[Hidden-tech] Major security flaw in Zoom
PeopleFirst Tech
zach at peoplefirst.tech
Wed Jul 10 16:44:25 UTC 2019
Have you used the popular Zoom platform for videoconferencing or screen
sharing? We primarily don't, but recent security flaws uncovered on Zoom
lead us to suggest that you uninstall it (instructions courtesy of BuzzFeed
<https://www.buzzfeednews.com/article/nicolenguyen/zoom-webcam-hacker-watching-you-vulnerability>
).
Further reading:
https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
What to Do About It
Go to Zoom settings > Video, and under Meetings, enable “Turn off my video
when joining a meeting.”
OR
Get rid of the Zoom desktop app entirely. If you want to get ahead of
Zoom’s patch, which the company said will be released by midnight tonight,
first you need to shut down the web server. Open the application called
Terminal. Copy and paste this text: lsof -i :19421. Press enter. You’ll get
a string of mumbo jumbo. Underneath the text “PID,” copy the string of
numbers. Then type “kill -9” (without the quotes), add a space after -9,
and paste the PID string of numbers. Press enter. The server has been
killed.
Drag the Zoom app, along with a folder titled “.zoomus,” to the trash can.
Then hover over the trash can, and press CONTROL and click your mouse
simultaneously. Empty the trash can. Boom.
— — —
*Zach Fried*
*PeopleFirst Tech Consulting* <https://peoplefirst.tech/>
Human-Focused Solutions
zach at peoplefirst.tech
By Appointment:
409 Main Street, Suite 214
Amherst, MA 01002
(413) 461-0617
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20190710/39eebd2a/attachment.html>
More information about the Hidden-discuss
mailing list