LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

April 2020

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS April 2020

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Experience with alternative to EL8
From:	David Sommerseth <[log in to unmask]>
Reply To:	David Sommerseth <[log in to unmask]>
Date:	Tue, 7 Apr 2020 21:46:33 +0200
Content-Type:	text/plain
Parts/Attachments:	text/plain (52 lines)

On 06/04/2020 19:56, Brett Viren wrote:
> Yasha Karant <[log in to unmask]> writes:
> 
>> Zoom
> Ignoring the recent news items and that the Zoom client for Ubuntu
> hasn't been updated in forever and that the whole thing is
> proprietary...

And just to give a few of those pointers which gives a bit of overview:

<https://urldefense.proofpoint.com/v2/url?u=https-3A__theintercept.com_2020_04_03_zooms-2Dencryption-2Dis-2Dnot-2Dsuited-2Dfor-2Dsecrets-2Dand-2Dhas-2Dsurprising-2Dlinks-2Dto-2Dchina-2Dresearchers-2Ddiscover_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=QTGgQqp_YQi80bxJpxOdwlvCtljfS_3Tuf4nQV5jeZA&e= >
<https://urldefense.proofpoint.com/v2/url?u=https-3A__citizenlab.ca_2020_04_move-2Dfast-2Droll-2Dyour-2Down-2Dcrypto-2Da-2Dquick-2Dlook-2Dat-2Dthe-2Dconfidentiality-2Dof-2Dzoom-2Dmeetings_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=wkcm7VRzyscuILvgH-0Vv7dEMH1_itkW9s3TOkuZ8zU&e= >
<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.washingtonpost.com_technology_2020_04_03_thousands-2Dzoom-2Dvideo-2Dcalls-2Dleft-2Dexposed-2Dopen-2Dweb_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=6CBG5nNvIPDGKkeo0sPxtDSI07J1pdZJqFM5K1crbAE&e= >

I simply cannot recommend Zoom at any point.  And this is pretty much a nasty
example of how bad proprietary solutions can be and tackle challenges.  They
also sent out a mail to their users recently where they just password enabled
all rooms and enabled "waiting room" for all rooms by default, with no roadmap
of what they want to fix next or that they admit severe issues related to the
non-existing end-to-end encryption (it is client-to-server encryption,
marketed as end-to-end) or that their crypto implementation is just plain
wrong (AES using ECB mode [1]).  I struggle to see how this company can
survive in the longer run unless they do some drastic changes.

[1] <https://urldefense.proofpoint.com/v2/url?u=https-3A__en.wikipedia.org_wiki_Block-5Fcipher-5Fmode-5Fof-5Foperation-23ECB&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=vvNtt4Dql9SfAKVj3t6hpjNQDw7Q1NYwJMi0GZRZz1U&e= >

So if you need a video solution capable of keeping secrets ... don't even
consider Zoom.

As Brett Viren already mentioned, Jitsi Meet [2] is a reasonable alternative,
just as easy to use, open source.  We've used it in my day-work for some time
now, and we have had little issues with it.  There has been a few times where
it was a bit ugly, but those are more seldom incidents.  The Jitsi project is
also sponsored by 8x8 [3], which also has a Jitsi Meet instance [4] running
with more phone dial-in numbers compared to meet.jit.si.  Or if you want to
host Jitsi on your own, there are plenty of ways to do that - all from
installing it yourself [5] or use Docker containers [6].

[2] <https://urldefense.proofpoint.com/v2/url?u=https-3A__meet.jit.si_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=wOsHFawNzWtVw79_3lPEenE-lva4thInXO1V-bX0z6A&e= >
[3] <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.8x8.com_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=kql-mheLgQozWqv035Emi8puS4X8Zhzb-z_wH4sG_iY&e= >
[4] <https://urldefense.proofpoint.com/v2/url?u=https-3A__8x8.vc_&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=TRim6VYknt352GOYWjxaTcBgXNPX-yl4tgIrKA5pePM&e= >
[5] <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jitsi_jitsi-2Dmeet_blob_master_doc_quick-2Dinstall.md&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=uj8ACbT8pZlUt5I4z6YCGGARZMI4lGHh1i1xO0NUWoM&e= >
    <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jitsi_jitsi-2Dmeet_blob_master_doc_manual-2Dinstall.md&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=nNV20VZF_7kP84JdM4A1l7fg2RlK5F0Tti_OV8tmGH4&e= >
[6] <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jitsi_docker-2Djitsi-2Dmeet&d=DwICaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=thdvUJgju_ZAiKpQBZSaAsTWbmpElUjFL0-zUX1qsuI&s=AkG9eeeXWcZXfLjuvfgoIuEz5EDaSpD1T-V5FnWo8JM&e= >



-- 
kind regards,

David Sommerseth

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV