Upcoming Events

International | Sci-Tech

no events match your query!

Blog Feeds

The Saker
A bird's eye view of the vineyard

offsite link US national media is useless ? so tell me the good local news sources? Sat Jul 04, 2020 22:09 | amarynth
by Ramin Mazaheri for the Saker Blog During the recent wave of rebellions in the US I was reminded of just how woefully, woefully inadequate the US nationwide media truly

offsite link Netherlands ?Justice? Is Totally Corrupt: MH17 Case as Example Sat Jul 04, 2020 18:42 | amarynth
by Eric Zuesse for the Saker Blog On Friday, July 3rd, the judge in the Netherlands court case against Russia as having fired a Buk missile that brought down the

offsite link String Of ISIS Attacks Continues In Syrian Desert Fri Jul 03, 2020 22:52 | amarynth
South Front Since the start of the week, the Syrian Army has repelled several ISIS attacks on its positions in the desert in central Syria. The most recent attack took

offsite link Syria Prepares For Military Confrontation With Turkey In Northeast Thu Jul 02, 2020 22:22 | amarynth
South Front The Syrian Army and the National Defense Forces have put their forces on high alert in response to the new round of aggressive actions by the Turkish Army

offsite link With Fire and Sword: Obama?s black crusaders and the war in the Ukraine Thu Jul 02, 2020 22:16 | amarynth
By Ken Leslie for the Saker Blog 1. How to be progressive in America As some readers of my previous essays recall, I devoted quite a lot of space to

The Saker >>

Human Rights in Ireland
A Blog About Human Rights

offsite link Human Rights Fri Mar 20, 2020 16:33 | Human Rights

offsite link Turkish President Calls On Greece To Comply With Human Rights on Syrian Refugee Issues Wed Mar 04, 2020 17:58 | Human Rights

offsite link US Holds China To Account For Human Rights Violations Sun Oct 13, 2019 19:12 | Human Rights

offsite link UN Human Rights Council Should Address Human Rights Crisis in Cambodia Sat Aug 31, 2019 13:41 | Human Rights

offsite link Fijian women still face Human Rights violations Mon Aug 26, 2019 18:49 | Human Rights

Human Rights in Ireland >>

Cedar Lounge
"A flaky website that purports to be ?leftist,? The Cedar Lounge Revolution, occasionally makes a relevant point or two."

offsite link (Left) saucer fans? 13:29 Sat Jul 04, 2020 | WorldbyStorm

offsite link Flag 11:49 Sat Jul 04, 2020 | WorldbyStorm

offsite link The Other Revolutions: July 4th 11:16 Sat Jul 04, 2020 | WorldbyStorm

offsite link This Weekend I?ll Mostly Be Listening to? Lisa Hannigan and Paul Noonan 07:30 Sat Jul 04, 2020 | irishelectionliterature

offsite link Socialists and left unity in Ireland 2020: Independent Left Reply to People Before Profit 15:42 Fri Jul 03, 2020 | guestposter

Cedar Lounge >>

Dublin Opinion
Life should be full of strangeness, like a rich painting

offsite link Some Thoughts on the Brexit Joint Report 11:50 Sat Dec 09, 2017

offsite link IRISH COMMONWEALTH: TRADE UNIONS AND CIVIL SOCIETY IN THE 21ST CENTURY 14:06 Sat Nov 18, 2017

offsite link Notes for a Book on Money and the Irish State - The Marshall Aid Program 15:10 Sat Apr 02, 2016

offsite link The Financial Crisis:What Have We Learnt? 19:58 Sat Aug 29, 2015

offsite link Money in 35,000 Words or Less 21:34 Sat Aug 22, 2015

Dublin Opinion >>

Zoom's end-to-end encryption isn't actually end-to-end at all. Good thing the PM isn't using it for Cabinet calls.

category international | sci-tech | other press author Sunday May 10, 2020 13:59author by 1 of indy Report this post to the editors

Turns out it is mining all your data on your device

Everyone is using Zoom these days from work conference calls to family chats and quizzes. It's the new shiny star of the Corona-virus era. It is a godsend to save us. Well it turns out it isn't. It's encryption is not true encryption and it just uses TLS which allows the Zoom corporation to intercept and decrypt video chats and other data. TLS is also used by WhatsApp which is owned by Microsoft, so that allows Microsoft to easily mine all the messages from the 1.5 billion or so users.

This report on Zoom comes from the UK Tech Industry well known website TheReigster. Even though the report is from early April it is unlikely most people have been made aware of the full extent of the scandal.

Since then Zoom have no doubt fixed some of the glaring security holes but it is highly likely they not want to stop getting the data they had access to, so it would be reasonable to assume they are still getting it by backdoor means and not transmitting it encrypted so that it will be far harder to uncover

The controversy started when the British PM shared a screenshot of the first Cabinet meeting using Zoom. But that is alright because it would be useful to hear what lies they are promoting.

Here are some key sections of the report

Most notably, the company has been forced to admit that although it explicitly gives users the option to hold an “end-to-end encrypted” conversation and touts end-to-end encryption as a key feature of its service, in fact it offers no such thing.

Specifically, it uses TLS, which underpins HTTPS website connections and is significantly better than nothing. But it most definitely is not end-to-end encryption (E2E). E2E ensures all communications are encrypted between devices so that not even the organization hosting the service has access to the contents of the connection. With TLS, Zoom can intercept and decrypt video chats and other data.

When we say end-to-end...
Despite Zoom offering a meeting host the option to “enable an end-to-end (E2E) encrypted meeting,” and providing a green padlock that claims “Zoom is using an end to end encrypted connection,” it appears that the company is able to access data in transit along that connection, and can also be compelled to provide it to governments. So, it's not E2E

...
Under questioning, a Zoom spokesperson admitted: “Currently, it is not possible to enable E2E encryption for Zoom video meetings. Zoom video meetings use a combination of TCP and UDP. TCP connections are made using TLS and UDP connections are encrypted with AES using a key negotiated over a TLS connection.”

And on Privacy it seems they were sending all sorts of data to Facebook whether you were a Facebook member or not. Oh why did people trust these companies so much is unbelievable

As we reported earlier this month, Zoom granted itself the right to mine your personal data and conference calls to target you with ads, and seemed to have a "creepily chummy" relationship with tracking-based advertisers.

...Speaking of Facebook, Zoom's iOS app sent analytics data to Facebook even if you didn't use Facebook to sign into Zoom, due to the application's use of the social network's Graph API, Vice discovered. The privacy policy stated the software collects profile information when a Facebook account is used to sign into Zoom, though it didn't say anything about what happens if you don't use Facebook.

The full Register article can be found at: https://www.theregister.co.uk/2020/04/01/zoom_spotlight/

Other coverage of the story can be found at:

Zoom iOS App Sends Data to Facebook Even if You Don’t Have a Facebook Account
https://www.vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account

Zoom is Leaking Peoples' Email Addresses and Photos to Strangers
https://www.vice.com/en_us/article/k7e95m/zoom-leaking-email-addresses-photos

2020-059.htm Offsite: Zoom's End-to-End Encryption Isn't
https://www.metzdowd.com/pipermail/cryptography/2020-April/subject.html#start

author by hackpublication date Fri May 29, 2020 01:37author address author phone Report this post to the editors

The biggest problem was zoom saved videos being dumped in publicly accessible amazon data buckets
These could be easily searched due to a predictable naming convention using free online tools.
You can still do this I think!

https://medium.com/@grayhatwarfare/how-to-search-for-open-amazon-s3-buckets-and-their-contents-https-buckets-grayhatwarfare-com-577b7b437e01


try searching for "zoom 0 mp4" for example!! What a total fuckup!

 
© 2001-2020 Independent Media Centre Ireland. Unless otherwise stated by the author, all content is free for non-commercial reuse, reprint, and rebroadcast, on the net and elsewhere. Opinions are those of the contributors and are not necessarily endorsed by Independent Media Centre Ireland. Disclaimer | Privacy