HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mrstubbs

no profile record

comments

mrstubbs
·vor 5 Jahren·discuss
The statement says they were authorized to send commands to vulnerable servers through the exploited services/webshells which removed said webshells from the system.
mrstubbs
·vor 6 Jahren·discuss
With a closed-source client, how do we know Zoom does not add itself as a un-anounced participant in a meeting??

I assume there will be analysis done in the near future by third parties, but even that analysis is not sufficient to protect against a future change or a one-off, court-mandated targeted "switch" to join a un-announced participant to a meeting. The client can be designed to be 'dumb' in this regard.
mrstubbs
·vor 6 Jahren·discuss
The Zoom backend serves as a router for (possibly hundreds) individual encrypted streams of audio and video during a meeting. In order to support a cloud-save feature, they must first decrypt those streams in order to re-encode them into a unified multimedia file. Even if they were to store encrypted versions of all of these individual audio/video streams, how would they ultimately present that back to the user on request? There is no practical or easy way to do this.