Pages

Thursday, March 26, 2020

Avoiding Zoombombing of Courses & Meetings

The Anderson School's IT group has provided suggestions for keeping Zoom classes and meetings secure from malicious so-called "Zoombombing":

  • To protect against meeting interruptions and to ensure the privacy of your meetings/classes, please enable and require a meeting password for all Zoom sessions. This is a setting available to you as you schedule the meeting.
  • Add an additional level of protection by configuring your meetings to allow only authenticated users to join. This will require all meeting participants to sign-in to their Zoom client first, not just enter the meeting ID. This will require an extra step for your attendees
  • For faculty and classes, we also recommend adding your Zoom class session link directly via CCLE for additional protection.

For examples of Zoombombing:

‘Zoombombing’: When Video Conferences Go Wrong

As its user base rapidly expands, the videoconference app Zoom is seeing a rise in trolling and graphic content.

Taylor Lorenz, March 20, 2020, Updated March 22, 2020, NY Times

Zoom has become the default social platform for millions of people looking to connect with friends, family, students and colleagues while practicing social distancing during the new coronavirus pandemic.

But the trolls of the internet are under quarantine, too, and they’re looking for Zooms to disrupt.

They are jumping into public Zoom calls and using the platform’s screen-sharing feature to project graphic content to unwitting conference participants, forcing hosts to shut down their events.

On Tuesday, Chipotle was forced to end a public Zoom chat that the brand had co-hosted with the musician Lauv after one participant began broadcasting pornography to hundreds of attendees.

“The Zoom meeting app felt like an appropriate place to host Chipotle Together, our new virtual hangout series,” Tressie Lieberman, the vice president of digital at Chipotle, wrote in an email. “We did encounter an unwanted ‘Zoombomb’ during one of our sessions so we moved our latest performances to a different platform.”

Earlier this week, TechCrunch reported that the venture capitalist Hunter Walk and the journalist Casey Newton were forced to shut down their “work from home happy hour” twice this week after getting “Zoombombed,” as these disruptive screen-shares are called.

“Clearly Zoom is being used in ways it was never intended to be, so people are finding ways to make mischief,” said Mr. Newton, who reports on technology for The Verge.

On Friday, the journalists Kara Swisher (a contributing writer for the Opinion section of The New York Times) and Jessica Lessin hosted a Zoom event focused on the challenges women tech founders face. They were forced to abruptly end the event after just 15 minutes of conversation because a participant began broadcasting the shock video “2 Girls 1 Cup.”

“Our video call was just attacked by someone who kept sharing pornography + switching between different user accounts so we could not block them,” Ms. Lessin tweeted, adding that she and Ms. Swisher would reschedule an audio-only version of the event.

On Zoom, there is a default setting that allows any meeting participant to share their screen without permission from an event’s host. Anyone who has a link to a public meeting can join. Links to public Zooms are traded in Facebook Groups and Discord chats, and are easily discoverable on Twitter and public event pages.

“We have been deeply upset to hear about the incidents involving this type of attack. For those hosting large, public group meetings, we strongly encourage hosts to change their settings so that only they can share their screen. For those hosting private meetings, password protections are on by default and we recommend that users keep those protections on to prevent uninvited users from joining,” said a spokesperson for Zoom Video Communications in a statement.

The post included tips for users seeking to “keep the party crashers” out of their videoconferences, including limiting screen-sharing to certain participants and making events invitation-only.

Zoom has seen a sharp rise in use over the past few weeks. On Sunday nearly 600,000 people downloaded the app, its biggest day ever, according to Apptopia, which tracks mobile apps. The company is currently valued at $29 billion.

But the platform was built as an enterprise technology tool, not a consumer social tool. As such, the company was not prepared to moderate user behavior as other social networks do.

“With much broader adoption, abuse and misuse will follow, so Zoom should be getting ready to handle reports and complaints,” Jules Polonetsky, the chief executive of the Future of Privacy Forum, recently told The Times.

Jennifer St Sume, a Ph.D. student in Washington, D.C., said a book club she attended on Thursday night only lasted 30 minutes before someone began blasting graphic content on the screen.

“It makes us all feel pretty helpless in an already unstable time,” she said. “It’s hard to manage how to communicate with other people knowing something like this could happen.”

Zoom has become integral to Ms. St Sume’s school and social life, and she doesn’t think she’ll stop attending classes or happy hours there. But “as we move our physical lives to a digital world,” she said, she hopes the company can crack down on Zoombombers fast.

“If I’m going to be asked to live in Zoom University or Zoom Tavern, then I want to know that it’s secure for everyone,” she said.

Source: https://www.nytimes.com/2020/03/20/style/zoombombing-zoom-trolling.html
===
Life used to be simpler, back in the day:

No comments: