GOOD LORD - so it turns out that @zoom_us sent your PII to @Facebook with OUT your consent or knowledge
If you used Zoom’s iOS that company sent FB the following - according to a class action suit filed today
https://ecf.cand.uscourts.gov/doc1/035019121308?caseid=357352
If you used Zoom’s iOS that company sent FB the following - according to a class action suit filed today
https://ecf.cand.uscourts.gov/doc1/035019121308?caseid=357352
HOLY CRAP - and it turns out that @zoom_us isn’t even end to end encrypted
Holy BALLs - dear Zoom good luck with the FTC, FCC & SEC regulatory-shit-tsunami headed your way
Zoom isn’t actually end-to-end encrypted https://www.theverge.com/2020/3/31/21201234/zoom-end-to-end-encryption-video-chats-meetings
Holy BALLs - dear Zoom good luck with the FTC, FCC & SEC regulatory-shit-tsunami headed your way
Zoom isn’t actually end-to-end encrypted https://www.theverge.com/2020/3/31/21201234/zoom-end-to-end-encryption-video-chats-meetings
HOLY CRAP @zoom_us 404’d their June 2019 white paper incorporated in to the the newly filed class action
You guys
You made your issue WORSE, discovery, specifically ROGs will not be fun, at all
404’d where did you go?
https://zoom.us/docs/doc/Zoom-Security-White-
Complaint
https://ecf.cand.uscourts.gov/doc1/035019121308?caseid=357352
You guys
You made your issue WORSE, discovery, specifically ROGs will not be fun, at all
404’d where did you go?
https://zoom.us/docs/doc/Zoom-Security-White-
Complaint
https://ecf.cand.uscourts.gov/doc1/035019121308?caseid=357352
WTFINGF holy CRAP
“...user’s device, such as the model, time zone and city from which they were connecting, which phone carrier they were using, and a unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements...”
“...user’s device, such as the model, time zone and city from which they were connecting, which phone carrier they were using, and a unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements...”
Here I saved you a couple of bucks - and uploaded the Class Action Complaint to a public drive.
I’m gobsmacked - this is bad, very very bad
cc @antonejohnson @IdeaGov @lauferlaw https://drive.google.com/file/d/1utrCNVLLNRcwIHrpTmFr88lt3F2vkYQ9/view?usp=drivesdk
I’m gobsmacked - this is bad, very very bad
cc @antonejohnson @IdeaGov @lauferlaw https://drive.google.com/file/d/1utrCNVLLNRcwIHrpTmFr88lt3F2vkYQ9/view?usp=drivesdk
I rarely tell you what to do - it’s NONE of my business
Notwithstanding I told (one of my littles) classroom parents to uninstall the zoom app RIGHT BOOKING NOW
Why?
Read these paragraphs, that’s why. This is a total invasion of privacy & consumer trust
https://drive.google.com/file/d/1utrCNVLLNRcwIHrpTmFr88lt3F2vkYQ9/view?usp=drivesdk
Notwithstanding I told (one of my littles) classroom parents to uninstall the zoom app RIGHT BOOKING NOW
Why?
Read these paragraphs, that’s why. This is a total invasion of privacy & consumer trust
https://drive.google.com/file/d/1utrCNVLLNRcwIHrpTmFr88lt3F2vkYQ9/view?usp=drivesdk
Since Zoom 404’d the June 2019 White Paper. In the spirit of being “fair” I was able to locate their “security white paper” which might be the white paper incorporated in the Class Action Complaint
https://zoom.us/docs/doc/Zoom-Security-White-Paper.pdf
Public Drive - just in case
https://drive.google.com/file/d/1nVK53zQ6dHFjELJ-yAbTWRfRph6PgPP7/view?usp=drivesdk
https://zoom.us/docs/doc/Zoom-Security-White-Paper.pdf
Public Drive - just in case
https://drive.google.com/file/d/1nVK53zQ6dHFjELJ-yAbTWRfRph6PgPP7/view?usp=drivesdk
yesterday the FBI pushed this PSA
“ZOOM-BOMBING”
FBI Warns of TVC & Online Classroom Hijacking During COVID-19 Pandemic
https://www.fbi.gov/contact-us/field-offices/boston/news/press-releases/fbi-warns-of-teleconferencing-and-online-classroom-hijacking-during-covid-19-pandemic
Cyber Crime http://ic3.gov
specific threat during VTC or online classroom
http://tips.fbi.gov
FBI Boston at (857) 386-2000
“ZOOM-BOMBING”
FBI Warns of TVC & Online Classroom Hijacking During COVID-19 Pandemic
https://www.fbi.gov/contact-us/field-offices/boston/news/press-releases/fbi-warns-of-teleconferencing-and-online-classroom-hijacking-during-covid-19-pandemic
Cyber Crime http://ic3.gov
specific threat during VTC or online classroom
http://tips.fbi.gov
FBI Boston at (857) 386-2000
I’m intellectually honest enough to say the Zoom-Bombing was NOT on my COVID-19 Bingo card so I’m clearly WAY behind.
Should you want deeper & substantive reporting check out @dhh and his thread.
(see next tweet) https://twitter.com/dhh/status/1245097507488583681?s=20
Should you want deeper & substantive reporting check out @dhh and his thread.
(see next tweet) https://twitter.com/dhh/status/1245097507488583681?s=20
If you recall last week I was gently trying to signal that with the astronomic spike in tele-work/education that you are unwittingly making yourself (& your employer) more vulnerable. My employer/client take their IT security protocols seriously
thread
https://twitter.com/File411/status/1242863491725381633?s=20


GOOD GOD
- @zoom_us all of your skeletons are going to come tumbling out BAD SO BAD
“two "zero-day exploits" inside Zoom.local user without root access, or the ability to fully control the machine, the ability to add malicious code to the Zoom installer” https://www.inc.com/don-reisinger/zoom-bug-gives-hackers-full-control-over-computers.html
- @zoom_us all of your skeletons are going to come tumbling out BAD SO BAD
“two "zero-day exploits" inside Zoom.local user without root access, or the ability to fully control the machine, the ability to add malicious code to the Zoom installer” https://www.inc.com/don-reisinger/zoom-bug-gives-hackers-full-control-over-computers.html
Now this is why one must read the whole article.
Focus on the desktop environment, imagine if you will this “bug” & zero-day exploits matriculates to the iOS & Zoom apps
All bets are off - forget SMS spoofing the enormity if Zoom’s Security flaws UNINSTALL IT NOW
See files 3.2..
Focus on the desktop environment, imagine if you will this “bug” & zero-day exploits matriculates to the iOS & Zoom apps
All bets are off - forget SMS spoofing the enormity if Zoom’s Security flaws UNINSTALL IT NOW
See files 3.2..
This should give you significant pause. Imagine how easy it was for hackers to exploit Zoom’s lax Security.
Now imagine all the chats, scheduling etc for Zoom’s healthcare App
Once a hacker is in they are in & by all appearances Zoom doesn’t GAF
https://apps.apple.com/us/app/zoom-care/id1070287228
Now imagine all the chats, scheduling etc for Zoom’s healthcare App
Once a hacker is in they are in & by all appearances Zoom doesn’t GAF
https://apps.apple.com/us/app/zoom-care/id1070287228
Shall I keep going?
Setting aside the fact that Zoom+Health hasn’t updated in years. Granted the “effective date” is September 2017
Maybe we should ask; has Zoom sold their data scraping to big pharma?
https://www.zoomcare.com/info/privacy-statement
Setting aside the fact that Zoom+Health hasn’t updated in years. Granted the “effective date” is September 2017
Maybe we should ask; has Zoom sold their data scraping to big pharma?
https://www.zoomcare.com/info/privacy-statement
Ms Bawa Esq
I’m pretty sure the DC Alphabet Soup is coming
FBI <48 hrs ago Alert sent
FTC -COPPA baby & data privacy
SEC -fraudulent filings
FCC - take your pick
House Energy & Comm
Hackers crashed AA meetings, Religious groups, posted Porn in K-12 DL
https://zoom.us/privacy
I’m pretty sure the DC Alphabet Soup is coming
FBI <48 hrs ago Alert sent
FTC -COPPA baby & data privacy
SEC -fraudulent filings
FCC - take your pick
House Energy & Comm
Hackers crashed AA meetings, Religious groups, posted Porn in K-12 DL
https://zoom.us/privacy
I’m curious of you Zoom app are you guys using the same TikToc source code?
Shittlestix was that out loud.
Also the plug-ins can you assure users that a hacker can’t inject or inject your API?
Double shittlestix was that out loud?
ProTip - hire a decent crisis Mgmt law firm STAT
Shittlestix was that out loud.
Also the plug-ins can you assure users that a hacker can’t inject or inject your API?
Double shittlestix was that out loud?
ProTip - hire a decent crisis Mgmt law firm STAT
This is basic Crisis Mgmt 101
Step 1 acknowledge the concern
Step 2 give concrete remediation plans w a MTTR
Step 3 apologies say “customer trust is valuable, we @zoom_us broke that trust”
Step 4 lying in blog post, SEC will excoriate you
DO BETTER
https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/
Step 1 acknowledge the concern
Step 2 give concrete remediation plans w a MTTR
Step 3 apologies say “customer trust is valuable, we @zoom_us broke that trust”
Step 4 lying in blog post, SEC will excoriate you


Zoom
Apology NOT ACCEPTED
I was willing to give you a pass for some of the hacks.
Your insufficient “security protocols” (which are well known) a hacker exposed his junk to kids
UNINSTALL NOW
Man exposes himself after hacking into online Florida class https://apnews.com/e84932b63c3d6d1b3384e90a0ff8af96
Apology NOT ACCEPTED
I was willing to give you a pass for some of the hacks.
Your insufficient “security protocols” (which are well known) a hacker exposed his junk to kids
UNINSTALL NOW
Man exposes himself after hacking into online Florida class https://apnews.com/e84932b63c3d6d1b3384e90a0ff8af96
If you’re STILL using Zoom - we can’t be twitter or IRL friends.
Ask zoom about where their backup servers are
-cough China
-cough Canada
-cough Ireland
Thousands of Zoom video calls left exposed on open Web https://www.washingtonpost.com/technology/2020/04/03/thousands-zoom-video-calls-left-exposed-open-web/
ht @leesgirl9 https://zoom.us/zoomconference
Ask zoom about where their backup servers are
-cough China
-cough Canada
-cough Ireland
Thousands of Zoom video calls left exposed on open Web https://www.washingtonpost.com/technology/2020/04/03/thousands-zoom-video-calls-left-exposed-open-web/
ht @leesgirl9 https://zoom.us/zoomconference
If your Government (looking at you Donald-Duck) is STILL using Zoom
Pull your heads out forthwith
UNINSTALL THAT SHIT RIGHT BOOKING NOW
BBC News - Zoom 'unsuitable' for government secrets, researchers ‘say https://www.bbc.com/news/technology-52152025
Pull your heads out forthwith
UNINSTALL THAT SHIT RIGHT BOOKING NOW
BBC News - Zoom 'unsuitable' for government secrets, researchers ‘say https://www.bbc.com/news/technology-52152025
“mistakenly” so NOT even remotely TRUE...but weird didn’t someone say YO ask Zoom where their data is stored & which cloud.
cc @911CORLEBRA777 @IdeaGov @karolcummins
Zoom admits user data ‘mistakenly’ routed through China https://www.ft.com/content/2fc518e0-26cd-4d5f-8419-fe71f5c55c98?segmentid=acee4131-99c2-09d3-a635-873e61754ec6
cc @911CORLEBRA777 @IdeaGov @karolcummins
Zoom admits user data ‘mistakenly’ routed through China https://www.ft.com/content/2fc518e0-26cd-4d5f-8419-fe71f5c55c98?segmentid=acee4131-99c2-09d3-a635-873e61754ec6
You do get that @zoom_us is lying at an alarming rate, right?
“... Zoom has significant operations in China, including a research and development department with more than 700 staff, which it has cast as a bid to keep personnel costs low...”
https://www.ft.com/content/2fc518e0-26cd-4d5f-8419-fe71f5c55c98
“... Zoom has significant operations in China, including a research and development department with more than 700 staff, which it has cast as a bid to keep personnel costs low...”
https://www.ft.com/content/2fc518e0-26cd-4d5f-8419-fe71f5c55c98
Ruanshi Software (Suzhou) Ltd.
American Cloud Video Software Technology Co., Ltd
SHALL I KEEP GOING?
No really shall I keep going because some of us know what we are tweeting about
https://investors.zoom.us/static-files/09a01665-5f33-4007-8e90-de02219886aa
American Cloud Video Software Technology Co., Ltd
SHALL I KEEP GOING?
No really shall I keep going because some of us know what we are tweeting about
https://investors.zoom.us/static-files/09a01665-5f33-4007-8e90-de02219886aa
It’s literally in their SEC filings - come on man - did you think I was being facetious?
Do I make assertions that I can’t back up with actual documents?
Ask yourself WHY in Mid-January 2020 @zoom_us made this switch
cc @SlickRockWeb @burgessct
https://investors.zoom.us/static-files/09a01665-5f33-4007-8e90-de02219886aa
Do I make assertions that I can’t back up with actual documents?
Ask yourself WHY in Mid-January 2020 @zoom_us made this switch
cc @SlickRockWeb @burgessct
https://investors.zoom.us/static-files/09a01665-5f33-4007-8e90-de02219886aa
Lols - tango down
https://www.tianyancha.com/company/2350548813
LLOLS - me canz usez tranzlatez button
https://jobs.51job.com/yx/co5065032.html
Softvision Software (Suzhou) Co., Ltd
Questions?
https://drive.google.com/file/d/17m4w2RPbJG0jktWwdc7S6ZfwYLbH-xJR/view?usp=drivesdk
https://www.tianyancha.com/company/2350548813
LLOLS - me canz usez tranzlatez button
https://jobs.51job.com/yx/co5065032.html
Softvision Software (Suzhou) Co., Ltd
Questions?
https://drive.google.com/file/d/17m4w2RPbJG0jktWwdc7S6ZfwYLbH-xJR/view?usp=drivesdk
Come on now - have I taught you nothing?
That if I make an assertion there’s a 100% chance that I’ve done my due diligence and that I’m asking really targeted questions for a reason
Gawd
https://suirui.us/
Archived
http://archive.is/R7n9p
I’m not a reporter
Come on now
That if I make an assertion there’s a 100% chance that I’ve done my due diligence and that I’m asking really targeted questions for a reason
Gawd

https://suirui.us/
Archived
http://archive.is/R7n9p
I’m not a reporter
Come on now
At a certain point I swear to a thousand suns on fire
The American MSM:
READ THE ____ SEC filings
It’s not a mistake or a mess up - why the ___ hasn’t anyone asked Zoom why they knew about COVID-19 to change business Ops in China?
ASK THE QUESTION https://twitter.com/IdeaGov/status/1246594741837295616?s=20
The American MSM:
READ THE ____ SEC filings
It’s not a mistake or a mess up - why the ___ hasn’t anyone asked Zoom why they knew about COVID-19 to change business Ops in China?
ASK THE QUESTION https://twitter.com/IdeaGov/status/1246594741837295616?s=20
I’m serious I have you the link to their SEC filings.
I then highlighted the relevant sections
I’m NOT A REPORTER yet how is it this data is all public info provided you know where & what to look for.
I’m so done - put a fork in me. https://twitter.com/File411/status/1246492216949948418?s=20
I then highlighted the relevant sections
I’m NOT A REPORTER yet how is it this data is all public info provided you know where & what to look for.
I’m so done - put a fork in me. https://twitter.com/File411/status/1246492216949948418?s=20
Welcome to Zoom-Bombing reading about it isn’t nearly as egregious as WATCHING it happen.
Unsolicited non-binding legal advice to Zoom
HIRE
A
LAW-FIRM
THAT
SPECIALIZES IN CRISIS MGMT
Do exactly what they tell you
Your legal nightmare is only starting https://twitter.com/j_donatella/status/1245055374262222848?s=20
Unsolicited non-binding legal advice to Zoom
HIRE
A
LAW-FIRM
THAT
SPECIALIZES IN CRISIS MGMT
Do exactly what they tell you
Your legal nightmare is only starting https://twitter.com/j_donatella/status/1245055374262222848?s=20
Ummm - I don’t know WHY all Public Schools haven’t mandated this already.
As a parent your job to is raise the concern
NYC's Department Of Education Wants Schools To Stop Using Zoom Video Conferencing Service
cc @ChiefCovfefe @SamanthaCorbin https://newyork.cbslocal.com/video/4503947-coronavirus-update-nycs-department-of-education-wants-schools-to-stop-using-zoom-video-conferencing-service/
As a parent your job to is raise the concern
NYC's Department Of Education Wants Schools To Stop Using Zoom Video Conferencing Service
cc @ChiefCovfefe @SamanthaCorbin https://newyork.cbslocal.com/video/4503947-coronavirus-update-nycs-department-of-education-wants-schools-to-stop-using-zoom-video-conferencing-service/
“.. hijacked the chat to post racial slurs...we disabled as soon as possible..appalled by this behavior, which has no place online, on the ice, or anywhere, and we are investigating the matter.”
Hacker Posts Racial Slur on Fan Chat With Black NHL Player https://www.nbcboston.com/news/sports/hacker-posts-racial-slur-on-fan-chat-with-black-nhl-player/2102583/?_osource=db_npd_nbc_wbts_twt_shr
Hacker Posts Racial Slur on Fan Chat With Black NHL Player https://www.nbcboston.com/news/sports/hacker-posts-racial-slur-on-fan-chat-with-black-nhl-player/2102583/?_osource=db_npd_nbc_wbts_twt_shr