[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Zoom- best practice?

On 6/5/20 13:48, Brian wrote:
> On Fri 05 Jun 2020 at 09:28:21 -0700, Peter Ehlert wrote:
>> Family is using Zoom, International.
>> They will use Zoom, and I need to participate.
> Seems straightforward. Just get on with it.
>> I use Debian Mate Stable, and Firefox ESR
>> I am concerned about security, duh!
> Really? Just get on with communicating with your family. That's a bit
> more important than worrying about possible non-existent issues and 
> basing your actions on them.

I'll second this and offer a couple of additional comments.

On Debian Buster with Gnome, pretty vanilla except for google-chrome and
some R packages from r-cran, I downloaded the Zoom .deb package and
installed it [1], as root, in /opt, with no dependency issues that
another responder noted might interfere. The only issue of any
consequence was that on a 15 inch 3840 x 2160 screen, the boxes were
quite small and the print in the window titles and popups was too small
to read w/o a strong magnifier. It took a while, but of searching in
Zoom's FAQs provided a solution [2].

Security issues whooped up in the media seem to fall mostly into one or
more of three boxes:

Affect (or are known to affect) only Macs;

Have been corrected, some quite a while ago;

User error (e. g., setting up for zoom-bombing by failing to use a
password, using an obvious password, or letting the password leak.

Some appear unworthy of much concern, like early use of 128 bit AES for
session encryption. Clearly of interest if a meeting concerns national
security or other public policy matters, or important organization or
personal privacy matters. Most personal/family communications probably
do not involve such things.

Running it in a VM might improve security, although one responder
mentioned sound pass-through as an issue, and setup, at best, would be
more work. Dedicated hardware, if you have it probably would be a better
choice for isolation.

An alternative would be to install Debian and Zoom on a USB key or
drive. I would expect USB2 to be adequate, although maybe a bit sluggish
at times.

You also could put the machine on a guest WiFi to isolate it from other

As with all software, keep it up to date. With Zoom's present rate of
update, that could be as often as before every use. All the other users
also should keep theirs up to date.

Zoom users, of course, should be aware (a) that free subscriptions are
not encrypted end-to-end and (b) Zoom cooperates with law enforcement
agencies, probably meaning that they will allow interception if
presented with an appropriate warrant (in the US; other nations' laws
are different).

Cloud session storage might also be an issue, although the Debian client
session recording appears to be local when activated.

Tom Dial

[1] Using apt install, and the absolute path, instead of dpkg, may have
helped resolve dependencies; I have seen reports to that effect.

[2] scaleFactor=2 in .config/zoomus.conf instead of default scaleFactor=1.

Reply to: