1/ The reason I& #39;ve been pushing back for days against the exaggerated and insufficiently contextualized reporting against Zoom is that, once it becomes a trend that "Zoom is insecure", there are hundreds of organizations where the IT staff doesn& #39;t have the means to push back.
2/ consider NYC Dept of Ed now banning Zoom. It& #39;s not clear they even recommended an alternative. Now teachers and students in the largest school district in the country have to rethink all of their plans without any certainty they& #39;ll end up with a more secure tool.
3/ I can imagine there were more than a few well meaning parents involved in this. What would you do as a parent if you read all this terrible stuff about Zoom insecurity, you don& #39;t necessarily have the training to understand it deeply, and then saw your kids using it?
4/ I think it behooves us, in the security space, to think about tradeoffs and threat models for *real-world* use cases of the product. And to contextualize everything we say to the press and to the world.