Browser comparison chart by Zoom here.
When was the last time you used the browser? I remember reading that in order to prevent people kicked from meetings to re-enter, they were somehow limiting usage of browser logins.
This has since been removed.
Yes, this was later reported (and discussed in this thread) days after that post was made. 
Yup. Sorry, I should really read the entire thread before replying when catching up on long conversations.
1 Like
I canât blame you; I posted a lot of words. Read every third one to get a secret message about how Zoom is causing the pandemic 
2 Likes
You mentioned that you had to roll out zoom very quickly, which is understandable given the current climate. If so, did you really have adequate time to evaluate all of the competition?
From a cyber perspective, zoomâs missteps are inexcusable. Your stock is through the roof and youâre looking for ad revenue? Sending data to China? These arenât from a culture of moving fast. They went as far as using email domains to verify users of the same company. So ISP customers had access to each otherâs data. This isnât being agile, this is at BEST neglect.
When someone shows you who they are you should believe them. Like Apple, Tesla, and others, most of my customers have banned zoom from their environments.
The answer to that question is always no, no matter the time involved 
Seriously though, we have extensive experience with Bluejeans, some with WebEx, and we have a Jitsi server running. None of those met our requirements, particularly around usability and scalability. It is difficult to overstate the importance of usability in circumstances such as these, when drastic changes in work happen almost instantly.
As far as data residency requirements go, only Amazon and Zoom would even acknowledge us (Microsoft certainly wonât, which is too bad because Teams would solve a lot of issues for us). We tried Amazon Chime first and found it to be very much lacking in terms of quality for larger meetings.
I wonât drearily repeat everything that Iâve already written, but I will say again that given the constraints and requirements, Zoom was and remains the best choice for us, a decision that was informed by an analysis of risks vs benefits. That may change at any time.
Another bit of opinion:
Speaking as an IT security professional: The quality of news and reporting covering this field is abysmal. The sensationalism sells views but is often misleading at best. This is made worse by many of the prominent experts in the field who are more about self-promotion than providing useful commentary. There are, of course, exceptions.
The Risky Business podcast has a good take on the Zoom issue in the news segment of episode 578.
3 Likes
Last Friday the US Senate sergeant at armsâ cybersecurity division wrote in an email to Senate offices that Zoom and MaestroConference have been âissued a high-risk noticeâ and pose the threat of âpotential compromise of systems and loss of data, interruptions during a conference, and lack of privacy.â
Also, the Federal Risk and Authorization Management Program and DHSâ Cybersecurity and Infrastructure Security Agency each advised agencies not to use either Zoomâs free or commercial service. Pentagon rules now state that Service members, contractors and civilians can no longer use Zoom in an official capacity.
Also last week, Immigration and Customs Enforcement officials advised employees against using Zoom, saying in a memo that the client softwareâs vulnerability, âputs shared mission or sensitive data, the video feed, and audio feeds in jeopardy of eavesdropping, possibly recording, and defacement.â ICE staff was directed to use Skype or Microsoft Teams for video calling to both internal and external users. ICE, and is also implementing WebEx for larger video conferencing needs.
Good article on on the warning signs of Zoomâs risks.
Zoomâs defenders have said it could not have anticipated the security problems resulting from people flocking to its platform in a pandemic. But it turns out its business customers complained about such issues for ages.
Many companies have bug-bounty programs that pay hackers to find security flaws in their own software. But it was Zoomâs business partner Dropbox that instituted a private bug-bounty program that offered hackers rewards to find security problems with software from Zoom - Zoom security was so bad Dropbox itself paid for disclosures(!) when Zoom didnât: âThe former Dropbox engineers said they were stunned by the volume and severity of the security flaws that hackers discovered in Zoomâs code - and troubled by Zoomâs slowness in fixing themâ. Basically, Dropbox engineers said Zoomâs security woes can be traced back two years or more, and they argued that the companyâs failure to overhaul its security practices back then put its business clients at risk.
It would be lovely if the company was able to turn on a dime and just âfix the problemâ, but thatâs not gonna happen during this pandemic. No one should use Zoom for anything sensitive (yes, business meetings count), and no one should install the software on their main OS. If you have to use it due to circumstances without your control, just use the web client.
Except many web meetings require password logins to prevent Zoom Bombings and web clients are banned (keeps people kicked out from easily logging back in with alt creds). This happened to me yesterday, in fact, so I had to resort to using my sandboxed iPhone app.
A simpler heuristic might be: If you are asking on the Internet and taking the advice of people you didnât pay to give it, then Zoom is probably fine for you to use. If youreâ doing things that itâs not suited for, you should have a pro in your employ to tell you that 
Which apparently now includes discussing authoritarian governments.
Critics of the Chinese government, including protest leaders in Hong Kong and pro-democracy activists in the US, say Zoom shut their accounts under pressure from Beijing. Zoom acknowledged today that âa few recent meetingsâ related to China have been ânegatively impactedâ and âdisruptedâ.
I think Schneier has a good take on Zoom: https://www.schneier.com/blog/archives/2020/04/secure_internet.html
Schneier doesnât address political influence that China is exerting, merely the old security lapses (and influence that China has on programmers in its country working on international software, about which no one should be naive). This is different, and new - a new type of unacceptable behavior, I think.
More color: a US-based non-profit called Humanitarian China had a (paid) Zoom account. On June 4th, after holding an event commemorating the 31st anniversary of Tiananmen, Zoom closed their account and havenât answered emails from the group or answered requests for comment from the press.
Zoom originally said it did so âto comply with local lawâ but the user was in the US (as is Zoomâs HQ); âlocal lawâ is an Orwellian obfuscation of âChinese lawâ.
So Iâm using ZOOM for teaching as some classes are home. Itâs great for that. But, some students find it fun to hand-out the link and password to other kids who are not part of the school and who then enter the session saying bad stuff and writing bad stuff to other kids.
- Iâve turned on the waiting room
- Iâve now decided that everyone must have their cameras on, if theyâre not on then they are ejected again
- I turn off all their microphones as well and they canât turn them on
Are there any other security precautions one could take here with ZOOM?
Stop using it? 
Just kidding.