<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
Dear Daniel,<br>
<br>
in one week I have seen more security and feature updates in Zoom
than in 3 years of prior utilisation. There are alternatives to
Zoom, but most of them have the same faults and can be equally as
easy to hack. Some alternatives might be better on security but are
feature poor and bandwidth hungry. Some are worse than Zoom on
security and have done nothing to address these points, and some
alternatives are downright awful to use... or "work" only on a
single platform.<br>
Kindest regards,<br>
<br>
Olivier<br>
<br>
<div class="moz-cite-prefix">On 18/04/2020 23:33, DANIEL NANGHAKA
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAD4W+iPY8ge9eLxhb=_j-niGvADQypJAQGnLOqydt3F5KGrzdg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Are we still safe with zoom amidst all the flaws
that have been identified?
<div><br>
</div>
<div>There was a time when a simple flaw was discover during an
ICANN meeting, and Adobe Connect was shutdown. Is there an
analysis of the effects. </div>
<div>What is the security guarantee that we have on zoom?</div>
<div><br>
</div>
<div>Daniel KN</div>
</div>
<div hspace="streak-pt-mark" style="max-height:1px"><img alt=""
style="width:0px;max-height:0px;overflow:hidden"
src="https://mailfoogae.appspot.com/t?sender=aZG5kYW5uYW5nQGdtYWlsLmNvbQ%3D%3D&type=zerocontent&guid=70e9e0e1-3e46-43e5-878e-a40906b5b076"
moz-do-not-send="true"><font size="1" color="#ffffff">ᐧ</font></div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sat, 18 Apr 2020 at 17:17,
Alfredo Calderon-Serrano via ttf <<a
href="mailto:ttf@atlarge-lists.icann.org"
moz-do-not-send="true">ttf@atlarge-lists.icann.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="auto"><a
href="https://blog.zoom.us/wordpress/2020/04/15/90-day-security-plan-progress-report-april-15/"
target="_blank" moz-do-not-send="true">https://blog.zoom.us/wordpress/2020/04/15/90-day-security-plan-progress-report-april-15/</a><br>
<br>
<img src="cid:part4.CDB48A5A.8FA221CB@gih.com" class=""
width="646">
<div><br>
</div>
<div><img src="cid:part5.652EBA86.E9D9C916@gih.com" class=""
width="633"></div>
<div><span><br>
</span></div>
<div>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">The
newly released </span><a
href="https://blog.zoom.us/wordpress/2020/04/08/zoom-product-updates-new-security-toolbar-icon-for-hosts-meeting-id-hidden/"
rel="noopener"
style="box-sizing:border-box;margin:0px;padding:0px;vertical-align:baseline;text-decoration:none;color:rgb(253,120,34);border-bottom-width:1px;border-bottom-style:solid"
target="_blank" moz-do-not-send="true"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Security
icon</span></a><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline"> in
the toolbar provides Zoom Meetings hosts and co-hosts
with one-click access to a number of existing Zoom
security features, including Lock Meeting and Enable
the Waiting Room.</span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Changes
to Zoom’s default settings</span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">We’ve
made changes to Zoom’s default meeting settings to
improve security before a meeting starts. Both meeting
passwords and Waiting Rooms are enabled by default for
our free Basic users and single Pro users, while those
in our K-12 education program need a password to join
a meeting. Waiting Rooms also are on by default for
those K-12 users. </span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Enhanced
meeting password complexity</span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Account
owners and admins can now configure minimum meeting
password requirements to include numbers, letters, and
special characters, or allow only numeric passwords.
Free Basic account users will now use alphanumeric
passwords by default instead of numeric passwords. </span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Changes
to data center routing </span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Starting
April 18, account admins will have the ability to
choose whether or not their data is routed through
specific data center regions, giving users more
control of their interactions with Zoom’s global
network. Learn more about the process in our </span><a
href="https://blog.zoom.us/wordpress/2020/04/13/coming-april-18-control-your-zoom-data-routing/"
rel="noopener"
style="box-sizing:border-box;margin:0px;padding:0px;vertical-align:baseline;text-decoration:none;color:rgb(253,120,34);border-bottom-width:1px;border-bottom-style:solid"
target="_blank" moz-do-not-send="true"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">blog
post</span></a><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">.</span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Bug
bounty program with Katie Moussouris of Luta Security</span><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline"> </span></p>
<p style="box-sizing:border-box;margin:1em 0px
0px;padding:0px;border:0px;font-size:15.4px;vertical-align:baseline;color:rgb(19,35,41);font-family:aktiv-grotesk,Helvetica,sans-serif"><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Zoom
will be working with Luta Security to reboot our bug
bounty program. </span><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Luta
Security was founded by Katie Moussouris, who created
some of the most important vulnerability programs
still running today. She started Microsoft
Vulnerability Research and Symantec Vulnerability
Research, and also started Microsoft’s and the
Pentagon’s bug bounty programs. </span><span
style="box-sizing:border-box;margin:0px;padding:0px;border:0px;vertical-align:baseline">Luta
Security will be assessing Zoom’s program holistically
with a 90-day “get well” plan, which will cover all
internal vulnerability handling processes. Read more
in Katie’s <a
href="https://www.lutasecurity.com/post/luta-security-and-zoom"
rel="noopener"
style="box-sizing:border-box;margin:0px;padding:0px;vertical-align:baseline;text-decoration:none;color:rgb(253,120,34);border-bottom-width:1px;border-bottom-style:solid"
target="_blank" moz-do-not-send="true">blog post</a>.</span></p>
</div>
<div><span><br>
</span>
<div dir="ltr">Alfredo Calderón
<div><br>
</div>
<div>Sent from my iPad</div>
</div>
</div>
</div>
_______________________________________________<br>
ttf mailing list<br>
<a href="mailto:ttf@atlarge-lists.icann.org" target="_blank"
moz-do-not-send="true">ttf@atlarge-lists.icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/ttf"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/ttf</a><br>
<br>
_______________________________________________<br>
By submitting your personal data, you consent to the
processing of your personal data for purposes of subscribing
to this mailing list accordance with the ICANN Privacy Policy
(<a href="https://www.icann.org/privacy/policy"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://www.icann.org/privacy/policy</a>)
and the website Terms of Service (<a
href="https://www.icann.org/privacy/tos" rel="noreferrer"
target="_blank" moz-do-not-send="true">https://www.icann.org/privacy/tos</a>).
You can visit the Mailman link above to change your membership
status or configuration, including unsubscribing, setting
digest-style delivery or disabling delivery altogether (e.g.,
for a vacation), and so on.</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
ttf mailing list
<a class="moz-txt-link-abbreviated" href="mailto:ttf@atlarge-lists.icann.org">ttf@atlarge-lists.icann.org</a>
<a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/ttf">https://mm.icann.org/mailman/listinfo/ttf</a>
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a class="moz-txt-link-freetext" href="https://www.icann.org/privacy/policy">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a class="moz-txt-link-freetext" href="https://www.icann.org/privacy/tos">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Olivier MJ Crépin-Leblond, PhD
<a class="moz-txt-link-freetext" href="http://www.gih.com/ocl.html">http://www.gih.com/ocl.html</a></pre>
</body>
</html>