Re: [PLUG] taskbook, Zoom

Keith C. Perry via plug on 18 Jun 2020 11:59:19 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] taskbook, Zoom

From: "Keith C. Perry via plug" <plug@lists.phillylinux.org>
To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Subject: Re: [PLUG] taskbook, Zoom
Date: Thu, 18 Jun 2020 14:58:58 -0400 (EDT)
Reply-to: "Keith C. Perry" <kperry@daotechnologies.com>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
Thread-index: OjWWCaDHiRwbdzEBrkWGA2LvTcN12A==
Thread-topic: taskbook, Zoom

Excellent point, which is why people need prioritize threats.

While I'm positive Verizon could be attacked, the smart thing to do would be to worry about the possible attacks closer in.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ 
Keith C. Perry, MS E.E. 
Managing Member, DAO Technologies LLC 
(O) +1.215.525.4165 x2033 
(M) +1.215.432.5167 
www.daotechnologies.com

----- Original Message -----
From: "Rich Freeman via plug" <plug@lists.phillylinux.org>
To: "jeff" <jeffv@op.net>
Cc: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Sent: Thursday, June 18, 2020 10:53:18 AM
Subject: Re: [PLUG] taskbook, Zoom

On Thu, Jun 18, 2020 at 10:38 AM jeff via plug
<plug@lists.phillylinux.org> wrote:
>
> Zoom decided to encrypt end-to-end, after the yelling.

While I obviously support E2E encryption, I think that people
complaining about this don't have a great grasp on the threat model.

The only people that E2E encryption protects you from are those with
access to the telecom infrastructure.  This is all professionally
managed and unless you are concerned about government spying/etc I
think the risk of an attack here is relatively low.  Of course it is
nonzero and so E2E encryption should be preferred.

What E2E encryption doesn't help with is attacks on the endpoints
themselves - which are probably cellphones or desktop PCs.

Which do you think is more likely?  That some hacker managed to
install a rootkit on somebody's Win10 PC?  Or that some hacker managed
to install a rootkit on some router/switch at Verizon?

My point here isn't so much that you shouldn't care about E2E
encryption.  Rather, my point is that simply having a features
checklist in the software you're using doesn't make you secure.
Usually the weak point in any chain of security is you...

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] taskbook, Zoom
  - From: jeff via plug <plug@lists.phillylinux.org>
- Re: [PLUG] taskbook, Zoom
  - From: Rich Freeman via plug <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] taskbook, Zoom
Next by Date: Re: [PLUG] taskbook, Zoom
Previous by thread: Re: [PLUG] taskbook, Zoom
Next by thread: [PLUG] software news + laptop
Index(es):
- Date
- Thread