A few weeks ago my Mac Little Snitch security ap--which I recommend for all Mac users--caught that zoom ap trying to communicate with a zoom server from my Mac, and I blocked it and uninstalled zoom. Apparently uninstalling did not prevent the problem for Macs but Little Snitch would block all such connections once the rule is made. Little Snitch will show you just how much is communicated from your Mac to all kinds of external servers--quite a wake up call. Best Regards, Rob Laporte | SEO Specialist, CEO DISC, Inc. - Making Websites Make Money 413-584-6500 rob at 2disc.com<mailto:rob at 2disc.com> www.2disc.com<https://www.2disc.com/> NOTE: Emails can be blocked by spam filters throughout the web. If you don’t get a reply within an expected span of time, please call. ________________________________ From: Hidden-discuss <hidden-discuss-bounces at lists.hidden-tech.net> on behalf of Elijah Gwynn via Hidden-discuss <hidden-discuss at lists.hidden-tech.net> Sent: Thursday, July 11, 2019 9:21 AM To: Val Nelson Cc: PeopleFirst Tech; Discussion List Subject: Re: [Hidden-tech] Major security flaw in Zoom Amazingly Apple also released a fix — silently — which disables the Zoom web server even on Macs that haven't installed the Zoom patch. https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/ Eli On 11 Jul 2019, at 0:42, Val Nelson via Hidden-discuss wrote: The update alert showed up when I went in today and the switch was easy and it works great. ~Val .......................................... https://ValNelson.com (Sent from phone. Please pardon brevity or typos. Thanks.) On Jul 10, 2019, at 5:30 PM, Michael Klatsky via Hidden-discuss <hidden-discuss at lists.hidden-tech.net<mailto:hidden-discuss at lists.hidden-tech.net>> wrote: Zach - Thanks for sending that along. For those who need to use Zoom- an update has been released: https://blog.zoom.us/wordpress/2019/07/08/response-to-video-on-concern/ --- Sincerely, Michael Klatsky Devops and Technical Services MapuTech On July 10, 2019 at 1:57:01 PM, PeopleFirst Tech via Hidden-discuss (hidden-discuss at lists.hidden-tech.net<mailto:hidden-discuss at lists.hidden-tech.net>) wrote: Have you used the popular Zoom platform for videoconferencing or screen sharing? We primarily don't, but recent security flaws uncovered on Zoom lead us to suggest that you uninstall it (instructions courtesy of BuzzFeed<https://www.buzzfeednews.com/article/nicolenguyen/zoom-webcam-hacker-watching-you-vulnerability>). Further reading: https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5 What to Do About It Go to Zoom settings > Video, and under Meetings, enable “Turn off my video when joining a meeting.” OR Get rid of the Zoom desktop app entirely. If you want to get ahead of Zoom’s patch, which the company said will be released by midnight tonight, first you need to shut down the web server. Open the application called Terminal. Copy and paste this text: lsof -i :19421. Press enter. You’ll get a string of mumbo jumbo. Underneath the text “PID,” copy the string of numbers. Then type “kill -9” (without the quotes), add a space after -9, and paste the PID string of numbers. Press enter. The server has been killed. Drag the Zoom app, along with a folder titled “.zoomus,” to the trash can. Then hover over the trash can, and press CONTROL and click your mouse simultaneously. Empty the trash can. Boom. — — — Zach Fried PeopleFirst Tech Consulting<https://peoplefirst.tech/> Human-Focused Solutions zach at peoplefirst.tech<mailto:zach at peoplefirst.tech> By Appointment: 409 Main Street, Suite 214 Amherst, MA 01002 (413) 461-0617 _______________________________________________ Hidden-discuss mailing list - home page: http://www.hidden-tech.net Hidden-discuss at lists.hidden-tech.net<mailto:Hidden-discuss at lists.hidden-tech.net> You are receiving this because you are on the Hidden-Tech Discussion list. If you would like to change your list preferences, Go to the Members page on the Hidden Tech Web site. http://www.hidden-tech.net/members _______________________________________________ Hidden-discuss mailing list - home page: http://www.hidden-tech.net Hidden-discuss at lists.hidden-tech.net<mailto:Hidden-discuss at lists.hidden-tech.net> You are receiving this because you are on the Hidden-Tech Discussion list. If you would like to change your list preferences, Go to the Members page on the Hidden Tech Web site. http://www.hidden-tech.net/members _______________________________________________ Hidden-discuss mailing list - home page: http://www.hidden-tech.net Hidden-discuss at lists.hidden-tech.net You are receiving this because you are on the Hidden-Tech Discussion list. If you would like to change your list preferences, Go to the Members page on the Hidden Tech Web site. http://www.hidden-tech.net/members -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20190711/fcab0485/attachment-0001.html>