Zoom sucks, far beyond Zoombombing

Read The Intercept. Or twice.

Or Schneier on Security.

Or Tech Crunch.

Or the Guardian.

Or even NPR.

Or search the Net on your own.

Per Schneier, Zoom sucks three ways. It's a mix of
1. Bad privacy practices.
2. Bad security protections.
3. Bad user configurations.

Reporting your info to Facebook.

Trying to lift info from your LinkedIn.

Those are under No. 1

And, possible Chinese backdoors. Definitely No. 2.

And, of course, Zoombombing. No. 3.

That said, even if the Zoombombing is primarily "user error" on the part of hosts/leaders of meetings, Zoom should have been more proactive on instructing hosts to lock things down and how. And, Zoombombing itself is not just a malicious prank, it's harmful in a number of ways — and if kids under 18 are being shown porn, surely illegal.

I had, for some personal reasons, signed up for a Zoom account. I've made sure I am logged out on both FF and Chrome browsers. Unfortunately, the IT person coordinating the Zoom events that partially motivated my sign-up is largely dismissive. That's all I can say.

I won't accept as an excuse that Zoom has coronavirus growing pains. Per The Intercept, Schneier and others with IT / cybersecurity career backgrounds, many of the things that are wrong about Zoom were flagged a year or two ago.

Is it too harsh to call Zoom malware, as in the Guardian piece? I don't think so. Add in the fact that, per Schneier, its early responses have been "minimum necessary" on actual fixes accompanied by "maximum possible" on corporate PR bullshit and there you go.

Update, April 6: Zoom has apparently pulled back away from requiring meeting passwords. So, their "minimum necessary" was itself a clusterfuck.

==

So, what are the alternatives?

First, contra Margaret Thatcher's infamous TINA, there ARE alternatives.

Alternative No. 1 might be asking if you even need the video conferencing.

Take schools first.

In my local area, all the smaller school districts aren't using non-interactive OR interactive video. They're simply preparing weekly lesson plans and having parents pick it up, either physically or online. Stuff gets turned in online. Yes, the interactiveness is missed.

But, you know what? We're in a new normal.

I mentioned non-interactive video.

For education, option B, since most education, not only at the K-12 level but undergraduate collegiate, is still the good old fashioned lecture? Record teacher lectures and post them on a YouTube channel.

OK, business next.

Slack, and jokes about it being down on Twitter from time to time, has become a backbone of multi-location staff meetings. So just use it more.

"Have to" have video? Double check first.

If you do, there are options.

I just mentioned one. Slack does video calls.

So does Google Hangouts.

Yeah, Google will be spying on you. But, you already knew that. And, it will still have somewhat better privacy than Zoom. And, Google and Slack are known commodities.

It may be harder for a leader to control video calls than a full blown meeting. And these apps may not have things like whiteboards.

You know what? They're good enough.

Support groups?

Kind of similar to businesses, but with added privacy needs.

This isn't that hard, though.

There's text-based meeting apps like Adobe Connect. Or using Google Hangouts. You simply have to tell members of your support group meeting that the meeting is being treated as "closed" and people who aren't members aren't to be invited.

My views on online privacy vs. publicness

Three things, one a few months ago, one a couple of weeks ago, and one earlier this week, prompted this post.

The first was a Facebook thread by Bora Zivkovic of Scientific American about the privacy of emails, i.e., being quoted from them by someone else. I said that journalists should make clear that the emali is for interview purposes, even if from a corporate account, not a personal one, but that at the same time, one shouldn't assume that it's not. I added that, my opinion was that, if it was a private email, not just from or to a journalist, but from a fellow blogger, the email content should not be blogged about in a general way, let alone quoted, unless it's understood in advance that will be the case.

I still hold to that. And, even when I contact someone's corporate email about a corporate action, unless I've made clear in advance that I'm blogging about it, I don't quote the person by name, and I reference the email in as general a way as possible.

The second was a Facebook post by Dan Fincke, connected to a long blog post of his. It was primarily about online civility in comments on Facebook and blog comment threads. I don't do a lot of censoring (using that word colloquially, as I am not a government agent) but do reserve the right to terminate comment threads here or on Facebook. Since this blog is on moderation because of a rise in spam, that's easy here.

But it also led me to observations about privacy in social media, which connects to Bora, who is SciAm's blog editor.

On Facebook, I never post to "public." It's normally "friends of friends," though it may be tighter than that. Given stories about current and potential future employers poring through Facebook is one reason. Doing anything I can to slow down Dear Leader and the NSA is another.

If you never post to public, I treat your comments on Facebook just as confidentially as an email between two private individuals. Ditto for FB messenging.

On the flip side, if your status is normally posting in "public," I'm less likely to comment on your posts. Much less likely.

I have various lists, too, like "skeptical friends" and others. Sometimes I post just to them. I also have lists like "very religious friends," in case I wants some people NOT to see some of my posts.

On Google Plus, I normally post as "public," mainly because it's much less popular than FB. However, it is a Google product, making it more readily searchable. Plus, Google is trying more and more to force G+ upon more of us as a cross-Google platform universal ID, including for here at Blogger, which I resist.

Anyway, otherwise, privacy rules there are similar to Facebook.

Twitter? It's public by its very nature. You respond to a Tweet by me, unless you deliberately make it private, it's fair game. Likewise for what I send you.

The third relates to the header of this post's "versus."

Any corporate email address is public. I don't post private email addresses on FB or G+, but have no problem with doing that with corporate addys on either one, or here in this blog. Unfortunately, I ran into an unexpected difference of opinion with someone somewhere.

That's all I can say about what happened.

But, on my side of the road, I can say that a corporate address, especially when it's publicly posted on a corporate website? It seems ... I'm sorry, it seems ridiculous, there's no other word for it, to consider that private information. Why do we have corporate websites and email, otherwise? Even more so given the specific nature of the specific corporate email address, and the situation behind it, that led to me discovering this difference of opinion. And, that's all I can say about that.

That said, some things, like that last paragraph, are judgment calls. The other person in this situation may even feel that what I just said is too much. But, that too is part of my judgment call. I did not write the graf just about out of a passive-aggressive stance, (which I may have done when I reposted one of the links from his FB thread, with the particular person's email address in my first comment) but because as the third point of issue, following those two above, I decided I needed to write this.

Anyway, I am curious about other people's stances. Overall, I'm not a Luddite about the Net, privacy issues included, but as a regular blogger about "the dark side of the Internet," I do always cut the cards.

===

And, one note, re corporate email addresses. If I contact you, and am blogging about it, and you don't respond, I treat it just like a "no comment" or "refused to respond" for a newspaper story. The non-response gets mentioned.

I didn't mention LinkedIn. I do NOT use it as a "social media" site. I have an account because it's become semi-de rigeur for job seekers to have one. I use it for that purpose ONLY, and loathe how it's tried to make itself into something more.

Oct. 24, 2013: LinkedIn's latest spamminess? This idea of intruding into your personal email flow. 

Facebook admits to "playing around with you"

Marky Mark Zuckerberg has FINALLY agreed to a privacy rights settlement with the Federal Trade Commission. The Facebook founder officially admits to doing what we all know he's been doing: changing privacy setting and other things on accounts without user permission. So, maybe you or I don't read those terms of service agreements, but, in some cases, the people who write them just ignore them.

Coming on top of the FTC's settlement with Google last year, over Buzz, this is good news for all of us. And, while it doesn't go so far as to view social networking (or the Internet in general) as a quasi-utility, multiple settlements set some sort of precedent.

#JeffJarvis craps out another book - of crap

Mr. Google fluffer and new media fluffer is now saying don't worry about privacy online in his latest book, reviewed by CNN.

Well, Jeff Jarvis is about as insightful, and right, on new media, as Jay Rosen, which is to say bupkis. And, his head is buried so far up Google I've rhetorically asked before if Larry Paige and/or Sergey Brin actually pay him.

Jarvis then apparently excuses the privacy fears of our brave new online world, the book notes, by way of a bad analogy:

At best, Public Parts is a reminder that when any new technology is introduced -- be it the growing social capabilities of the Internet or the movable type of the printing press -- the immediate reaction is often fear. Jarvis points out that the earliest books were riddled with errors. These printed mistakes could suddenly spread widely and therefore they were considered to be more dangerous to society.

Jarvis' claim that errors are OK because "early books were riddled with errors"? What bullshit. Errors improved. People came to expect better.

Let's try this at the Challenger hearings.

Well, Dr. Feynmann, it's OK for O-rings today to be brittle in cold weather because early ones were.

Now, that said, Jarvis is actually apparently analogizing from errors in early books to worries about any new technology. And, it's a crappy analogy. For one thing, errors had little to do with the "fear" of the new technology. Second, books didn't affect privacy circa 1500.

Those of us concerned about privacy expect it to get better in the future. We don't expect excuse-making instead, or claims we should flaunt ourselves online.

And that's key to the "meat" of the book, per CNN. If you're in a "secure" place financially and socially, like Jarvis, you can be more of an online "exhibitionist" than otherwise.

If you're a person worried about what your employer might see you writing on Facebook or Google+, or blogging, you'd like more privacy. If you're a person worried about telecommunications laws and the government forcing such private entities to turn over information, you'd definitely like more privacy. (Maybe TSA, reading about Jarvis, will give his cancer-treatment-treated prostate an extra fondling next time he flies.)

Anyway, I read one Jarvis book; that's enough to last me three or four lifetimes.

HTML5 has a downside

That is, its cookies and possible privacy snooping. Businesses will be able to gather a lot more information about our online habits, site visits, etc.

Of course, the option is to individually allow cookies. But, what if that makes sites even harder to load?

The Internet - is it destroying the ability to forget?

Jeffrey Rosen says that in some ways, the answer is "yes," with a variety of unfortunate consequences.javascript:void(0)

Tech roundup – until death do you blog and stopping Net snooping

When two people die from what might be diagnosable as blogging-related stress (irony alert here?) you have to wonder a bit, don’t you?

Meanwhile, what’s the best way to stop your ISP, Google advertisers and the online version of your newspaper from snooping on you with their cookies? Adapt the do-not-call idea from telephones to a do-not-cookie system, set up as opt-in (to receive cookies) rather than opt-out.

Don’t think I like Google’s “flag” button on Blogger

I don’t know if it’s new to the Beta upgrade, or if the earlier version of Blogger had it.

But, it sounds a little bit chilling. Who’s defining what’s “objectionable”? James Dobson? The Taliban? Dick Cheney?

Sergey, et al, will you just get rid of this and show you’re not in the process of becoming “just another company”?