<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
h2
{mso-style-priority:9;
mso-style-link:"Heading 2 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:18.0pt;
font-family:"Calibri",sans-serif;
font-weight:bold;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.airmailon, li.airmailon, div.airmailon
{mso-style-name:airmail_on;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.Heading2Char
{mso-style-name:"Heading 2 Char";
mso-style-priority:9;
mso-style-link:"Heading 2";
font-family:"Calibri Light",sans-serif;
color:#2F5496;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>Does the fix self-install like some Microsoft updates, or do we need to go to Zoom for the update?<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Ed<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b>From:</b> Hidden-discuss <hidden-discuss-bounces@lists.hidden-tech.net> <b>On Behalf Of </b>Elijah Gwynn via Hidden-discuss<br><b>Sent:</b> Thursday, July 11, 2019 9:22 AM<br><b>To:</b> Val Nelson <val@valnelson.com><br><b>Cc:</b> PeopleFirst Tech <zach@peoplefirst.tech>; Discussion List <hidden-discuss@lists.hidden-tech.net><br><b>Subject:</b> Re: [Hidden-tech] Major security flaw in Zoom<o:p></o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><p><span style='font-family:"Arial",sans-serif'>Amazingly Apple <em><span style='font-family:"Arial",sans-serif'>also</span></em> released a fix — silently — which disables the Zoom web server even on Macs that haven't installed the Zoom patch.<o:p></o:p></span></p><p><span style='font-family:"Arial",sans-serif'><a href="https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/"><span style='color:#3983C4'>https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/</span></a><o:p></o:p></span></p><p><span style='font-family:"Arial",sans-serif'>Eli<o:p></o:p></span></p><p><span style='font-family:"Arial",sans-serif'>On 11 Jul 2019, at 0:42, Val Nelson via Hidden-discuss wrote:<o:p></o:p></span></p></div><blockquote style='border:none;border-left:solid #777777 1.5pt;padding:0in 0in 0in 4.0pt;margin-left:0in;margin-right:0in;margin-bottom:3.75pt'><div id=44D2FA5A-7EB9-4935-B81D-5159B70DF8A5><div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-family:"Arial",sans-serif;color:#777777'>The update alert showed up when I went in today and the switch was easy and it works great. <o:p></o:p></span></p><div id=AppleMailSignature><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'>~Val<o:p></o:p></span></p><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'>..........................................<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><a href="https://ValNelson.com">https://ValNelson.com</a><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><i><span style='font-family:"Arial",sans-serif;color:#777777'>(Sent from phone. Please pardon brevity or typos. Thanks.)</span></i><span style='font-family:"Arial",sans-serif;color:#777777'><o:p></o:p></span></p></div></div><div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-family:"Arial",sans-serif;color:#777777'><br>On Jul 10, 2019, at 5:30 PM, Michael Klatsky via Hidden-discuss <<a href="mailto:hidden-discuss@lists.hidden-tech.net">hidden-discuss@lists.hidden-tech.net</a>> wrote:<o:p></o:p></span></p></div><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>Zach -<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>Thanks for sending that along. <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>For those who need to use Zoom- an update has been released:<o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'><a href="https://blog.zoom.us/wordpress/2019/07/08/response-to-video-on-concern/">https://blog.zoom.us/wordpress/2019/07/08/response-to-video-on-concern/</a><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'><o:p> </o:p></span></p></div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>---</span><span style='font-family:"Arial",sans-serif;color:#777777'><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>Sincerely,</span><span style='font-family:"Arial",sans-serif;color:#777777'><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>Michael Klatsky</span><span style='font-family:"Arial",sans-serif;color:#777777'><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>Devops and Technical Services</span><span style='font-family:"Arial",sans-serif;color:#777777'><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-size:10.5pt;font-family:"Verdana",sans-serif;color:#777777'>MapuTech</span><span style='font-family:"Arial",sans-serif;color:#777777'><o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p></div></div></div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p><p class=airmailon><span style='font-family:"Arial",sans-serif;color:#777777'>On July 10, 2019 at 1:57:01 PM, PeopleFirst Tech via Hidden-discuss (<a href="mailto:hidden-discuss@lists.hidden-tech.net">hidden-discuss@lists.hidden-tech.net</a>) wrote:<o:p></o:p></span></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><div><div><div><div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'>Have you used the popular Zoom platform for videoconferencing or screen sharing? We primarily don't, but recent security flaws uncovered on Zoom lead us to suggest that you uninstall it (instructions courtesy of <a href="https://www.buzzfeednews.com/article/nicolenguyen/zoom-webcam-hacker-watching-you-vulnerability">BuzzFeed</a>). <o:p></o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'>Further reading: <a href="https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5">https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5</a> <o:p></o:p></span></p><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></p></div></div><blockquote style='margin-left:30.0pt;margin-right:0in'><div><div><h2 style='box-sizing:inherit;margin:1.7rem'><span style='font-size:13.5pt;font-family:"Helvetica",sans-serif;color:#777777'>What to Do About It</span><span style='font-family:"Helvetica",sans-serif;color:#777777'><o:p></o:p></span></h2></div></div><div><p style='box-sizing:inherit;margin:1.7rem'><span style='font-size:13.5pt;font-family:"Times New Roman",serif;color:#777777'>Go to Zoom settings > Video, and under Meetings, enable “Turn off my video when joining a meeting.”</span><span style='font-family:"Times New Roman",serif;color:#777777'><o:p></o:p></span></p></div><div><p style='box-sizing:inherit;margin:1.7rem'><span style='font-size:13.5pt;font-family:"Times New Roman",serif;color:#777777'>OR</span><span style='font-family:"Times New Roman",serif;color:#777777'><o:p></o:p></span></p></div><div><p style='box-sizing:inherit;margin:1.7rem'><span style='font-size:13.5pt;font-family:"Times New Roman",serif;color:#777777'>Get rid of the Zoom desktop app entirely. If you want to get ahead of Zoom’s patch, which the company said will be released by midnight tonight, first you need to shut down the web server. Open the application called Terminal. Copy and paste this text: lsof -i :19421. Press enter. You’ll get a string of mumbo jumbo. Underneath the text “PID,” copy the string of numbers. Then type “kill -9” (without the quotes), add a space after -9, and paste the PID string of numbers. Press enter. The server has been killed.</span><span style='font-family:"Times New Roman",serif;color:#777777'><o:p></o:p></span></p></div><div><p style='box-sizing:inherit;margin:1.7rem'><span style='font-size:13.5pt;font-family:"Times New Roman",serif;color:#777777'>Drag the Zoom app, along with a folder titled “.zoomus,” to the trash can. Then hover over the trash can, and press CONTROL and click your mouse simultaneously. Empty the trash can. Boom.</span><span style='font-family:"Times New Roman",serif;color:#777777'><o:p></o:p></span></p></div></blockquote><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal;min-height:14px'><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#7A7A7A'><o:p> </o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><span style='font-size:10.0pt;font-family:"Arial",sans-serif;color:#777777'>— — —<o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><b><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#606060'>Zach Fried</span></b><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#606060'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><u><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#551A8B'><a href="https://peoplefirst.tech/"><b>PeopleFirst Tech Consulting</b></a></span></u><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#551A8B'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><span style='font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#606060'>Human-Focused Solutions </span><span style='font-size:8.5pt;font-family:"Helvetica",sans-serif;color:#606060'><br><a href="mailto:zach@peoplefirst.tech">zach@peoplefirst.tech</a></span><span style='font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#606060'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal;min-height:14px'><span style='font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#232323'><o:p> </o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><span style='font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#777777'>By Appointment:<o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><span style='font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#777777'>409 Main Street, Suite 214<o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><span style='font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#777777'>Amherst, MA 01002<o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;font-stretch:normal'><span style='font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#777777'>(413) 461-0617<o:p></o:p></span></p></div></div></div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'>_______________________________________________ <br>Hidden-discuss mailing list - home page: <a href="http://www.hidden-tech.net">http://www.hidden-tech.net</a> <br><a href="mailto:Hidden-discuss@lists.hidden-tech.net">Hidden-discuss@lists.hidden-tech.net</a> <br><br>You are receiving this because you are on the Hidden-Tech Discussion list. <br>If you would like to change your list preferences, Go to the Members <br>page on the Hidden Tech Web site. <br><a href="http://www.hidden-tech.net/members">http://www.hidden-tech.net/members</a> <o:p></o:p></span></p></div></div></blockquote></div><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif;color:#777777'>_______________________________________________<br>Hidden-discuss mailing list - home page: <a href="http://www.hidden-tech.net">http://www.hidden-tech.net</a><br><a href="mailto:Hidden-discuss@lists.hidden-tech.net">Hidden-discuss@lists.hidden-tech.net</a><br><br>You are receiving this because you are on the Hidden-Tech Discussion list.<br>If you would like to change your list preferences, Go to the Members<br>page on the Hidden Tech Web site.<br><a href="http://www.hidden-tech.net/members">http://www.hidden-tech.net/members</a><o:p></o:p></span></p></div></div></div></blockquote><div><blockquote style='border:none;border-left:solid #777777 1.5pt;padding:0in 0in 0in 4.0pt;margin-left:0in;margin-right:0in;margin-bottom:3.75pt'><p><span style='font-family:"Arial",sans-serif;color:#777777'>_______________________________________________<br>Hidden-discuss mailing list - home page: <a href="http://www.hidden-tech.net"><span style='color:#777777'>http://www.hidden-tech.net</span></a><br><a href="mailto:Hidden-discuss@lists.hidden-tech.net">Hidden-discuss@lists.hidden-tech.net</a><br><br>You are receiving this because you are on the Hidden-Tech Discussion list.<br>If you would like to change your list preferences, Go to the Members<br>page on the Hidden Tech Web site.<br><a href="http://www.hidden-tech.net/members"><span style='color:#777777'>http://www.hidden-tech.net/members</span></a><o:p></o:p></span></p></blockquote></div></div></div></body></html>