First of all. I do not hate Zoom. I may still be a little tired from having to (professionally) deal with their major Mac Client vulnerability in 2019. They are a company that makes a product that a newly huge user base is suddenly dependent upon. I do not envy them.
However, their products still have security issues and the company does not have a good track record of responding to security issues with their products (my opinion).
So WELCOME folks, to my latest attempt to help during these crazy times.
Also, don’t read further until you’ve watched the entire video. Because Aretha deserves that time.
Done? Good. Thanks.
Here’s the latest iteration of my exploration of video conferencing solutions…..
This is a video chat system running a instance of Jitsi – “…all our tools are 100% free, open source, and WebRTC compatible.” My limited review of this product, in combination with my professional training and experience in evaluating IT security solutions, has been a positive experience.
Jitsi is simple to use, employs and enforces good basic security principles, has an active community of builders and maintainers (devs), and is relatively inexpensive to run as a service (your mileage may vary).
I setup https://sejm.chat in my Amazon Web Services (AWS) test account. Utilizing Debian as the base operating system, I was able to have an instance of Jitsi up and running within about 40 minutes. This system included full TLS end to end encryption. It was successfully tested with the following client (end user) platforms –
Chrome on Linux, Windows
Android Jitsi app
Firefox on Windows, Linux
iOS Jitsi app
Doing these initial tests cost me nothing but my time.
Now, I know this isn’t all the platforms that people will need to use. I know my testing methodology is sparse and faulty. I have not tested for scale.
This brings me to the ask (wow, I buried this WAY to far down) –
Help me test this. Please.
If you have a group that would like to hold a group chat, let me know. Want to talk to a couple of old friends? Let me help.
Right now, I’ve spent $13 USD to reserve the sejm.chat domain and $20 to setup a server that I have direct control over. That is the entire sum of my costs.
I hope this message finds all of you well.
Stay safe, stay HOME, and take care of each other.
At my first job post college, I was having a conversation with one of the systems administrators (sysadmins) regarding a customer issue and as part of our exchange was told, “No technology is absolutely secure”.
Those words have provided the basis to my technology career. That phrase has put a roof over my children and food in their bellies. Every single business around the globe is affected by these words.
Our world is now a place where keeping distance is the clear and correct choice. Technology conference software is now something we have to use.
I will not recommend any of them. You and I have to use them, and I want to provide the information to help you make an informed choice as to what, when, and how you utilize these solutions.
I also want to make an important declaration of understanding and support –
I know. I know the software/application/program is horrible. They all are frustrating, flaky, unreliable, and entirely exasperating. They are made by humans and we are all also all of those things. I’m not blaming or trying to shame anyone (even MOST tech companies). I want to offer my experience as a source.
I have also had conversations with teachers and IT staff at schools in recent days and they know too.
The educational professionals that are essential to our current and future existence are performing miraculous transformations to our system with broken and unreliable tools. They have made essential choices for the future of our existence in a vacuum (yet under pressure) and for the long term (yet in a second). They are angels and heroes and deserve every ion of support we can muster for them.
All of this is prep to another QUICK list with some details. As always, PLEASE contact me if you have (as my old math teacher in Mt. Lake – Mr. Marty Skow used to say) “Questions? Comments? Nasty remarks?” please let me know. All are welcome.
Zoom – Track record on security is BAD. Apple (MAC) clients had major security flaw a couple of years ago. Communication via Zoom is also NOT encrypted during the entire process. This lack of “end-to-end” encryption is lazy and dangerous on Zoom’s part. And, it is likely the source of “Zoom-bombing“. People are using Zoom because it is free. Those users are receiving exactly what they are paying for. BUT, I understanding that Zoom IS and will continue to be used. Please be careful. Make sure the Zoom client/app/program is stopped and/or closed when you are done using it. If you use it in a browser, reboot your computer after a Zoom meeting.
Microsoft Teams/Skype – Security is better than Zoom. As with everything, these products are NOT free from security issues. But they have a better track record on things like identify and responding to security issues with these applications. Microsoft has, in my opinion, absolutely botched their opportunity in this space. Teams is a superior product but expensive and immature. Skype works but scales poorly and is unreliable. They both do voice and video well but cost WAY too much for educational institutions.
Google Groups/Hangouts or whatever it’s called today – Security on par with Microsoft products. Cost is comparable, may be slightly less. Google (Alphabet at large) profit model is not from software licenses etc. They make money on us. Our information and digital identity. Google is probably the most technically flexible and secure of these options. I have not used their platforms as much as I have used Skype, Teams, and Zoom.
Thanks folks. Stay safe, stay HOME. And let’s all help take care of each other.
I am posting it here so that we can better edit and respond to questions and changes. Thanks for your understanding. The initial introduction was written by my father, Steve Pankratz.
BEGIN STEVE PANKRATZ WRITING——
The information/proposal below was brainstormed by my brother, David Pankratz. David is a retired corporate pilot with a unique life experience in aviation. He is also blessed with a creative mind. I am making this available to my friends in order to broadcast Davidâ€™s Idea. I have checked with him regarding intellectual property issues. We both grew up on a Minnesota farm and know that in tough times like these, itâ€™s not about power and profit, but the commonness of humankind and the value in recognizing strength in coming together. So, feel free to share this idea with anyone who is interested and especially folks and groups interested in developing the idea. firstname.lastname@example.org
BEGIN DAVID PANKRATZ WRITING———-
To whom it may concern:
I have organized some thoughts and ideas on the utilization of the numerous airliners that are now idle, and parked all over the world. Most of these aircraft are just off recent service, and can quickly be reconfigured and made available at various locations where the need for hospital bed space in urgent. The general idea is not to transport patients, but to bring the largest planes to major airports where the patients can be brought to an dedicated and isolated airport concourse gate, where they can then board one of these aircraft which have been reconfigured for emergency patient assessment, testing, and ventilator/ICU treatment as indicated.
Beginning with close coordination with knowledgeable and qualified hospital nurses, doctors, technicians, health officials, airline executives, city mayors/state governors, and perhaps Boeing/Airbus systems engineers, I believe these planes could each be stripped overnight of all seats and non-essential equipment (lavs, sinks, micro-wave ovens, etc, should be left in place). The cabins would be cleaned and prepped to hospital standards now in use. For reconfiguration, the next phase might require the plane be flown to where the beds and medical equipment are located, or the equipment be brought to the location of the plane and the technical personnel. Emergency hospital beds/cots could be installed with appropriate spacing and separation, and with minimal disruption to the floor fittings. Required medical equipment and machines could then be hooked into the aircraft/ground electrical, air, and oxygen systems already on board. WiFi could be used for telemetry transmission to hospital center for monitoring and tracing purposes. Overhead compartments would be stocked with supplies and equipment. I have no idea how this would be funded, but I am convinced it can be done logistically, and quickly.
Once configured, each plane would be flown to a suitable airport in the area or city of urgent need. The planes should be met with all necessary ground support, including electric, air conditioning and purification filtering, human waste, and bio-hazard disposal equipment. This equipment would be manned 24/7, until the plane is no longer needed. It could then be re-assigned as necessary.
These planes, then, would be mobile ER or hospital units. They would not fly patients, but would serve in place on the ground as an urgent, temporary facility, to relieve and augment the needs of the areas in the US which may become overwhelmed.
I did some rough math after consulting with an ER RN, and a friend who runs the respiratory therapy dept. for a major hospital. With reference to dimensions of the main and upper A-380 decks, the total square area of 6880 sq. ft. would allow for approximately 100 to 115 beds, with proper separation and working clearance for nurses/doctors/techs to move around each bed. The B-777 could accommodate 30-50 beds, depending on required care level. Much of the equipment could be stowed in the overhead baggage compartments, and some under each bed. Also, Boeing in ICT has recently laid off nearly 7,000 people. I can imagine that some could be called back to help accomplish these reconfigs. Most interestingly, my brother Steve, who lives in ICT, said there is a Boeing/Airbus group there that works together on different projects.
I hope that people who read about this concept will transmit it to the people who can make this happen, anywhere in the world where it is needed. Please read the article at the link. I am open to suggestions. Thanks!
If you utilize any of these passwords for any of your devices, accounts, email addresses, etc. I implore you to stop. It’s not even a speck of security.
Without trying (and absolutely failing) to explain mathematical principles like entrophy, I can offer this MOST important piece of advise about passwords –
“The longer the password the better/more secure it is”
There are obviously exceptions to this. An 18 character password that is all the character x is NOT secure, for example. Common phrases or well know quotes will be easy to break.
But, if you choose 4 or 5 words that are not normally associated with each other AND are easy for you to remember then you have a MUCH more secure password. Here’s a visual aid from the excellent online comic xkcd –
Other suggestions are to include things like words from another language, portions of an old locker combination, etc. Avoid public data like SSN, date of birth, high school graduation year, and so on.
We could talk for days about passwords. Usage, theory, how often to change, how to store, etc. This article is meant to provide a basic starting point for people to understand how to choose good passwords to protect things, people, and resources.
Remember – Longer is better and something unique that you can remember!