Submitted by [deleted]
on March 25, 2020 at 1:31 PM in AskRaddle
You must log in or register to comment.
Wht's so bad privacy-wise about Zoom? I have never used it, so I have no idea what its like.
All data on its network is monitored in real time by the United States Department of Homeland Security, through compliance with a program called FedRAMP. They actually advertise this functionality, because it allows them to contract with government agencies in the United States, which is very lucrative. You can look this up on wikipedia or their website. They have specific encryption backdoors built into the software to allow the monitoring with all encryption dynamically removed.
Additionally, the host of individual calls can see everything on the other participants' computer without their knowledge, active windows, etc. This is because the system is designed for corporate workflow, not anarchist organizing lol
If you observe someone you organize with saying "it's encrypted, don't worry" who is also hosting the calls...they might not have your best interest in mind, just saying.
Thank you very much! I'll definitely search some more information about all this because it definitely sounds really creepy.
Love you! Thanks!
There are also links to the Communist Chinese regime, you could have a zoom meeting in America and be monitored by both US and Chinese overseers.
Zoom also used to allow any website to record you through your webcam because of their clever trick with installing a local web server to skip around the browser dialog for audio / video permissions.
That local server was also open for remote code execution and kept running after uninstalling Zoom. Yummy.
If you absolutely must use Zoom then under no circumstances install the client. Zoom works from the browser although they employ a dark pattern to trick you into installing their client. There's a browser extension to work around that though.
Who would had said Google would seem non-intrusive in comparision.
Thanks for taking the time to explain this, really appreciate it :)
Hi! Are you Raico aka raicopk?
If so, it's lovely to have you here. There've been a couple nice redditors showing their faces recently.
Yeah, that's me. I made this account long ago but I completely forgot about it to be honest. Anyways, thank you very much <3
I guess you could also use whatsapp or signal, they both have 2 way video calls anyway.
whatsapp is proprietary, privacy nightmare for organizers definitely
signal isn't capable of group calls
mumble only does audio.
jitsi is the only one that has everything, is open source, encrypted, no known backdoors. unless there's one I don't know about
Jitsi has end-to-end encryption? I never used it cause I thought they didn't.
No, it is Encrypted from network to server, server must decrypt in order for the webRTC group call functionality to work.
This is why you host your own server, for example
Had a skeg at Briar. It appears to only work for smartphones, specifically those running Android. As limited as it is, at least Signal has Signal Desktop going for it.
Its because Signal has 50 million dollars and briar isnt on google play
Yes,i know, this is the worst timeline
They might've not been on the Play Store early on but I just checked their site and they're currently on the Play Store.
Cool, nice find! I stand corrected
Signal is super easy to use and available on all platforms. Briar is still experimental and only for Android. It has potential, but it can't yet replace other messengers. Once versions come out for Linux and hopefully iOS and it's eventually audited, Briar could replace something like Signal.
I'm unaware so please any links/ explanations about the spookiness of signal would be helpful thanks. Been making extensive use of that as it seemed to me that they have a solid end to end encryption and definitely compared to whatsapp, a way less intrusive metadata collection.
Some German anarchists I know are using https://www.mumble.info because of concerns with zoom, so I assume it covers the basics, but I haven't looked into it myself.
Seems you're right, I'm surprised to hear that.
Mumble is okay, but the encryption cipher is weak iirc, and no video as /u/lastfutures pointed out
Matrix, Jami, and Wire are all great alternatives. They have their problems so just be sure to educate yourself and know which is best for you.
I use Jitsi. It is all in browser, so there are fewer compatibility issues. Getting zoom running on obscure distros is a pain, so this alone makes it worth the switch.
riot.im has video chat but may be a little laggy
riot group calls are unencrypted unfortunately. better than zoom, but the calls are hosted by default from the UK, which is probably the worst country on earth for privacy and data protection. especially since the GDPR now doesn't apply iirc
Matrix ecosystem is great, but use your own homeserver.
i've used riot.im, it works okay but it seems like the matrix.org homeserver has been incredibly laggy in past days. If you consider it, i'd maybe look at a different homeserver
Definitely. matrix ecosystem is cool, but I wouldn't use the matrix.org server. Not only did they have a huge privacy leak/hack in the last year, they are also hosted in the UK, which is one of the worst countries possible for data privacy/government surveillance. Even worse than USA tbf
yeah I'm actually looking into self hosting cause I mainly just use it for friends but I may want to join large public rooms soon idk
I believe the large rooms allow different homeservers to connect.its a setting u have to manually enable to prohibit that.
You could also have two accounts,1for matrix.org and one for your own server.