Hello SSR2 Review Team, As mentioned on last week’s plenary regarding the Zoom issue for Mac devices, please view the following post; https://www.icann.org/news/blog/known-zoom-vulnerabilities. With kind regards, Brenda --- Brenda Brewer, Projects & Operations Assistant Multistakeholder Strategy & Strategic Initiatives (MSSI) Internet Corporation for Assigned Names and Numbers (ICANN) Skype: brenda.brewer.icann
The correct URL is (no period): https://www.icann.org/news/blog/known-zoom-vulnerabilities I will not be using Zoom. This was not a security flaw that resulted from a programming mistake. Storing an application with access to the camera and microphone in a hidden directory is a violation of trust. To make matters worse, the hidden application kept running even after the Zoom session ended. Russ
On Jul 16, 2019, at 2:52 PM, MSSI Secretariat <mssi-secretariat@icann.org> wrote:
Hello SSR2 Review Team,
As mentioned on last week’s plenary regarding the Zoom issue for Mac devices, please view the following post; https://www.icann.org/news/blog/known-zoom-vulnerabilities. <https://www.icann.org/news/blog/known-zoom-vulnerabilities.>
With kind regards, Brenda --- Brenda Brewer, Projects & Operations Assistant Multistakeholder Strategy & Strategic Initiatives (MSSI) Internet Corporation for Assigned Names and Numbers (ICANN) Skype: brenda.brewer.icann
Russ,
On 16 Jul 2019, at 19:49, Russ Housley <housley@vigilsec.com> wrote:
The correct URL is (no period):
https://www.icann.org/news/blog/known-zoom-vulnerabilities <https://www.icann.org/news/blog/known-zoom-vulnerabilities>
I will not be using Zoom. This was not a security flaw that resulted from a programming mistake. Storing an application with access to the camera and microphone in a hidden directory is a violation of trust. To make matters worse, the hidden application kept running even after the Zoom session ended.
I share your concerns, especially after reading the confession below: https://blog.zoom.us/wordpress/2019/07/10/security-update-and-our-ongoing-ef... ------ To Our Valued Customers: Earlier this week, a security researcher published a blog highlighting concerns with aspects of the Zoom platform. In engaging this researcher over the past 90 days, we misjudged the situation and did not respond quickly enough — and that’s on us. We take full ownership and we’ve learned a great deal. What I can tell you is that we take user security incredibly seriously and we are wholeheartedly committed to doing right by our users. —— The ICANN blog said Engineering and IT quality this as moderate and even invoke low risk. May be we should heard more from them. Thanks —Alain
Russ
On Jul 16, 2019, at 2:52 PM, MSSI Secretariat <mssi-secretariat@icann.org> wrote:
Hello SSR2 Review Team,
As mentioned on last week’s plenary regarding the Zoom issue for Mac devices, please view the following post; https://www.icann.org/news/blog/known-zoom-vulnerabilities. <https://www.icann.org/news/blog/known-zoom-vulnerabilities.>
With kind regards, Brenda --- Brenda Brewer, Projects & Operations Assistant Multistakeholder Strategy & Strategic Initiatives (MSSI) Internet Corporation for Assigned Names and Numbers (ICANN) Skype: brenda.brewer.icann
Ssr2-review mailing list Ssr2-review@icann.org https://mm.icann.org/mailman/listinfo/ssr2-review
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
participants (3)
-
ALAIN AINA -
MSSI Secretariat -
Russ Housley