Zoom is bad and you should feel bad

Apparently all of you are diving headlong into the nightmare that is video conferencing, and "Zoom" seems to be the poison of choice these days, so you should know that it's terrible:

Violet Blue:

If, like an overwhelming number of people right now, you're having to use Zoom while working remotely, you should know that the app is a privacy nightmare -- which makes the company pretty evil to be doing invasions and overreach (nonconsensual data grabs) during a horrible pandemic. For example, last year EPIC made an official complaint to the FTC about Zoom's egregious privacy invasions. The problems with this company are not new. ... just read what [Proton Mail wrote about Zoom's privacy and security dumpster fire].

Zoom's privacy page states: "Whether you have Zoom account or not, we may collect Personal Data from or about you when you use or otherwise interact with our Products." This includes, but is not limited to, your physical address, phone number, your job title, credit and debit card information, your Facebook account, your IP address, your OS and device details, and more."

Further, the app allows your boss to spy on you far beyond what's okay in an office setting. From EFF: [...] "Admins have the ability to join any call at any time on their organization's instance of Zoom, without in-the-moment consent or warning for the attendees of the call."

Zoom iOS App Sends Data to Facebook Even if You Don't Have a Facebook Account:

"That's shocking. There is nothing in the privacy policy that addresses that," Pat Walshe, an activist from Privacy Matters who has analyzed Zoom's privacy policy.

The Zoom app notifies Facebook when the user opens the app, details on the user's device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user's device which companies can use to target a user with advertisements.


Update: Oh, it's even worse:

Zoom Meetings Aren't End-To-End Encrypted, Despite Misleading Marketing:

The meeting is secured with end-to-end encryption, at least according to Zoom's website, its security white paper, and the user interface within the app. But despite this misleading marketing, the service actually does not support end-to-end encryption for video and audio content, at least as the term is commonly understood. Instead it offers what is usually called transport encryption. [...]

Without end-to-end encryption, Zoom has the technical ability to spy on private video meetings and could be compelled to hand over recordings of meetings to governments or law enforcement in response to legal requests. While other companies like Google, Facebook, and Microsoft publish transparency reports that describe exactly how many government requests for user data they receive from which countries and how many of those they comply with, Zoom does not publish a transparency report.


Update 2: Schneier has a roundup, where he says, among other things, "using ECB (electronic codebook) mode indicates that there is no one at the company who knows anything about cryptography."

Previously, previously, previously, previously, previously, previously, previously.

Tags: , , , ,

HTTP proxies

Dear Lazyweb, do any free HTTP proxies exist any more? I mean $HTTP_PROXY, not a VPN.

The problem I'm trying to solve: I have scripts that do things like, probe all of the youtube videos I've blogged about to see if they've gone stale, as they so often do.

But recently Youtube has begun putting me on "429 Too Many Requests" probation, no matter how many delays I introduce into my scripts. I can't tell what their limits are and they don't say.

So I just want a simple $HTTP_PROXY that I can use from the command line without having to do ifconfig nonsense or some crazy-assed authentication dance. It does not have to be fast.

Previously, previously, previously.

Tags: , , , , ,

SF Bar Owner to Yelp:

THIS asshole.
"Fuck All of These People Entirely"

Like many business owners across the country, Jamie Zawinski, the owner of SoMa nightclub DNA Lounge, was less than pleased to learn that a partnership between Yelp and GoFundMe meant that the Yelp listing for his business now had a fundraising button on it that he hadn't consented to. "What the fuck?" he said regarding the move in an email to Eater. "Seriously, what the fucking fuck?" [...]

As many of these businesses are down to skeleton crews that are working long hours to keep their life's work alive, its perhaps unsurprising that the first some heard of the program was an email sent by Yelp that told them that the company had launched a fundraiser on their behalf, and that the only way to shut it down would be to "claim" the fundraiser, then follow a set of instructions to close it down. [...]

"Yelp is fucking scum," a San Francisco restaurateur texted Eater SF regarding the GoFundMe move last night. "Do they honestly have time to fuck with this shit right now?" texted another.

When contacted by Eater, a Yelp spokesperson says "we have paused the automatic rollout of this feature," as "it has come to our attention that some businesses did not receive a notification with opt-out instructions."

However, Zawinski did indeed receive the notification -- and that didn't seem to be the issue for him, as much as the rollout without consent. "I don't really have a lot to say about this," Zawinski told Eater, except, "Fuck all of these people entirely... Really, get all the way right up in there and fuck them."

You may recall my 2012 long-form art project entitled, "I would like my business to not be listed on Yelp." Part 1, part 2.

Previously, previously, previously, previously, previously, previously.

Tags: , , , ,

Viral images

(I see what you did there.)

Covert:

To give a little back and hopefully be of some use in education and infomation our team of brilliant designers created these images and short video sequences for you to use 100% free of charge. Forever.

Legal note; We're not scientists. Although we've tried to model Covid-19 as closely as possible using available references, these free assets should be used for illustrative purposes only. No licensing, royalties or any credit is required for their use. Please stay safe.

Previously, previously, previously, previously, previously.

Tags: , , , ,

  • Previously