This is how Zoom fixed Zoom bombing

This is how Zoom fixed Zoom bombing


This article is a preview of The Tech Friend newsletter. sign up here to get it in your inbox every Tuesday and Friday.

As Zoom video calls became inevitable in early 2020 due to the pandemic, so did Zoom bombing intrusions.

That year, a virtual student government meeting at the University of Florida and an Atlanta-area high school class were derailed by intruders shouting racial slurs and other hateful material. Harassers crashed Alcoholics Anonymous meetings to troll people who abstained. A Zoom chat hosted by Chipotle was shut down after a participant sent pornography to hundreds of people’s screens.

Fast forward to 2023 — Zoombombing still happens, but security experts say it’s far less prevalent than it was in 2020, and not just because we’re interacting more personally.

Zoom actually helped tame Zoombombing in part by making the product harder for you and online harassers to use. Essentially, the company traded some of your convenience for your safety.

I have tips at the end of this article on how to further strengthen your protection against Zoom bombing. But the point is, you probably don’t either. The company did much of the protection for you.

There is a lesson here. The success in reducing Zoom-bombing shows how the eagerness to make technology a breeze for you comes with trade-offs.

And with more of you worried about the security of your digital accounts, nagging robocalls, or bullying kids online, the taming of Zoom bombing is proof that you don’t have to accept horrible inconveniences as the price of being connected.

Let’s take a look at why the risk of Zoom bombing decreased: Zoom changed. And we did too.

Zoom bombing was possible in the first place largely because of the company’s choice to make video calls easy.

It was easy to organize a virtual meeting or join one, but that feature became a weapon for trolls. Just as you could join your school district’s Zoom meeting with one click, anyone else who saw the meeting link on Twitter and wanted to disrupt it could.

After Zoom was embarrassed by Zoom-bombing headlines and criticized by public officials, the company was forced to change its ways. The company ended one-click easy access to meetings for everyone.

Now before entering a meeting, you must be invited or enter a password set by the host. It is a virtual “waiting room” and you will not be allowed into the call without permission. Or a virtual meeting may allow only people who are logged into a Zoom account with their name and other personal information.

See also  What are Cross Chain Bridges?

These were all the options you could choose on the platform in the Zoom bombing peak of 2020. But now at least one of these security measures is automatic for every Zoom meeting you create or join. Essentially, virtual meetings became safer from intrusion without you having to do anything whatever.

“That’s the right way to do it — we call it ‘secure by default,'” said Chris Evans, chief information security officer at cybersecurity firm HackerOne.

What Zoom did might not sound like a big deal, but it is.

Tech companies love to brag about how they remove “friction,” or erase small obstacles to your using their product. Buying patio furniture for $1000 with one click on Amazon is frictionless. Having to search your email for the password to your Zoom knitting group is friction.

Zoom made the product a little more annoying for you to use to reduce the risk that your knitting group would be bombarded with porn. It’s also a reminder that the built-in settings in our technology really do matter.

Zoom does not declare victory against Zoom bombing. (And the company uses the term “meeting disruption” instead of Zoom-bombing.) But Zoom told me that making everyone jump through multiple hoops made it less attractive to jerks looking for an easy way to be jerks.

Zoombombing is “an opportunistic act of evil,” said Josh Parecki, director of trust and security at Zoom Video Communications.

He warned that the company needs to change its tactics against Zoom bombing as people find new ways to disrupt your meetings. “The one thing I want to make very clear is like spam, meeting disruption will always evolve,” Parecki said.

Zoom also increased the staff responsible for security, began proactively notifying meeting hosts if Zoom believed their meetings were at risk of Zoom bombing, and began offering cash rewards to technology specialists who report security flaws in the product.

But Zoom wasn’t the only one to change – we also became more cautious about video calls.

After his March 2020 meeting on religion and mental health was interrupted by racial slurs, Zahed Amanullah said he and his colleagues changed their behavior.

When he now hosts large Zoom sessions with the Institute for Strategic Dialogue, an organization opposed to extremism and social polarization, participants must register in advance. People are blocked from chime in on online sessions until the question and answer section.

The group also stopped posting the links to their seminars on social media, where it was easy for potential harassers to find. Instead, the social media posts recommend that interested participants contact the organizers privately over WhatsApp for more information, including the Zoom link.

See also  PubMatic releases playbook for APAC mobile app publishers

“We were able to see that there were several steps that we had overlooked for sure,” Amanullah said.

Amanullah essentially stopped Zoom bombing by becoming more suspicious of everyone. It makes sense and also a little sad.

As with spam, robocalling, online bullying and cyber attacks, you can take steps to make yourself less vulnerable to Zoom bombing, but the responsibility cannot be yours alone.

Systemic technology problems are not solved through individual action. That’s what was so powerful about what Zoom did to make meetings more locked down by default. It’s not always easy to fix what you don’t like about technology in your life.

The Zoom experience is also a moment to reflect on how much you are willing to give up for safety and security for yourself and others. There is no simple answer.

For example, how would you feel if your credit card company required you to take an extra step to prove your identity when buying something online? Some countries, including the UK, require this by law for some online purchases. Extra verification reduces fraud, but it’s annoying. Some of your legitimate purchases may be declined or delayed.

Some companies and apps, including pornographic sites and streaming video services, also ask people for identification to keep children out. It is a problem and it is urgent.

In Zoom’s case, giving up some convenience to stop intrusion was a good trade-off. But it is not always so easy to know how much you should give up for the promise of safety and security.

Tips to protect yourself from Zoom bombing:

If you’re hosting a private book club or a work meeting with people you know, you don’t have to worry too much about getting Zoom-bombed.

However, if you have security concerns or are hosting a relatively large and public Zoom event such as a virtual memorial service or neighborhood meeting, try one or more of these additional measures to make your online gathering more secure from intruders:

1. Select the “Activate waiting room” function. This allows you to decide one by one which people are allowed to participate in the Zoom call.

To turn this on, select “Schedule” to schedule a meeting in the future. Under “Security”, turn the switch for “Enable Waiting Room” so that the button is green.

2. Select “Approve or block entry for users from specific countries/regions”. If you’re hosting a neighborhood meeting in Tucson, you might not want people from South Carolina or Brazil to attend.

See also  Chromecast with Google TV HD Review: Raising the Bar

To use this feature, select “Schedule” to schedule a Zoom call in the future. Then select Meeting Options → Advanced Options → Allow or block entry for users from specific countries/regions.

3. Do not post links to Zoom meetings on Facebook, Twitter or other public social media. If possible, use social media only to publish an email address or other contact information for people interested in attending your event. You can vet the prospective attendees and share the event link privately only with them.

4. If someone zombie bombs your meeting, you have two emergency options.

  • “Remove participant” to kick out a person who disrupts your meeting. Depending on how you use Zoom, you can find this feature under the “Security” options at the bottom of the Zoom screen or under More → Security at the bottom of the Zoom smartphone app screen.
  • Or select “suspend participant activities” to put everything on hold until you have a chance to figure out what went wrong. Again, you can find this feature under the “Security” options at the bottom of the Zoom screen or under More → Security at the bottom of the Zoom smartphone app.
  • If you select this option, the meeting will continue, but everyone’s audio and video will be disabled. You have the option to select “suspend and report,” which automatically records details from the Zoom call and, if you choose, sends that information to Zoom to investigate. Once you find out who is interrupting the meeting, you can slowly unlock the participants who are welcome and turn on audio and video individually.
  • You can also select “lock meeting” from the security options to stop more people from joining if your meeting gets too big.

If you’ve been asked to help a friend or relative with a tech problem, Chris Velazco has good news for you.

Most Windows and Mac computers come with built-in and free technology to reach out and take control of someone’s computer to fix problems when you’re not in the same room. It’s convenient! It’s not super easy either.

Chris (and Betty) have recorded a video and Chris has written instructions that walk you through how to use these remote assistance features.

Help Desk reporter Chris Velazco explains how you can use tools in Windows and Apple computers to fix your parent’s or friend’s computer. (Video: Monica Rodman/The Washington Post)

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *