On 2020-04-01 15:27, Roger Clarke wrote: > Zoom for Windows leaks network credentials, runs code remotely
The Guardian has an article on this topic at https://www.theguardian.com/technology/2020/apr/02/zoom-technology-security-coronavirus-video-conferencing EXTRACT But security researchers have called Zoom “a privacy disaster” and “fundamentally corrupt” as allegations of the company mishandling user data snowball. On Monday, New York’s attorney general, Letitia James, sent a letter to the company asking it to outline the measures it had taken to address security concerns and accommodate the rise in users. In the letter, James said Zoom had been slow to address security vulnerabilities “that could enable malicious third parties to, among other things, gain surreptitious access to consumer webcams”. A spokesman from Zoom told the Guardian on Wednesday it was planning to send James the requested information and comply with the request. “Zoom takes its users’ privacy, security, and trust extremely seriously,” the spokesman said. “During the Covid-19 pandemic, we are working around the clock to ensure that hospitals, universities, schools and other businesses across the world can stay connected and operational.” And on Thursday, the company announced it would freeze all new feature development and shift all engineering resources on to security and safety issues that have been called to attention in recent weeks. Here’s what you need to know about the challenges with Zoom: END David L. _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
