Tag Archives: Teams

Who’s Zoomin’ Who?

First of all. I do not hate Zoom. I may still be a little tired from having to (professionally) deal with their major Mac Client vulnerability in 2019. They are a company that makes a product that a newly huge user base is suddenly dependent upon. I do not envy them.

However, their products still have security issues and the company does not have a good track record of responding to security issues with their products (my opinion).

So WELCOME folks, to my latest attempt to help during these crazy times.

Also, don’t read further until you’ve watched the entire video. Because Aretha deserves that time.

Done? Good. Thanks.

Here’s the latest iteration of my exploration of video conferencing solutions…..

https://sejm.chat

This is a video chat system running a instance of Jitsi – “…all our tools are 100% free, open source, and WebRTC compatible.” My limited review of this product, in combination with my professional training and experience in evaluating IT security solutions, has been a positive experience.

Jitsi is simple to use, employs and enforces good basic security principles, has an active community of builders and maintainers (devs), and is relatively inexpensive to run as a service (your mileage may vary).

I setup https://sejm.chat in my Amazon Web Services (AWS) test account. Utilizing Debian as the base operating system, I was able to have an instance of Jitsi up and running within about 40 minutes. This system included full TLS end to end encryption. It was successfully tested with the following client (end user) platforms –

  • Chrome on Linux, Windows
  • Android Jitsi app
  • Firefox on Windows, Linux
  • iOS Jitsi app

Doing these initial tests cost me nothing but my time.

Now, I know this isn’t all the platforms that people will need to use. I know my testing methodology is sparse and faulty. I have not tested for scale.

This brings me to the ask (wow, I buried this WAY to far down) –

Help me test this. Please.

If you have a group that would like to hold a group chat, let me know. Want to talk to a couple of old friends? Let me help.

Right now, I’ve spent $13 USD to reserve the sejm.chat domain and $20 to setup a server that I have direct control over. That is the entire sum of my costs.

I hope this message finds all of you well.

Stay safe, stay HOME, and take care of each other.

Sincerely,

Matt

Team Ucky-Zoom-y and Can We Not

At my first job post college, I was having a conversation with one of the systems administrators (sysadmins) regarding a customer issue and as part of our exchange was told, “No technology is absolutely secure”.

Those words have provided the basis to my technology career. That phrase has put a roof over my children and food in their bellies. Every single business around the globe is affected by these words.

Our world is now a place where keeping distance is the clear and correct choice. Technology conference software is now something we have to use.

I will not recommend any of them. You and I have to use them, and I want to provide the information to help you make an informed choice as to what, when, and how you utilize these solutions.

I also want to make an important declaration of understanding and support –

I know. I know the software/application/program is horrible. They all are frustrating, flaky, unreliable, and entirely exasperating. They are made by humans and we are all also all of those things. I’m not blaming or trying to shame anyone (even MOST tech companies). I want to offer my experience as a source.

I have also had conversations with teachers and IT staff at schools in recent days and they know too.

The educational professionals that are essential to our current and future existence are performing miraculous transformations to our system with broken and unreliable tools. They have made essential choices for the future of our existence in a vacuum (yet under pressure) and for the long term (yet in a second). They are angels and heroes and deserve every ion of support we can muster for them.

All of this is prep to another QUICK list with some details. As always, PLEASE contact me if you have (as my old math teacher in Mt. Lake – Mr. Marty Skow used to say) “Questions? Comments? Nasty remarks?” please let me know. All are welcome.

  1. Zoom – Track record on security is BAD. Apple (MAC) clients had major security flaw a couple of years ago. Communication via Zoom is also NOT encrypted during the entire process. This lack of “end-to-end” encryption is lazy and dangerous on Zoom’s part. And, it is likely the source of “Zoom-bombing“. People are using Zoom because it is free. Those users are receiving exactly what they are paying for. BUT, I understanding that Zoom IS and will continue to be used. Please be careful. Make sure the Zoom client/app/program is stopped and/or closed when you are done using it. If you use it in a browser, reboot your computer after a Zoom meeting.
  2. Microsoft Teams/Skype – Security is better than Zoom. As with everything, these products are NOT free from security issues. But they have a better track record on things like identify and responding to security issues with these applications. Microsoft has, in my opinion, absolutely botched their opportunity in this space. Teams is a superior product but expensive and immature. Skype works but scales poorly and is unreliable. They both do voice and video well but cost WAY too much for educational institutions.
  3. Google Groups/Hangouts or whatever it’s called today – Security on par with Microsoft products. Cost is comparable, may be slightly less. Google (Alphabet at large) profit model is not from software licenses etc. They make money on us. Our information and digital identity. Google is probably the most technically flexible and secure of these options. I have not used their platforms as much as I have used Skype, Teams, and Zoom.

Thanks folks. Stay safe, stay HOME. And let’s all help take care of each other.