10 Zoom Tricks That Will Tu... by Angelica Leight on Scribd
Saturday, April 25, 2020
Wednesday, April 22, 2020
Zoom security: Your meetings will be safe and secure if you do these 10 things By Charlie Osborne for Zero Day
As the novel coronavirus spread across the globe, the business landscape was forced to make a number of swift changes.
Lockdowns and social isolation measures, restricted travel, and the closure of firms not considered to be "essential" services proved to be a catalyst for home working, of which many of us were woefully unprepared to accommodate.
At the time of writing, there are 1.9 million coronavirus cases worldwide. The United States, Spain, Italy, and France are the hardest hit.
Stringent measures that prevent employees from going into offices have required many companies, large and small, to adopt remote and virtual alternatives to stop operations from grinding to a complete halt.
Email and the use of Virtual Private Networks (VPNs) aren't enough; workers and management need to be able to hold meetings, too.
There is a range of virtual conference solutions out there, including Skype, Microsoft Teams, BlueJeans, and GoToMeeting. (ZDNet's top enterprise picks can be accessed here).
Enter Zoom.
A few weeks ago -- although it may seem like a lifetime -- Zoom was not a well-known virtual conference option in the enterprise space. Almost overnight, however, it seemed everyone had adopted the platform as the go-to option to hold lessons, business meetings, and sensitive discussions.
Over 2020, the company has added 2.2 million new monthly users, outstripping the entire 2019 new user base of 1.19 million.
Zoom's explosive surge in popularity, however, has created security ramifications. You could almost feel sorry for the company -- with its unexpected growth, the spotlight has also been shone on Zoom's security practices, some of which have fallen short of modern expectations.
In July 2019, a researcher disclosed a severe security issue in which Zoom opened up webcams to persistent spying and compromise; a bug that stayed in place even if the software was uninstalled due to a leftover local web server.
Now, more issues have been uncovered, including security flaws in the Windows 10 build of the platform's software, iPhone user data being sent to Facebook whether or not they had an account with the social media network, and a bug in URL generation that permitted attackers to eavesdrop on private conferences.
Zoom has also acknowledged that the company's "end to end encryption" marketing practices masked the truth. AES-256 encryption was meant to be implemented to keep video calls secure, but instead, a substandard AES-128 key in ECB mode was actually in use. Encryption remains a sticking point that the company insists it is working on.
Google, SpaceX, the New York City Department of Education, the Taiwanese, Australian, and German governments, to name but a few agencies, have banned employees from using the software until Zoom's security posture improves.
Zoom has tried to clean up its act, and quickly. To try and prevent Zoom-bombing -- the hijack of meetings and a practice the US Department of Justice recently deemed a crime -- meeting ID numbers will no longer be shown in address bars.
A dedicated security tab has also been introduced to streamline the process of changing security settings for hosts and meeting attendees.
Zoom has also promised an upcoming change to where data is stored. Starting April 18, paid subscribers can opt-in or out of specific data center regions. China, too, has been geofenced to stop information outside of the country from being transferred to the area.
We've covered the basics and some useful tips for experienced users in a guide here. To maintain the security of your next meeting, our recommendations are below:
1. PASSWORD PROTECT YOUR MEETINGS
The simplest way to prevent unwanted attendees and hijacking is to set a password for your meeting. Passwords can be set at the individual meeting, user, group, or account level for all sessions. In order to do so, first sign in with your account at the Zoom web portal. If you want to set up a password at the individual meeting level, head straight over to the "Settings" tab and enable "Require a password when scheduling new meetings", which will ensure a password will be generated when a meeting is scheduled. All participants require the password to join the meeting. Subscription holders can also choose to go into "Group Management" to require that everyone follows the same password practices.
2. AUTHENTICATE USERS
When creating a new event, you should choose to only allow signed-in users to participate.
3. JOIN BEFORE HOST
Do not allow others to join a meeting before you, as the host, have arrived. You can enforce this setting for a group under "Account Settings."
4. LOCK DOWN YOUR MEETING
Once a session has begun, head over to the "Manage Participants" tab, click "More," and choose to "lock" your meeting as soon as every expected participant has arrived. This will prevent others from joining even if meeting IDs or access details have been leaked.
5. TURN OFF PARTICIPANT SCREEN SHARING
No-one wants to see pornographic material shared by a Zoom bomber, and so disabling the ability for meeting attendees to share their screens is worthwhile. This option can be accessed from the new "Security" tab in active sessions.
6. USE A RANDOMLY-GENERATED ID
You should not use your personal meeting ID if possible, as this could pave the way for pranksters or attackers that know it to disrupt online sessions. Instead, choose a randomly generated ID for meetings when creating a new event. In addition, you should not share your personal ID publicly.
7. USE WAITING ROOMS
The Waiting Room feature is a way to screen participants before they are allowed to enter a meeting. While legitimately useful for purposes including interviews or virtual office hours, this also gives hosts greater control over session security.
8. AVOID FILE SHARING
Be careful with the file-sharing feature of meetings, especially if users that you don't recognize are sending content across, as it may be malicious. Instead, share material using a trusted service such as Box or Google Drive. At the time of writing, Zoom has disabled this feature anyway due to a "potential security vulnerability."
9. REMOVE NUISANCE ATTENDEES
If you find that someone is disrupting a meeting, you can kick them out under the "Participants" tab. Hover over the name, click "More," and remove them. You can also make sure they cannot rejoin by disabling "Allow Removed Participants to Rejoin" under the "Settings: Meetings - Basic" tab.
10. CHECK FOR UPDATES
As security issues crop up and patches are deployed or functions are disabled, you should make sure you have the latest build. In order to check, open the desktop application, click on your profile in the top-right, and select "Check for updates."
The new iPhone SE shows Apple's other phones were overpriced all along by Igor Bonifacic
When Google unveiled the Pixel 3a last year, it left a lot of Pixel 3 owners asking themselves if their phone was really worth $800. After all, here was a device that included most of the Pixel 3's best features for $400. Following Apple’s announcement today of the new iPhone SE, it's likely there are a lot of iPhone 11 and iPhone 11 Pro owners asking themselves the same question, and for many of the same reasons.
If you haven't read our news post about the SE, here's the quick and dirty on Apple's latest phone. With a base price of $400 for the 64GB model, you get the company's most recent A13 Bionic processor in what is essentially the body of an iPhone 8. As such, it comes with pre-iPhone X standbys like a 4.7-inch LCD Retina display, Touch ID and an aluminum outer shell. For taking photos, the iPhone SE includes a single 12-megapixel rear camera and a 7-megapixel front-facing camera for selfies. Besides additional telephoto and wide-angle lenses, what you'll forfeit by choosing the SE instead over the iPhone 11 or 11 Pro is Night mode for improved low-light photography.
Looking at other parts of the iPhone SE spec sheet, what's notable here is that Apple also didn't cut corners in a lot of places Android manufacturers typically do. With the SE, you get a device that includes wireless charging and an IP67 rating for water and dust-resistance -- two features that are missing from the Pixel 3a and even the recently announced OnePlus 8. Moreover, while it might not have a high-resolution OLED display like the iPhone 11 Pro and 11 Pro Max, it's hardly a cheap screen either; you still get access to Apple's True Tone technology and DCI-P3 wide color gamut support.
Apple could have also gone back to some of its worst past inclinations and made the higher storage configurations significantly more expensive, but it showed restraint there too. If you want the 128GB model, it's only $49 extra. Meanwhile, you'll pay a $149 premium to own the 256GB model.
At least on paper, the new iPhone SE doesn't feel like it will be a significant step down from its more expensive siblings. More so than any other iPhone before it, the SE shows Apple's other iPhones cost too much. Yes, there's something to be said about the fact the SE won't have the best camera setup, the most modern display or the biggest battery. But it also makes a compelling argument that those things shouldn't cost $1,000 or more.
To some extent, all manufacturers are guilty of pricing their high-end devices higher than they should (see Google, for example), but Apple has consistently been among the worst offenders. When Engadget's Chris Velazco reviewed the iPhone 11, he said it "might not be the "best" iPhone, but it's still the better choice for almost everyone." We'll have to see how he feels about the SE and, in particular, its camera, but he may have to revise that recommendation.
Apple iPhone SE review (2020): Great phone, even better price by Chris Velazco
Every September, just like clockwork, Apple reveals a handful of new high-end phones. If this year’s rumors hold true — and if the company’s plans don’t get delayed — its 2020 flagships will come with super-fast new processors, LiDAR sensors for better depth detection and new designs inspired by the iPad Pro. They will cost a lot of money, and they’ll probably be great. I mention this because, despite everything the new devices will bring to the table, the new iPhone SE might be the most important phone Apple releases this year.
It’s not just because the iPhone SE is cheap, though it certainly is: The base model costs only $399. No, what makes the SE so valuable is that it doesn’t act like a $399 phone. The iPhone SE isn’t just a good deal — it’s a big deal. For people clinging to ancient phones because new ones are too large, too expensive or too gimmicky, the iPhone SE is the right phone at the right time at the right price.
Engadget Score
Pros
- Incredible value
- Flagship-level performance
- Surprisingly good camera
- A13 chipset gives iOS room to grow
Cons
- Dated design
- Battery life is only OK
- Camera doesn't have a Night mode
Summary
Building a $400 phone is an exercise in compromise, and the iPhone SE certainly has its share. Despite that, Apple's smallest, cheapest smartphone offers tremendous performance for the price. It won't make sense for everyone, but people who value power and practicality over everything else won't find this kind of bang for the buck anywhere else.
