Would like to know more here about whether this was responsibly disclosed and time given to the Zoom team to fix it. https://twitter.com/zackwhittaker/status/1245350371876315137 …
-
-
People think that the responsible and responsible disclosure means that You have some sort of weird responsibility to the vendor when that is in fact not the case :)
-
indeed. one's responsibility isn't to the vendor, it's to the users who would potentially become victims. the way to avoid that is to give the vendor as much of an advantage over attackers as possible
- 10 more replies
New conversation -
-
-
Releasing 0-days without bothering to contact the manufacturer themselves, only for a bit of fame during a worldwide pandemic. This is exactly why la ot of InfoSec people have such a terrible reputation of being narcissists...
-
The only reason someone might want to warn people in danger is their own personal fame? Maybe you need to do some self examination here. Vulnerability disclosure is hard, frustrating and thankless work, literally nobody is in it for the fame.
- 30 more replies
New conversation -
-
-
Agree! And this is far more news worthy, and worth getting attention by users of zoom than a UNC trick that users have to click.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Letting the company know vs letting the world know doesn’t always change the response time but it sure as heck changes the time to exploit. Zoom is getting piled on by researchers because of current events. What they do to respond is the real measure.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
and if i recall correctly, the uninstallation process is far beyond what most users are capable of
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.