Move everything you possibly can to the web and don't look back. https://t.co/s30Z0tMXJC

— Alex Russell (@slightlylate) April 1, 2020

Every day there's a fresh Zoom privacy/security horror story. Why now, all at once?

It's simple: the problems aren't new but suddenly everyone is forced to use Zoom. That means more people discovering problems and also more frustration because opting out isn't an option. https://t.co/O9h8SHerok

— Arvind Narayanan (@random_walker) March 31, 2020

A few years ago, this happened with Slack. I remember a story about a guy that faked an apple dot com email address and got to see all the rooms and channels inside the companyhttps://t.co/o6C3s5atUw

— Alex Barredo (5.9% growth secured) ? (@somospostpc) April 1, 2020

Folks love Zoom because it just ‘works’ but one of the ways it seems so effortless is how they bypass security established to prevent malware. https://t.co/AwvrpbrcAB

— David Carroll ? (@profcarroll) March 31, 2020

End to middle ≠ end to end. By Zoom's definition, Gmail could be E2E encrypted even though it's sitting on a Google server. That lets Google do useful things (search, spam filtering), but it means Google doesn't get to brag email is E2E encrypted. https://t.co/jf7R1mz7u7

— Stephen Shankland (@stshank) March 31, 2020

This week is going to be a critical one for Zoom and $ZM shareholders.

This is going to get worse, as the entire infosec world descends on a spectacularly complicated product with lots of attack surface and some sketchy design trade-offs. An opportunity for a trust turn-around. https://t.co/jjcJS6eWrD

— Alex Stamos (@alexstamos) April 1, 2020

The UK: We really shouldn't give our sensitive data to Huawei if we can't guarantee the integrity of its security
Also the UK: We should give it all to Zoom instead

Also see: https://t.co/gwRvbwX5UO https://t.co/dK0uFqsD2t

— Yuan Yang (@YuanfenYang) March 31, 2020

I was willing to write off the other stuff about Zoom, but not this. I'll be looking for a better solution for anything personal. https://t.co/F8DlmhE84E

— i'm just a girl living in captivity (@jilliancyork) March 31, 2020

Let's make this simple: Zoom is malware. https://t.co/xkJDaP4OoK

— Arvind Narayanan (@random_walker) March 31, 2020

Here’s how they’re abusing the OSX installer to avoid need you to authorize the installation (a good malware trick). https://t.co/1NsC2T1n0t https://t.co/3dbLJIrJ2B

— DHH (@dhh) March 31, 2020

Design flaw in Zoom lets random strangers video call people and also leaks photos and email addresses of anyone using nonstandard email addresses: https://t.co/Aa8zxnru7O

— Jason Koebler (@jason_koebler) March 31, 2020

As anyone who has built desktop software at scale can attest to, in the typical user’s home/office environment, “just works” is indistinguishable from malware. This unfortunate situation is a byproduct of the cat-and-mouse game between actual attackers and system engineers. ?‍♂️ https://t.co/3x9liGxcxS

— Andreas Ehn (@ehn) April 1, 2020

色々と話題のZoomですが、今度は2つのゼロデイが公開されていますね...
・root権限への権限昇格
・カメラとマイクの権限継承

『Honestly, if you care about your security and/or privacy perhaps stop using Zoom.』とのこと?

The 'S' in Zoom, Stands for Securityhttps://t.co/n8Wn0OMNOo

— Autumn Good (@autumn_good_35) April 1, 2020

Oh Zoom, this isn't good at all...

Attention those of you running Zoom on your Macs: https://t.co/1Hft1UIt57

— Graham Cluley (@gcluley) April 1, 2020

Two more Zoom 0-days are now public. Webcam hijacking for all!

How long will organizations continue to pay money for this kind of negligence?

If you have Zoom client software or plugins installed, remove them ASAP.https://t.co/3qTFD6fGYe

— Lance R. Vick (@lrvick) April 1, 2020

A couple more vulnerabilities disclosed for Zoom https://t.co/LjT99dgp21

— Alan Woodward (@ProfWoodward) April 1, 2020

Why I’m not a big fan of using Zoom: two new 0days let attackers remotely seize your camera/mic. Ooooops. https://t.co/Rhd1ZSrVq4

— paulrobichaux (@paulrobichaux) April 1, 2020

Patrick Wardle rips apart the latest @zoom_us installer for Mac (4.6.8) and uncovers bad practices and two potential exploit vulnerabilities https://t.co/3HFVPbkFvK

— Jason Broccardo (@zoocoup) April 1, 2020

New: Just when you thought things couldn't get any worse for Zoom, an ex-NSA hacker just dropped two Zoom zero-days on his blog. One of the bugs can allow an attacker to tap into the webcam and microphone without permission.https://t.co/5HXxki9JOb

— Zack Whittaker (@zackwhittaker) April 1, 2020

YIKES!!! Ex-NSA hacker drops new zero-day doom for Zoom | TechCrunch https://t.co/pm6Luehju8

— Scott Adams (@ScottAdamsSays) April 1, 2020

Oh, Zoom.https://t.co/boxzCjiNLc

— Dan Benjamin (@danbenjamin) April 1, 2020

“Hot on the heels of two security researchers finding a Zoom bug that can be abused to steal Windows passwords, another security researcher found two new bugs that can be used to take over a Zoom user’s Mac, including tapping into webcam and microphone”. https://t.co/lNT9sJINFK

— DHH (@dhh) April 1, 2020

Native software for anything that *can* be done on the web *is a mistake*:https://t.co/epCNK47QZF

— Alex Russell (@slightlylate) April 1, 2020

Zoom Tightens Privacy Policy, Says No User Videos Are Analyzed for Ads - https://t.co/GdNqHjcI4L #GoogleAlerts

— TimMarvin (@TimMarvin_) March 31, 2020

Thanks @zoom_us for these key updates to your privacy policy including no longer retweeting tweets shared by my fellow teachers of children using your product https://t.co/si1ElOYaYi

— Rafranz ⁷ (@RafranzDavis) March 30, 2020

if y'all use Zoom you can send a polite thank you to Consumer Reports for getting them to tighten their privacy policy regarding your data https://t.co/ZbaGpZwimE

— anthony (@theWriteBrain) March 31, 2020

Zoom Tightens Privacy Policy - Consumer Reports https://t.co/iTqDdIG6rS

— CyberWise (@BeCyberwise) March 31, 2020

Zoom Tightens Privacy Policy, Says No User Videos Are Analyzed for Ads https://t.co/bYfZlwNzou https://t.co/Y8lIZ36diP @thomas_capone #collaboration #remotelearning #workingfromhome #remoteworking #remotework #telecommuting #remotejobs #remoteworklife #zoom

— Evan Kirstel #StayHome #RemoteWork (@evankirstel) March 31, 2020

Zoom은 모든 잘못된 이유로 주목을 받고 있습니다. https://t.co/adOVE8nEL2

• 솔직히 보안 및 / 또는 개인 정보 보호에 관심이 있다면 Zoom 사용을 중지하십시오.

— lunamoth (@lunamoth) April 2, 2020

today is a garbage fire for Zoom security.

* MacOS root priv-esc & code injection to access mic/camera by @patrickwardle https://t.co/663AvVOZHc

* stealing Windows credentials https://t.co/eWyAqZ1tse @dangoodin001

* leaking emails/pics https://t.co/cISzZn77aO @josephfcox

— yan (@bcrypt) April 1, 2020

apple should pull their enterprise certificate and invalidate the installer https://t.co/GBRg5VBOrD

— wojtek (@pugson) April 1, 2020

I didn’t have it handy but...https://t.co/4JcmKj25xO pic.twitter.com/Eg5hO3VrnD

— Werise (@We_Have_Risen) April 2, 2020

Stop using Zoom and stop making your students use Zoom! Their security and privacy is terrible.
Some recent examples:
1. https://t.co/MIAyjG4QmG 2. https://t.co/BvYzgU4tpT 3. https://t.co/gqlZHD4SZA

— Frederik Aust (@FrederikAust) April 2, 2020

Patrick Wardle, a former NSA hacker and now principle security researcher at Jamf, dropped the two previously undisclosed flaws on his blog Wednesday. He said, “if you care about your security and privacy, perhaps stop using Zoom.” .@dhh https://t.co/2gSHbtM2KU

— Rajan Bhattarai (@cdrrazan) April 1, 2020

Another bad day for Zoom#CyberSecurity @archonsec @AudreyDesisto @CisoFromHell @DrChris_Hansen_ @gabsmashh @Paula_Piccard https://t.co/Qonj29vIP8

— Mike Higgins (@BosBorn1) April 2, 2020

I knew who did this before the article even loaded, nice work @patrickwardle!https://t.co/bMawOZ73N8

— Kody (@KodyKinzie) April 2, 2020

1/2 #TOpoli #ONpoli #CDNpoli #InfoSec #COVID19

Using #Zoom for work or school during the #Coronavirus?

STOP

It's a severe threat to #security with flaws that give hackers control of your Windows & Mac

(See next post for brutal #privacy issues as well)https://t.co/NwIWOMy0ip

— Amy MacPherson (@MsAmyMacPherson) April 2, 2020