This horrifying Zoom hack will deter you from ever side-chatting again

[MagicSahar]

Quote

Now that we spend so much of our days on Zoom, I think we can all be adult enough to admit: We’ve all side-chatted, saying one thing to the camera, and another on the side. Maybe it was a joke over Gchat at a coworker’s expense. Maybe it was just multitasking some emails. Maybe it was entering a password into another site.

 

It’s a relatively innocuous behavior, but it could come back to bite us. Researchers from the University of Texas at San Antonio and the University of Oklahoma have demonstrated something terrifying: They can read what people are typing during video calls on Zoom, Skype, and Google Hangouts with up to 93% accuracy. What are they analyzing to do so? Not your hands, but your shoulders.

“From a high-level perspective, this is a concern, which obviously has been overlooked for a while,” says University of Texas assistant professor of computer science Murtuza Jadliwala, who led the research, examining what could happen if your video meeting were hacked. “And actually, to be really frank, we didn’t start this work for COVID-19. This took a year. . . . But we started realizing in COVID-19, when everything [is in video chat], the importance of such an attack is amplified.”

The way a hack of this type would work is pretty simple. Anyone with access to your video feed could record it—whether that’s a nefarious stranger who broke into your feed, or someone you know who is part of your meeting. Then they would send that recorded video feed through software, which would analyze when you were typing, and what that typing contains.

Source : https://www.fastcompany.com/90570509/this-horrifying-zoom-hack-will-deter-you-from-ever-side-chatting-again

[mp68terr]

Worth checking the full article on fastcompany and the full paper on arxiv, to read the limitations when outside of the lab settings. Pretty scary though.

[straycat19]

Do you really need to see who you are talking to?  Conference calls are still secure and any graphs or charts can be emailed or ftp'd ahead of time.  Zoom, and similar software, are just a fad, and a dangerous one  if your are interested in security.  This is particularly true in schools where there isn't a large IT department and no security specialists.  Some rural counties I am aware of which have one each of elementary, middle, and high schools for the entire county only have two people in their IT department.  They are using Zoom, but would you trust your child on Zoom, not knowing if the schools were keeping their systems updated and have other security systems in place. You could call it a perverts paradise.

[mp68terr]

3 hours ago, straycat19 said:

Zoom, and similar software, are just a fad, and a dangerous one  if your are interested in security.  This is particularly true in schools where there isn't a large IT department and no security specialists.

There are also big companies with large IT departments and security specialists. It does not avoid breaches.