Re: [onap-tsc] Apologies

Thu, 01 Oct 2020 11:37:57 -0700

 
I'm far from an expert on Zoom security, but to prompt discussion, here are some thoughts on different approaches to avoid this in the future:
 
 
- add password to meeting: DONE
 
- create new meeting ID and password - at least change today going forward, but possibly for each meeting (I know logistically hard)
 
- remove link to TSC meeting from any public wiki page - maybe either require a LF login to see it in the wiki and/or only publish via the TSC mailing list
 
- impose waiting room - obviously requires a lot more work for the host, and we probably wouldn't even know for many meetings who might be a bad actor
 
- restrict sharing to host only - it seems Zoom doesn't have the ability to "pass the ball" for sharing... it's either the host or anyone?  
 
- require a Zoom login to join - sounds like this only works for paid accounts?  I thought there was an option to require a login (but not a paid account)?
 
- switch web conference providers - would require investigation as to which ones might have better security approach, balanced against cost and access for global locations
 
 

Regards,
Jason Hunt
Distinguished Engineer, IBM

Phone: +1-314-749-7422
Email: [email protected]
Twitter: @DJHunt
 
 
----- Original message -----
From: "Chaker Al-Hakim" <[email protected]>
Sent by: [email protected]
To: "[email protected]" <[email protected]>
Cc:
Subject: [EXTERNAL] Re: [onap-tsc] Apologies
Date: Thu, Oct 1, 2020 1:01 PM
 

Hi Kenny,

 

We cannot allow this incident to ever happen  again. Realizing that some people may be inconvenienced and may not be able to join from a free account we need to go back and put the previous restrictions in place. To say this was appalling and disturbing is an understatement

 

Regards,

Chaker

 

 

From: [email protected] <[email protected]> On Behalf Of Kenny Paul via lists.onap.org
Sent: Thursday, October 01, 2020 10:55 AM
To: [email protected]
Subject: [onap-tsc] Apologies

 

I am very distraught at the moment.

We have struggled with security on Zoom. We recently removed the requirement that you must sign in from a registered account dur to folks in some geographies no longer being able to access the meetings from free accounts.

 

The horrible, horrible intrusion into our TSC call today was the direct result of lifting those restrictions.

 

Looking for recommendations from the community on what we should do to try and prevent today’s situation from re-occurring.

 

Thanks!

-kenny

 

 

 

_._,_._,_
Links:

You receive all messages sent to this group.

View/Reply Online (#7141) | Reply To Group | Reply To Sender | Mute This Topic | New Topic
Your Subscription | Contact Group Owner | Unsubscribe [[email protected]]

_._,_._,_

Reply via email to