Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: E-Mail

Commentary – Maybe we shouldn’t use Zoom after all

FBI warns Zoom, teleconference meetings vulnerable to hijacking: “…The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI cautioned. “As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts..to prevent against unwanted participants joining Zoom or other video teleconferencing meetings, the FBI advises users to not make Zoom meetings or classrooms public. Instead, users should require a meeting password, or use the Zoom waiting room to control who has access to particular meetings. The bureau also recommends not sharing links on public social media posts, and instead providing links directly to intended participants…”

TechCrunch: “Now that we’re all stuck at home thanks to the coronavirus pandemic, video calls have gone from a novelty to a necessity. Zoom, the popular videoconferencing service, seems to be doing better than most and has quickly become one of, if not the most, popular option going. But should it be? Zoom’s recent popularity has also shone a spotlight on the company’s security protections and privacy promises. Just today, The Intercept reported that Zoom video calls are not end-to-end encrypted, despite the company’s claims that they are. And Motherboard reports that Zoom is leaking the email addresses of “at least a few thousand” people because personal addresses are treated as if they belong to the same company. It’s the latest examples of the company having to spend the last year mopping up after a barrage of headlines examining the company’s practices and misleading marketing. To wit:

  • Apple was forced to step in to secure millions of Macs after a security researcher found Zoom failed to disclose that it installed a secret web server on users’ Macs, which Zoom failed to remove when the client was uninstalled. The researcher, Jonathan Leitschuh, said the web server meant any malicious website could activate Mac webcam with Zoom installed without the user’s permission. The researcher declined a bug bounty payout because Zoom wanted Leitschuh to sign a non-disclosure agreement, which would have prevented him from disclosing details of the bug….”

Emoji etiquette in the workplace

Human Resources – The good, the bad and the downright inappropriate – “Emojis are everywhere nowadays. When words fail us or we want to lighten the mood, very often we turn to emojis. In fact even in a professional work setting, 71% of respondents in Perkbox’s latest survey feel emojis should be encouraged. Polling 1000 UK workers,… Continue Reading

Flaw in billions of Wi-Fi devices left communications open to eavesdropping

ars technica: Flaw in billions of Wi-Fi devices left communications open to eavesdropping: “Billions of devices—many of them already patched—are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference. The vulnerability exists in Wi-Fi chips made by Cypress… Continue Reading

Chief FOIA Officers Council’s Technology Committee Releases Best Practices and Recommendations

National Archives FOIA Ombudsman: “Looking for ways to bolster the use of technology within the FOIA process? Check out a report from the Technology Committee (Committee) of the Chief FOIA Officers Council (Council) to the Council Co-Chairs that discusses FOIA Information Technology (IT) best practices and recommendations. In response to a recommendation by  the 2016-2018… Continue Reading

How Google Is Stopping Malicious Office Docs From Targeting Gmail Users

PC Magazine: “At the RSA security conference today, Google offered a rare look into the kinds of malicious attachments hackers will send to Gmail users. It turns out Microsoft Office documents secretly rigged to download malware are in vogue. In recent weeks, about 56 percent of the malicious attachments detected and blocked by Gmail’s filters… Continue Reading

How Big Companies Spy on Your Emails

Motherboard: “Multiple confidential documents obtained by Motherboard show the sort of companies that want to buy data derived from scraping the contents of your email inbox…A dataset obtained by Motherboard shows what some of the information pulled from free email app users’ inboxes looks like. A spreadsheet containing data from Rakuten’s Slice, an app that… Continue Reading

New web service can notify companies when employees get phished

ZDNet – “Starting today, companies across the world have a new free web service at their disposal that will automatically send out email notifications if one of their employees gets phished. The service is named “I Got Phished” and is managed by Abuse.ch, a non-profit organization known for its malware and cyber-crime tracking operations. Just… Continue Reading

You’ve got snail mail

Washington Post: “Targeted online ads are now literally following you home Marketers are using the same technology and data as online advertising companies to decide who gets what flier, postcard or envelope…As people become numb to targeted digital ads that follow them across social media and into their email inboxes, some high-tech marketers are turning… Continue Reading

The environmental cost of keeping mail and files online keeps rising

Bloomberg via Japan Times / no paywall: “Everyone has seen warnings at the end of email saying, “Please consider the environment before printing.” But for those who care about global warming, you might want to consider not writing so many emails in the first place. More and more, people rely on their electronic mailbox as… Continue Reading