Hacker News new | past | comments | ask | show | jobs | submit login

> All first-time Zoom users, upon joining their first meeting from a given device, are asked whether they would like their video to be turned OFF. For subsequent meetings, users can configure their client video settings to turn OFF video when joining a meeting. > Additionally, system administrators can pre-configure video settings for supported devices at the time of install or change the configuration at anytime.

TBH, they're not as dismissive as you're sounding them to be

That part just doesn’t seem very responsive. Unless Zoom is recommending that everyone should turn it OFF, and urgently releasing a patch to make OFF the default, why does it matter that the vulnerability is in an optional feature rather than a mandatory one?

The Zoom admin for an org can switch to cameras default Off

I agree it should be the default, though if you're worried you can open your Zoom app and change the default as well

That is a pre-existing feature, and while it mitigates one specific aspect of the issue, it doesn't represent a security-focused response. Yes, I am saying that's not good enough: an appropriate, non-dismissive response would commit to writing code to deal with the issue raised, subject to the industry standard 90-day embargo. Depending on how much importance they place on their user's security.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact