‘Zoombombing’: When Video Conferences Go Wrong

Zoom has become the default social platform for millions of people looking to connect with friends, family, students and colleagues while practicing social distancing during the new coronavirus pandemic.

But the trolls of the internet are under quarantine, too, and they’re looking for Zooms to disrupt.

They are jumping into public Zoom calls and using the platform’s screen-sharing feature to project graphic content to unwitting conference participants, forcing hosts to shut down their events.

On Tuesday, Chipotle was forced to end a public Zoom chat that the brand had co-hosted with the musician Lauv after one participant began broadcasting pornography to hundreds of attendees.

“The Zoom meeting app felt like an appropriate place to host Chipotle Together, our new virtual hangout series,” Tressie Lieberman, the vice president of digital at Chipotle, wrote in an email. “We did encounter an unwanted ‘Zoombomb’ during one of our sessions so we moved our latest performances to a different platform.”

On Zoom, there is a default setting that allows any meeting participant to share their screen without permission from an event’s host. Anyone who has a link to a public meeting can join. Links to public Zooms are traded in Facebook Groups and Discord chats, and are easily discoverable on Twitter and public event pages.

“We have been deeply upset to hear about the incidents involving this type of attack. For those hosting large, public group meetings, we strongly encourage hosts to change their settings so that only they can share their screen. For those hosting private meetings, password protections are on by default and we recommend that users keep those protections on to prevent uninvited users from joining,” said a spokesperson for Zoom Video Communications in a statement.

The post included tips for users seeking to “keep the party crashers” out of their videoconferences, including limiting screen-sharing to certain participants and making events invitation-only.

Zoom has seen a sharp rise in use over the past few weeks. On Sunday nearly 600,000 people downloaded the app, its biggest day ever, according to Apptopia, which tracks mobile apps. The company is currently valued at $29 billion.

But the platform was built as an enterprise technology tool, not a consumer social tool. As such, the company was not prepared to moderate user behavior as other social networks do.

“With much broader adoption, abuse and misuse will follow, so Zoom should be getting ready to handle reports and complaints,” Jules Polonetsky, the chief executive of the Future of Privacy Forum, recently told The Times.

Jennifer St Sume, a Ph.D. student in Washington, D.C., said a book club she attended on Thursday night only lasted 30 minutes before someone began blasting graphic content on the screen.

“It makes us all feel pretty helpless in an already unstable time,” she said. “It’s hard to manage how to communicate with other people knowing something like this could happen.”

Zoom has become integral to Ms. St Sume’s school and social life, and she doesn’t think she’ll stop attending classes or happy hours there. But “as we move our physical lives to a digital world,” she said, she hopes the company can crack down on Zoombombers fast.

“If I’m going to be asked to live in Zoom University or Zoom Tavern, then I want to know that it’s secure for everyone,” she said.

source: nytimes.com