[throwitaway1123]

> You're at risk of a data breach the moment you connect your computer to the Internet [...] If you have zero tolerance for a data breach you should delete the data so no one including you may access it.

To reason by analogy, this is like me suggesting you wear a seatbelt while driving a car and you responding by saying: "well you're at risk the moment you step outside of your house, so if you really have no tolerance for injury you should simply not leave the house". You're saying instead of opening Zoom in the browser I should delete all personal data from my computer, and for what end? I'm doing this so that I can attend virtual dance parties efficiently? I don't understand how any rational cost benefit analysis could yield such a conclusion.

> "would I prefer to open myself up to attack, or would I prefer not to deliver this message at all?"

This is absolutely a false dichotomy. The choice isn't between sending data and not sending data, the choice is between sending data in the browser vs sending the same data within a desktop application.

> You need to do a complete threat model and explain how Zoom contributes to that risk,

The Zoom desktop clients have had RCE vulnerabilities where hackers were able to remotely execute arbitrary code on victims computers with zero user input required from the victims (they demonstrated this by remotely opening the calculator app). It's very obvious how Zoom contributes to that risk. "A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. The researchers from Computest demonstrated a three-bug attack chain that caused an RCE on a target machine, and all without any form of user interaction [...] an animation of the attack in action demonstrates how an attacker was able to open the calculator program of a machine running Zoom following its exploit. As noted by Malwarebytes, the attack works on both Windows and Mac versions of Zoom [...] The browser version of the videoconferencing software is not impacted." [1]

> Practically speaking I have conversations in public places all the time and I don't stress about the possibility that someone might be recording me with a parabolic microphone.

Do you yell out your bank account number and routing number in public because you think the user experience of finding a private place to talk is too burdensome? Because that's metaphorically what you're arguing for.

[1] https://it.slashdot.org/story/21/04/09/209227/critical-zoom-...

[lukeschlather]

> The Zoom desktop clients have had RCE vulnerabilities where hackers were able to remotely execute arbitrary code on victims computers with zero user input required from the victims

There have been RCE vulnerabilities in browsers too. Do you have an example of a Zoom RCE vulnerability that wasn't fixed? The example you gave was one where Zoom was proactively publicizing their own work to recruit researchers to find vulnerabilities so they could be fixed before they caused actual issues - and Zoom fixed the issue, you're using Zoom's good behavior in security testing their app against them.

> Do you yell out your bank account number and routing number in public because you think the user experience of finding a private place to talk is too burdensome? Because that's metaphorically what you're arguing for.

No it's not, I wouldn't transmit my bank account number and routing number or similarly sensitive information over Zoom.

> This is absolutely a false dichotomy. The choice isn't between sending data and not sending data, the choice is between sending data in the browser vs sending the same data within a desktop application.

The choice is in fact between sending data and not sending data. I've given you one example (the limited number of simultaneous streams) where you're opting not to send data. You're just pretending that use case is invalid. There are other examples I could give, but they require more explanation and you seem determined to dismiss any examples I give.

[throwitaway1123]

> There have been RCE vulnerabilities in browsers too.

We're not comparing the security of web browsers as a whole to the security of the Zoom desktop client, we're comparing the security of the Zoom web app to the security of the Zoom desktop app. Can you find a single example of an exploit that allowed a hacker to execute arbitrary code on a user's computer after visiting zoom.com (even one that was eventually fixed)?

And also, almost all computer users are running web browsers (they come preinstalled on most consumer operating systems). So by downloading Zoom you're adding an additional threat vector on top of whatever threat your favorite browser already represents.

> The example you gave was one where Zoom was proactively publicizing their own work to recruit researchers to find vulnerabilities so they could be fixed before they caused actual issues - and Zoom fixed the issue, you're using Zoom's good behavior in security testing their app against them.

Every reputable organization has a bug bounty program (including browser vendors). You don't get a participation trophy for having a bug bounty program. You're missing the entire point which is that Zoom offered $200,000 to security researchers to find a vulnerability in their products and both of their desktop clients produced critical vulnerabilities yet the browser version did not. Which I would infer means that the browser version is more secure. Once again, do you have any examples of Zoom exploits in the browser?

Zoom can't keep producing vulnerabilities and getting a pass because they eventually fix them. This exploit's existence was publicized before Zoom fixed it. What if it was sold on the dark web and exploited in the interim?

> No it's not, I wouldn't transmit my bank account number and routing number or similarly sensitive information over Zoom.

People are absolutely transmitting critical information via Zoom. Courts literally use Zoom to remotely administer proceedings. I've heard of companies that ask employees to hold up sensitive documents in front of the camera to verify their identity. Hiding your head in the sand and saying "just don't send sensitive info via Zoom" is disingenuous at best. And even if you did buy in to the "just don't send sensitive data bro" argument it doesn't matter because an RCE exploit could potentially expose information that you never transmitted via Zoom that just happens to be sitting on your filesystem.

> The choice is in fact between sending data and not sending data. I've given you one example (the limited number of simultaneous streams) where you're opting not to send data.

The overwhelming majority of your examples have been cases where you've begrudgingly admitted that there's a way to accomplish your goal in the browser, albeit less efficiently. You started this conversation by admitting that you can share your screen in the browser, but doing so via the desktop app saved you a few minutes. I haven't found any published documentation from Zoom in regards to the streaming limit and I'm not willing to call up 49 other people to test this for an HN debate, but like I said, the vast majority of users can fulfill their needs in the browser. The average Zoom user is not hosting digital raves. I couldn't even imagine wanting to have 50 videos playing on my screen vying for attention. And again, there's no technical reason for why you couldn't implement 50 streaming videos in the browser. Maybe Zoom should spend that $200,000 improving their browser product.

[lukeschlather]

Efficiency is very important. The whole point of using a video app is to communicate things you can't communicate as quickly without video. It would be much safer just to use text, even voice would be significantly safer.

And again, this is about messages simply being undeliverable without the native app. If the web app takes an extra 5 seconds to join the meeting (I think it can actually be worse than this in a lot of cases - minutes lost) and I've just reached the meeting at 2pm and the meeting starts promptly at 2pm, and the native app causes me to miss 5 minutes of the intro... what is the cost there? I think in a lot of cases it can erase the benefits of video.

Courts are famously overloaded. If a court can get through 10 cases over a 4 hour session, each taking 24 minutes, and if each case loses 5 minutes of time due to using the browser app, then that's two whole cases worth of time they've lost. And it's not just about being able to handle a larger caseload: in a lot of cases inefficient communication results in incorrect communication and incorrect decisions.

Broadly though, you're taking it for granted that it's easier to make a browser app efficient than it is to make a native app secure. I'd actually wager there's a ceiling to how efficient you can make a browser app, and you can make the native app at least as secure as the browser app while also making it more efficient. Zoom has the money, they don't need to cheap out and do the browser app, and they shouldn't because efficient communication is a matter of life and death and their whole reason for being. Yes, it should be secure, but you can't just dismiss efficiency, being inefficient can cause security problems and it is often a matter of life and death.

> And again, there's no technical reason for why you couldn't implement 50 streaming videos in the browser.

Their docs specify that there are minimum system requirements for doing 50 rather than 25. This is an efficiency problem at the end of the day - the browser app is less efficient and can't handle as much info at a time with the same hardware.

[throwitaway1123]

> The whole point of using a video app is to communicate things you can't communicate as quickly without video.

The 'whole point' of a visual medium is not just to communicate ideas more quickly. Having eyeballs does not merely grant me a speed boost, it allows me to experience things that are simply ineffable otherwise. People didn't Zoom/Facetime their family members during the pandemic just because it was more efficient than texting them.

> And again, this is about messages simply being undeliverable without the native app. If the web app takes an extra 5 seconds to join the meeting

You're misusing the word undeliverable. Undeliverable means 'can not be delivered', not 'delivered 5 seconds later'.

> Zoom has the money, they don't need to cheap out and do the browser app

They're already doing the browser app. I'm saying they should do it well.

> Their docs specify that there are minimum system requirements for doing 50 rather than 25. This is an efficiency problem at the end of the day - the browser app is less efficient and can't handle as much info at a time with the same hardware.

You originally claimed that there was a hard limit to the number of simultaneous video streams that the browser version could handle, and that this was the difference between sending a message and not sending a message, and now you're walking that point back and saying that the browser version can't do it with the same hardware. So you're tacitly admitting that you were originally presenting a false dichotomy.

> being inefficient can cause security problems

There are multiple confirmed security flaws in the desktop Zoom apps (which you claim are more efficient), and your conclusion is "inefficient = insecure"? If anything, the opposite appears to be true according to your own claims.

> I'd actually wager there's a ceiling to how efficient you can make a browser app, and you can make the native app at least as secure as the browser app

Zoom themselves wagered $200,000, and the result was a critical RCE vulnerability in their desktop clients, and nothing in the browser version. But keep postulating with hypotheticals and ignore objective reality.

> if each case loses 5 minutes of time due to using the browser app [...] because efficient communication is a matter of life and death

First of all you've been throwing around this '5 minute' figure throughout this discussion, but there's simply nothing to substantiate it. Your entire argument hinges on this flimsy point derived from anecdotal evidence. I've never spent 5 minutes trying to set up Zoom in the browser. I predicted several days ago that this discussion would degenerate into anecdote trading, and here we are.

Second of all, if I were dealing with a serious court case then one of my primary concerns would be maintaining confidentiality. You completely ignored the entire point of my court example which was to illustrate the fact that security has serious implications, and you can't simply wave them off by saying "I wouldn't transmit personal information via Zoom". You're trying as hard as you can to avoid the most important aspect of using Zoom in court: security. Instead you wrote a thinkpiece about Zoom hypothetically taking 5 minutes to load. Imagine being a witness in a high profile case, on the brink of going into the witness protection program, with your literal life on the line, only to find out that your private information was leaked because someone didn't like the UX of the Zoom web app. And you have the gall to claim that bad UX is a matter of life and death. Are you being serious here?

You yourself said "I wouldn't transmit my bank account number and routing number or similarly sensitive information over Zoom", and yet you want the Zoom desktop app to be used in courts? That makes absolutely zero sense. Do you not believe courts deal with sensitive information?