Zoom engineering management practices have been exposed as far below industry standards of safety and product security. They have been doing a terrible job, and it is easy now to explain how and why. Just look at their encryption. The Citizen Lab April 3rd, 2020 report broke the news on Zoom practicing deception with weak … Continue reading Simple Illustration of Zoom Encryption Failure→
It’s pretty clear from a series of rapid and unfortunate missteps by Zoom that there’s something fundamentally wrong with the company. This is way worse that what I was warning about here in 2007. We already knew the origin story didn’t sound great. A VP of Engineering at WebEx, after being acquired by Cisco, didn’t … Continue reading Safer Alternatives to Zoom→
Equifax soaks up a lot of news as the example of bad leadership, and there has been a lot said about the CSO role and person. But is it really the example we should focus on the most? By the numbers, Equifax appears to sit among a wide group of breaches that each lost around … Continue reading One CSO and the Three Biggest Breaches of All Time→
This is a timeline of proprietary and centralized end-to-end encryption technology (yes that is a contradiction, and yes it uses an open source protocol) for secret delivery of malicious content to targets (apps and people) that seems to have led to massive privacy loss as well as targeted killings. January 2018: Facebook’s CSO campaigned on … Continue reading Timeline: Did 2018 WhatsApp Security Flaw Lead to Assassination of WashPo Journalist?→