[bretpiatt]

Except waiting rooms have a separate security problem https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto...

HN thread https://news.ycombinator.com/item?id=22768494

[detaro]

So attackers have now ~24 hours to exploit this unpublished security issue before the second stage, required passwords, becomes active.

[prophesi]

Hopefully passwords are implemented in a way to slow down brute-forcing. I guarantee the majority of them will be a simple word or number sequence.

[kerng]

Thanks for highlighting this, i totally missed that there is waiting room security issue pending disclosure.

[gnicholas]

TLDR: there’s a security issue that has been identified with regard to waiting rooms, and it has been reported to zoom. No further details will be provided until it’s fixed.