Showing all posts tagged zoom:

Deliver A Better Presentation — 2023 Edition

During the ongoing process of getting back on the road and getting used to meeting people in three dimensions again, I noticed a few presenters struggling with displaying slides on a projector. These skills may have atrophied with remote work, so I thought it was time for a 2023 update to a five-year-old blog post of mine where I shared some tips and tricks for running a seamless presentation.

Two Good Apps

One tip that remains unchanged from 2018 is a super-useful (free) Mac app called Display Menu. Its original purpose was to make it easy to change display resolutions, which is no longer as necessary as it once was, but the app still has a role in giving a one-click way to switch the second display from extended to mirrored. In other words, you see the same on the projector as on your laptop display. You can also do this in Settings > Displays, of course, but Display Menu lives in the menu bar and is much more convenient.

Something else that can happen during presentations is the Mac going to sleep. My original recommendation of Caffeine is no longer with us, but it has been replaced by Amphetamine. As with Display Menu, this is an app that lives in the menu bar, and lets you delay sleep or prevent it entirely. It’s worth noting that entering presenter mode in PowerPoint or Keynote will prevent sleep automatically, but many people like to show their slides in slide sorter view rather than actually presenting1.

Two Good Techniques

If you are using the slide sorter view in order to be able to control your presentation better and jump back and forth, you really need to learn to use Presenter Mode instead. This mode lets you use one screen, typically your laptop's own, as your very own speaker's courtesy monitor, with a thumbnail view of the current and next slides, as well as your presenter notes and a timer. Meanwhile all the audience sees is the current slide, in full screen on the external display. You can also use this mode to jump around in your deck if needed to answer audience questions — but do this sparingly, as it breaks the thread of the presentation.

My original recommendation to set Do Not Disturb while presenting has been superseded by the Focus modes introduced with macOS Monterey. You can still just set Do Not Disturb, but Focus has the added intelligence of preventing notifications only until the end of the current calendar event.2 However, you can also create more specific Focus modes to fit your own requirements.

A Nest Of Cables

The cable situation is much better than it was in 2018. VGA is finally dead, thanks be, and although both HDMI and USB-C are still out there, many laptops have both ports, and even if not, one adapter will cover you. Also, that single adapter is much smaller than a VGA brick! I haven't seen a Barco ClickShare setup in a long time; I think everyone realised they were cool, but more trouble than they were worth. Apple TVs are becoming pretty ubiquitous — but do bear in mind that sharing your screen to them via AirPlay will require getting on some sort of guest wifi, which may be a bit of a fiddle. Zoom and Teams room setups have displaced WebEx almost everywhere, and give the best of both worlds: if you can get online, you can join the room's meeting, and take advantage of screen, camera, and speakers.

Remote Tips

All of those recommendations apply to in-person meetings when you are in the room with your audience. I offered some suggestions in that older piece about remote presentations, but five years ago that was still a pretty niche pursuit. Since 2020, on the other hand, all of us have had to get much better at presenting remotely.

Many of the tips above also apply to remote presentations. Presumably you won't need to struggle with cables in your own (home) office, but on the other hand you will need to get set up with several different conferencing apps. Zoom and Teams are duking it out for ownership of this market, with Google Meet or whatever it's called this week a distant third. WebEx and Amazon Chime are nowhere unless you are dealing with Cisco or Amazon respectively, or maybe one of their strategic customers or suppliers. The last few years have seen an amazing fall from grace for WebEx in particular.

Get Zoom and Teams at least set up ahead of time, and if possible do a test meeting to make sure they are using the right audio and video devices and so on. Teams in particular is finicky with external webcams, so be ready to use your built-in webcam instead. If you haven't used one of these tools before and you are on macOS Monterey, remember that you will need to grant it access to the screen before you can share anything — and when you do that, you will need to restart the app, dropping out of whatever meeting you are in. This is obviously disruptive, so get this setup taken care of beforehand if at all possible.

Can You See Me Now?

On the topic of remote meetings, get an external webcam, and set it up above a big external monitor — as big as you can accomodate in your workspace and budget. The webcam in your laptop is rubbish, and you can't angle it independently from the display, so one or the other will always be wrong — or quite possibly both.

Your Mac can also now use your iPhone as a webcam. This feature, called Continuity Camera, may or may not be useful to you, depending on whether you have somewhere to put your phone so that it has a good view of you — but it is a far better camera than what is in your MacBook's lid, so it's worth at least thinking about.

I Can See You

Any recent MacBook screen is very much not rubbish, on the other hand, but it is small, and once again, hard to position right. An external display is going to be much more ergonomic, and should be paired with an external keyboard and mouse. We all spend a lot of time in front of our computers, so it's worth investing in our setups.

Apart from the benefits of better ergonomics when working alone, two separate displays also help with running remote presentations, because you can set one to be your presenter screen and share the other with your audience. You can also put your audience's faces on the screen below the webcam, so that you can look "at" them while talking. Setting things up this way also prevents you from reading your slides — but you weren't doing that anyway, right? Right?

I hope some of these tips are helpful. I will try to remember to share another update in another five years, and see where we are then (hint: not the Metaverse). None of the links above was sponsored, by the way — but if anyone has a tool that they would like me to check out, I'm available!


🖼️ Photos by Charles Deluvio and ConvertKit on Unsplash; Continuity Camera image from Apple.


  1. Yeah, I have no idea either. 

  2. This cleverness can backfire if your meeting overruns, though, and all those backed-up notifications all hit your screen at once. DING-DING-DING-DING-DING! 

Draining The Moat

Zoom is in a bit of a post-pandemic slump, describing its own Q2FY23 results as "disappointing and below our expectations". This is quite a drop for a company that at one point was more valuable than ExxonMobil. Zoom does not disclose the total number of users, only "enterprise users", of which there are 204,100. "Enterprise users" are defined in a footnote to the slides from those Q2FY23 results as "customers who have been engaged by Zoom’s direct sales team, channel partners, or independent software vendor (ISV) partners." Given that Zoom only claims 3,116 customers contributing >$100k in revenue over the previous year, that is hardly a favourable comparison with Cisco's claim of six million users of WebEx Calling in March 2022.

As I wrote in The Thing With Zoom, Zoom's original USP was similar to WebEx's, namely the lowest time-to-meeting with people outside company. As a sales person, how quickly can I get my prospect in the meeting and looking at my presentation? Zoom excelled at this metric, although they did cut a number of corners to get there. In particular, their software would stick around even after users thought they had uninstalled it, just in case they ever needed it again in the future.

Over the past year or two, though, Teams usage has absolutely taken off. At the beginning the user experience was very rough, even by Microsoft standards, confusing users with the transition from its previous bandwagon-jumping branding as Skype for Business. Joining a Teams meeting as an outsider to the Teams-using organisation was (and largely still is) a mess, with the client failing to connect as often as not, or leaving meeting invitees in a loop of failed authentication, stuck between a web client and a native client, neither of which is working.

And yet, Teams is still winning in the market. Why?

There is more to this situation than just Microsoft's strength in enterprise sales. Certainly, Microsoft did not get distracted trying to cater to Zoom cocktails or whatever, not least because nobody in their right mind would ever try to party over Teams, but also for the very pragmatic and Microsoftian move that those users don't pay.

Teams is not trying to play Zoom and WebEx at their own game. Microsoft doesn't care about people outside their client organisations. Instead, Microsoft Teams focuses on offering the richest possible meeting experience to people inside those organisations.

I didn't fully appreciate this distinction, since throughout this transition I was working for companies that used the standard hipster tech stack of Slack, Google Docs, and Zoom. What changed my understanding was doing some work with a couple of organisations that had standardised on Teams. Having the text chat, video call, and documents all in one place was wonderfully seamless, and felt native in a way that Google's inevitable attempt to shoehorn Hangouts into a Google Docs sidebar or comment thread never could.

This all-in-one approach was already calculated to appeal to enterprises who like simplicity in their tech stack — and in the associated procurement processes. Pay for an Office 365 license for everybody, done. Teams would probably have won out anyway just on that basis, but the trend was enormously accelerated by the very factor everyone assumed would favour Zoom: remote work.

While everyone was focusing on Zoom dating, Zoom board games, Zoom play dates, and whatever else, something different was happening. Sales people were continuing to meet with their customers over Zoom/WebEx/whatever, but in addition to that, all of the intra-company meetings were also flipping online. This transition lead to an explosion in the ratio of internal video meetings to outside-facing ones, changing the priority from "how quickly can I get the other people in here, especially if they haven't got the meeting client installed" to "everyone has the client installed, how productive can we be in the meeting".

As the ratio of outside video meetings to inside meetings flips, Zoom's moat gets filled in

Zoom could not compete on that metric. All Zoom could do was facilitate someone sharing their screen, just like twenty years ago. Maybe what was being shared was a Google Doc, and the other people in the meeting were collaborating in the doc — but then what was Zoom's contribution? Attempts to get people to use built-in chat features or whiteboarding never took off; people used their Slack for chatting, and I never saw anyone use the whiteboard feature in anger.

Once an organisation had more internal remote video meetings than outside-facing ones, these differences became glaring deficiencies in Zoom compared to Teams.1

Zoom squandered the boost that the pandemic gave them. Ultimately, video chat is a feature, not a product, and Zoom will either wither away, or get bought and folded into an actual product.


🖼️ Photos by Chris Montgomery and Christina @wocintech.chat on Unsplash


  1. The same factors are also driving a slight resurgence in Hangouts, based on my anecdotal experience, although Google does not disclose clear numbers. If you're already living in Google Docs, why not just use Hangouts? (Because it's awful UX, but since when did that stop Google or even slow them down?) 

The Thing With Zoom

Zoom was having an excellent quarantine — until it wasn’t.

This morning’s news is from Bloomberg: Zoom Sued for Fraud Over Privacy, Security Flaws. But how did we get here?

Here is what’s interesting about the Thing with Zoom: it’s an excellent example of a company getting it mostly right for its stated aims and chosen target market — and still getting tripped up by changing conditions.

To recap, very quickly: with everybody suddenly stuck home and forbidden to go to the office, there was an equally sudden explosion in video calling — first for purely professional reasons, but quickly spreading to virtual happy hours, remote karaoke, video play dates, and the like. Zoom was the major beneficiary of this growth, with daily active users going from 10 million to over 200 million in 3 months.

One of the major factors that enabled this explosive growth in users is that Zoom has always placed a premium on ease of use — some would argue, at the expense of other important aspects, such as the security and privacy of its users.

There is almost always some tension between security and usability. Security features generally involve checking, validating, and confirming that a user is entitled to perform some action, and asking them for permission to take it. Zoom generally took the approach of not asking users questions which might confuse them, and removing as much friction as possible from the process of getting users into a video call — which is, after all, the goal of its enterprise customers.

Doing The Right Thing — Wrong

I cannot emphasise enough that this focus on ease of use is what made Zoom successful. I think I have used every alternative, from the big names like WebEx (even before its acquisition by Cisco!), to would-be contenders like whatever Google’s thing is called this week, to has-beens like Skype, to also-rans like BlueJeans. The key use case for me and for Zoom’s other corporate customers is, if I send one of my prospects a link to a video call, how quickly can they show up in my call so that I can start my demo? Zoom absolutely blew away the competition at this one crucial task.

Arguably, Zoom pushed their search for ease of use a bit too far. On macOS, if you click on a link to a Zoom chat, a Safari window will open and ask you whether you want to run Zoom. This one click is the only interaction that is needed, especially if you already have Zoom installed, but it was apparently still too much — so Zoom actually started bundling a hidden web server with their application, purely so that they could bypass this alert.

Sneaking a web server onto users’ systems was bad enough, but worse was to come. First of all, Zoom’s uninstall routine did not remove the web server, and it was capable of reinstalling the Zoom client without user interaction. But what got the headlines was the vulnerability that this combination enabled: a malicious website could join visitors to a Zoom conference, and since most people had their webcam on by default, active video would leak to the attacker.

This behaviour was so bad that Apple actually took the unprecedented step of issuing an operating system patch to shut Zoom down.

Problem solved?

This hidden-web-server saga was a preview run for what we are seeing now. Zoom had over-indexed on its customers, namely large corporations who were trying to reach their own customers. The issue with being forcibly and invisibly joined to a Zoom video conference simply by visiting a malicious web server did not affect those customers – but it did affect Zoom’s users.

The distinction is one that is crucial in the world of enterprise software procurement, where the person who signs the cheque is rarely the one who will be using the tool. Because of this disconnect, vendors by and large optimise for that economic buyer’s requirements first, and only later (if at all) on the actual users’ needs.

With everyone locked up at home, usage of Zoom exploded. People with corporate accounts used them in the evening to keep up with their social lives, and many more signed up for the newly-expanded free tier. This new attention brought new scrutiny, and from a different angle from what Zoom was used to or prepared for.

For instance, it came to light that the embedded code that let users log in to Zoom on iOS with their Facebook credentials was leaking data to Facebook even for users without a Facebook account. Arguably, Zoom had not done anything wrong here; as far as I can tell, the leakage was due to Facebook’s standard SDK grabbing more data than it was supposed to have, in a move that is depressingly predictable coming from Facebook.

In a normal circumstance, Zoom could have apologised, explained that they had moved too quickly to enable a consumer feature that was outside their usual comfort zone without understanding all the implications, and moved on. However, because of the earlier hidden-web-server debacle, there was no goodwill for this sort of move. Zoom did act quickly to remove the offending Facebook code, but worse was to come.

Less than a week later, another story broke, claiming that Zoom is Leaking Peoples' Email Addresses and Photos to Strangers. Here is where the story gets really instructive.

Uh oh, it looks like your embed code is broken.

This "leak" is due to the sort of strategy tax that was almost inevitable in hindsight. Basically, Zoom added a convenience feature for its enterprise customers, called Company Directory, which assumes that anyone sharing the same domain in their email address works for the same company. In line with their guiding principle of building a simple and friction-free user experience, this assumption makes it easier to schedule meetings with one’s colleagues.

The problem only arose when people started joining en masse from their personal email accounts. Zoom had excluded the big email providers, so that people would not find themselves with millions of "colleagues" just because they had all signed up with Gmail accounts. However, they had not made an exhaustive list of all email providers, and so users found themselves with "colleagues" who simply happened to be customers of the same ISP or email provider. The story mentioned Dutch ISPs like xs4all.nl, dds.nl, and quicknet.nl, but the same issue would presumably apply to all small regional ISPs and niche email providers.

Ordinarily, this sort of "privacy leak" is a storm in a teacup; it’s no worse than a newsletter where all the names are in the To: line instead of being in Bcc:. However, by this point Zoom was in the full glare of public attention, and the story blew up even in the mainstream press, outside of the insular tech world.

Now What?

Zoom’s CEO, Eric Yuan, issued a pretty comprehensive apology. I will quote the key paragraphs below:

First, some background: our platform was built primarily for enterprise customers – large institutions with full IT support. These range from the world’s largest financial services companies to leading telecommunications providers, government agencies, universities, healthcare organizations, and telemedicine practices. Thousands of enterprises around the world have done exhaustive security reviews of our user, network, and data center layers and confidently selected Zoom for complete deployment.

However, we did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home. We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived.

These new, mostly consumer use cases have helped us uncover unforeseen issues with our platform. Dedicated journalists and security researchers have also helped to identify pre-existing ones. We appreciate the scrutiny and questions we have been getting – about how the service works, about our infrastructure and capacity, and about our privacy and security policies. These are the questions that will make Zoom better, both as a company and for all its users.

We take them extremely seriously. We are looking into each and every one of them and addressing them as expeditiously as we can. We are committed to learning from them and doing better in the future.

It’s too early to say what the long-term consequences for Zoom will be, but this is a good apology, and a reasonable set of early moves by the company to repair its public image. To be clear, the company still has a long way to go, and to succeed, it will need to rebalance its exclusive focus on usability to be much more considerate of privacy and security.

For instance, there were a couple of zero-days bugs found in the macOS client (since patched in Version 4.6.9) which would have allowed for privilege escalation. These particular flaws cannot be remotely exploited, so they would require would-be attackers to have access to the operating system already, but it’s still far from ideal. In particular, one of these bugs took advantage of some shortcuts that Zoom had taken in its installer, once again in the name of ease-of-use.

Installers on macOS have the option of running a "preflight" check, where they verify all their prerequisites are met. After this step, they will request confirmation from the user before running the installer proper. Zoom’s installer actually completed all its work in this preflight step, including specifically running a script with root (administrator) privileges. This script could be replaced by an attacker, whose malicious script would then be run with those same elevated privileges.

Personally I hope that Zoom figures out a way to resolve this situation. The user experience is very pleasant (even after installation!), and given that I work from home all the time — not just in quarantine — Zoom is a key part of my work environment.

Lessons To Learn

1: Pivoting is hard

Regardless of the outcome for Zoom, though, this is a cautionary tale in corporate life and communications. Zoom was doing everything right for its previous situation, but this exclusive focus made it difficult to react to changes in that situation. The pivot from corporate enterprise users to much larger numbers of personal users is an opportunity for Zoom if they can monetise this vastly expanded user base, but it also exposes them to a much-changed environment. Corporate users are more predictable in their environments and routines, and in the way they interact with apps and services. Home users will do all sorts of unexpected things and come from unexpected places, exposing many more edge cases in developers’ assumptions.

Companies should not assume that they can easily "pivot" to a whole new user population, even one that is attractively larger and more promising of profits, without making corresponding changes to core assumptions about how they go to market.

2: A good reputation once lost is hard to regain

A big part of Zoom’s problem right now is that they had squandered their earlier goodwill with techies when they hid a web server on their machines. Without that earlier situation, they might have been able to point out that many of the current problems are on the level of tempests in teacups — bugs to be sure, which need to be fixed, but hardly existential PROBLEMS.

As it happened, though, the Internet hive mind was all primed to think the worst of Zoom, and indeed actively went looking for issues once Zoom was in the glare of the spotlight. In this situation, there is not much to be done in the short term, apart from what Zoom actually did: apologise profusely, promise not to do it again, and attempt to weather the storm.

One move I have not yet seen them make which would be very powerful would be to hire a well-known security expert with a reputation for impartiality. One part of their job would be to act as figurehead and lightning conductor for the company’s security efforts, but an equally important part would be as internal naysayer: the VP of Nope, someone able to say a firm NO to bad ideas. Hiding a web server? Bad idea. Shortcutting the installer? Bad idea. Assuming everyone with an email address not on a very short list of mega-providers is a colleague of everyone else with the same email domain? Bad idea.


UPDATE: Showing how amazingly prescient this recommendation was, shortly after I published this post, Alex Stamos announced that he was joining Zoom to help them "build up their security program":

Uhoh, This content has sprouted legs and trotted off.

Alex Stamos is of course the ex-CSO at Facebook, who since departing FB has made something of a name for himself by commenting publicly about security and privacy issues. As such, he’s pretty much the perfect hire: high public profile, known as an impartial expert, and deeply experienced specifically in end-user security issues, not just the sort of enterprise aspects which Zoom had previously been focusing on.

I will be watching his and Zoom’s next moves with interest.


3: Bottom line: build good products

Most companies need to review both security and usability — but it’s probably worth noting that a good product is the best way of saving yourself. Even in a post-debacle roundup of would-be alternatives to Zoom, Zoom still came out ahead, despite being penalised for its security woes. They still have the best product, and, yes, the one that is easiest to use.

But if you get the other two factors right, you, your good product, and your long-suffering comms team will all have an easier life.


🖼️ Photos by Allie Smith on Unsplash