K.S. Bhaskar via plug on 21 Apr 2020 14:56:11 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Fwd: Zoom bombing

Yes. A friend was on an all-woman Zoom call a couple of weeks ago, when a male voice started speaking. Yhey had set a fallback Zoom call (for use after the 40 free minutes presumably) so they all switched to that and continued their discussion. I think she has now switched to Jitsi – I don't know whether or not she switched, but I was on a Jitsi test call with her.

– Bhaskar

On Tue, Apr 21, 2020 at 4:29 PM Fred Stluka via plug <plug@lists.phillylinux.org> wrote:
Any evidence of snoopers being able to watch/listen without
being listed as an participant?  In Zoom, WebEx, or any other?

Fred Stluka
Bristle Software, Inc.
http://bristle.com              #DontBeATrump #SadLittleDonny


On 4/15/20 7:13 PM, Rich Freeman via plug wrote:
> On Wed, Apr 15, 2020 at 6:19 PM Tim Allen via plug
> <plug@lists.phillylinux.org> wrote:
>> Meeting organizers are re-using the same ids for sequences of meetings, and these meeting ids are being sent, and re-sent through insecure channels
>> This is a really tough one to get around.
> Indeed, at work we use recurring meetings with constant meeting IDs
> using WebEx all the time.  It can be painful to do it otherwise.
> Really though with ANY kind of conferencing solution you should be
> mindful of who is connected to your meetings in general, and
> especially when discussing anything sensitive.  With audio teleconf
> this can be more difficult, but with anything that has a web interface
> it is usually pretty easy to count participants/etc, and when you see
> that "Guest 1" that hasn't said a word you can always do a roll
> call/etc.
> Unless you have unique credentials for every meeting and don't send
> them out far in advance it can be difficult to keep anything like this
> super-secure.  But then again we're not talking about military-grade
> security here.
> Not sure how Zoom works but at least with WebEx meetings can't be
> connected to outside of their scheduled timeslot unless a host has
> connected.  This at least keeps people from using one of your meeting
> IDs as some kind of free conferencing service at random times.  You
> can also do things like lock meetings and take attendance and all that
> stuff, and in general for anything really sensitive you would probably
> have a pretty strict accountability for who is present (either dialed
> in, or in the room with somebody dialed in).

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug