You read that right! Now to find the list of all people who were badgering me to set-up a Keybase account...
Consider the following:
2. Keybase is used by a lot of people to sign their #git commits and whatnot.
3. Zoom, a company with bad security track record and murky ownership now has potential supply-chain-attack capability on a lot of software whose git commits are signed using keys that touch Keybase.
@rysiek Microsoft also had a bad Security track record, and turned it around.
Cisco jsut released a ton of advisories for ASA, FTD and FMC that are pretty bad and tend to hide their issues until they can't.
Apple does not disclose the security issues they fix very easily if at all.
Zoom starts to take steps by getting people like Katie Mussouris and her company to help and actually has responded to the security findings at least. Shows intent to get better at it.
@siliconshecky I'm not entirely sure what you're trying to argue here, but intent is meaningless without results.
Microsoft's has shown some results but arguably not yet sufficient improvement.
Cisco is one big overpriced garbage fire. They've shown little intent to improve and virtually no results.
Zoom is behaving just like Facebook. Lots if apology, noble intention (at least the appearance of it) but woefully inadequate results. They are not at all proactive, just reactive...
@siliconshecky this is very promising and good news to hear. They are going in the right direction.
But, I would say they still have critical issues that need addressing beneath all these surface level fixes they've released. I still need to be sold on their transparency and trustworthiness as well. As such I will continue to observe but Zoom will continue to be disallowed in my workplace.
Hometown is adapted from Mastodon, a decentralized social network with no ads, no corporate surveillance, and ethical design.