarge-lists.icann.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><a href="https://blog.zoom.us/wordpress/2020/04/15/90-day-security-plan-progress-report-april-15/" target="_blank">https://blog.zoom.us/wordpress/2020/04/15/90-day-security-plan-progress-report-april-15/</a><br><br><img src="cid:1718f340ff6c282b48a1" width="646"><div><br></div><div><img src="cid:1718f340ff6ecbabac92" width="633"></div><div><span><br></span></div><div><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">The newly released </span><a href="https://blog.zoom.us/wordpress/2020/04/08/zoom-product-updates-new-security-toolbar-icon-for-hosts-meeting-id-hidden/" rel="noopener" style="box-sizing:border-box;margin:0px;padding:0px;vertical-align:baseline;text-decoration:none;color:rgb(253,120,34);border-bottom-width:1px;border-bottom-style:solid" target="_blank"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Security icon</span></a><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline"> in the toolbar provides Zoom Meetings hosts and co-hosts with one-click access to a number of existing Zoom security features, including Lock Meeting and Enable the Waiting Room.</span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Changes to Zoom’s default settings</span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">We’ve made changes to Zoom’s default meeting settings to improve security before a meeting starts. Both meeting passwords and Waiting Rooms are enabled by default for our free Basic users and single Pro users, while those in our K-12 education program need a password to join a meeting. Waiting Rooms also are on by default for those K-12 users. </span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Enhanced meeting password complexity</span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Account owners and admins can now configure minimum meeting password requirements to include numbers, letters, and special characters, or allow only numeric passwords. Free Basic account users will now use alphanumeric passwords by default instead of numeric passwords.  </span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Changes to data center routing  </span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Starting April 18, account admins will have the ability to choose whether or not their data is routed through specific data center regions, giving users more control of their interactions with Zoom’s global network. Learn more about the process in our </span><a href="https://blog.zoom.us/wordpress/2020/04/13/coming-april-18-control-your-zoom-data-routing/" rel="noopener" style="box-sizing:border-box;margin:0px;padding:0px;vertical-align:baseline;text-decoration:none;color:rgb(253,120,34);border-bottom-width:1px;border-bottom-style:solid" target="_blank"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">blog post</span></a><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">.</span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Bug bounty program with Katie Moussouris of Luta Security</span><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">  </span></p><p style="box-sizing:border-box;margin:1em 0px 0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Zoom will be working with Luta Security to reboot our bug bounty program. </span><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Luta Security was founded by Katie Moussouris, who created some of the most important vulnerability programs still running today. She started Microsoft Vulnerability Research and Symantec Vulnerability Research, and also started Microsoft’s and the Pentagon’s bug bounty programs. </span><span style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Luta Security will be assessing Zoom’s program holistically with a 90-day “get well” plan, which will cover all internal vulnerability handling processes. Read more in Katie’s <a href="https://www.lutasecurity.com/post/luta-security-and-zoom" rel="noopener" style="box-sizing:border-box;margin:0px;padding:0px;vertical-align:baseline;text-decoration:none;color:rgb(253,120,34);border-bottom-width:1px;border-bottom-style:solid" target="_blank">blog post</a>.</span></p></div><div><span><br></span><div dir="ltr">Alfredo Calderón<div><br></div><div>Sent from my iPad</div></div></div></div>_______________________________________________<br>
ttf mailing list<br>
<a href="mailto:ttf@atlarge-lists.icann.org" target="_blank">ttf@atlarge-lists.icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/ttf" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/ttf</a><br>
<br>
_______________________________________________<br>
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a href="https://www.icann.org/privacy/policy" rel="noreferrer" target="_blank">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a href="https://www.icann.org/privacy/tos" rel="noreferrer" target="_blank">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</blockquote></div>