[Cryptography] NSA security guidelines for videoconferencing

Bill Frantz frantz at pwpconsult.com
Mon May 4 21:35:54 EDT 2020

On 5/4/20 at 7:50 PM, leichter at lrw.com (Jerry Leichter) wrote:

>o Make a list of people who are invited and have the guy at the 
>door only accept *them*.  This is one thing the "waiting room" 
>feature is for - but it's hard to operationalize in an 
>automated fashion without some pre-agreed form of 
>identification - i.e., an on-line identity.  If Microsoft were 
>to implement a Zoom-like system, since they are already in the 
>identity business, they would simply use their own identity 
>system.  (Hey!  Guess what!  They are and do.)  Zoom is 
>crippled here because there simply is no universal identity 
>system out there they could rely on - and they're not about to 
>go out and build one.

Since Zoom usually uses a camera and microphone, for any meeting 
where the moderator knows the invitees, seeing their picture and 
talking with them in the lobby makes a fairly useful and 
effective identification system.

I think building a way to fool this system either requires a 
really good mimic, or a beyond state of the art AI system.

Cheers - Bill

Bill Frantz        | Government is not reason, it is not 
eloquence, it is force; like
408-348-7900       | a fire, a troublesome servant and a fearful 
master. Never for a
www.pwpconsult.com | moment should it be left to irresponsible 
action. Geo Washington

More information about the cryptography mailing list