Collaborate Disseminate
Whether it’s distance, pandemics, or both that separate you from your elderly loved ones, what’s the best idea for communicating with them so they don’t suffer from loneliness on top …read more Continue reading Grannophone Helps You Stay In Touch
This is why we need regulation:
Zoom updated its Terms of Service in March, spelling out that the company reserves the right to train AI on user data with no mention of a way to opt out. On Monday, the company said in a blog post that there’s no need to worry about that. Zoom execs swear the company won’t actually train its AI on your video calls without permission, even though the Terms of Service still say it can.
Of course, these are Terms of Service. They can change at any time. Zoom can renege on its promise at any time. There are no rules, only the whims of the company as it tries to maximize its profits…
A recent experiment showed that parrots seem considerably enriched by the ability to video call other parrots. It’s important that the activity be done in a healthy and ethical way, …read more Continue reading It Turns Out Parrots Love Videoconferencing
Okay, it’s an obscure threat. But people are researching it:
Our models and experimental results in a controlled lab setting show it is possible to reconstruct and recognize with over 75 percent accuracy on-screen texts that have heights as small as 10 mm with a 720p webcam.” That corresponds to 28 pt, a font size commonly used for headings and small headlines.
[…]
Being able to read reflected headline-size text isn’t quite the privacy and security problem of being able to read smaller 9 to 12 pt fonts. But this technique is expected to provide access to smaller font sizes as high-resolution webcams become more common…
Continue reading Leaking Screen Information on Zoom Calls through Reflections in Eyeglasses
New research: “Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps“:
Abstract: In the post-pandemic era, video conferencing apps (VCAs) have converted previously private spaces — bedrooms, living rooms, and kitchens — into semi-public extensions of the office. And for the most part, users have accepted these apps in their personal space, without much thought about the permission models that govern the use of their personal data during meetings. While access to a device’s video camera is carefully controlled, little has been done to ensure the same level of privacy for accessing the microphone. In this work, we ask the question: what happens to the microphone data when a user clicks the mute button in a VCA? We first conduct a user study to analyze users’ understanding of the permission model of the mute button. Then, using runtime binary analysis tools, we trace raw audio in many popular VCAs as it traverses the app from the audio driver to the network. We find fragmented policies for dealing with microphone data among VCAs — some continuously monitor the microphone input during mute, and others do so periodically. One app transmits statistics of the audio to its telemetry servers while the app is muted. Using network traffic that we intercept en route to the telemetry server, we implement a proof-of-concept background activity classifier and demonstrate the feasibility of inferring the ongoing background activity during a meeting — cooking, cleaning, typing, etc. We achieved 81.9% macro accuracy on identifying six common background activities using intercepted outgoing telemetry packets when a user is muted…
Continue reading Video Conferencing Apps Sometimes Ignore the Mute Button
The facts aren’t news, but Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user data to Facebook and Google without consent.
The proposed settlement would generally give Zoom users $15 or $25 each and was filed Saturday at US District Court for the Northern District of California. It came nine months after Zoom agreed to security improvements and a “prohibition on privacy and security misrepresentations” in a settlement with the Federal Trade Commission, but the FTC settlement didn’t include compensation for users…
An error in a popular video calling software development kit could have allowed hackers to spy on private video and audio calls through services including eHarmony or Talkspace, according to McAfee research published Wednesday. The flaw, which stems from an encryption error, affected a video-calling software development kit (SDK) developed by Agora.io that is used by dating services such as eHarmony, Plenty of Fish, MeetMe and Skout and medical applications such as Talkspace, Practo and Dr. First’s Backline, according to McAfee. Agora is used by 1.7 billion devices for a whole host of applications used for educational, retail and gaming purposes as well as for other socializing reasons, the company says. The flaw, known as CVE-2020-25605, is accounted for in an update Agora issued in mid-December, according to McAfee. Agora did not immediately respond to a request for comment. McAfee’s Advanced Threat Research team does not have any evidence that the […]
The post Flaw in popular video software Agora could have let eavesdroppers in on private calls appeared first on CyberScoop.
Considering the state of well, everything, we can’t tell you how glad we are to be out of school. That goes double for not being a teacher these days. [Elena] had some awesome light-up tactile buttons set aside for a …read more
Continue reading Zoom Out of the Classroom with a Mushroom Button
More people working from home has had an impact on the cost and availability of USB webcams, so [Jeff Geerling] got around the issue with a DIY solution that rang in around $100. It consists of a Raspberry Pi and HQ camera module acting as a USB webcam, and there …read more
Continue reading USB Webcams Out of Stock? Make One With A Raspberry Pi and HQ Camera Module
Zoom says a key deal earlier this year helped it globally implement an important security feature at a time when the videoconferencing app became a household word. The company said Monday that it was officially rolling out end-to-end encryption (E2EE) for all free and paid users, and it credited the acquisition of messaging and file-sharing service Keybase as a crucial decision toward that milestone. “This has been a highly requested feature from our customers, and we’re excited to make this a reality,” Jason Lee, Zoom’s chief information security officer, said in a statement. “Kudos to our encryption team who joined us from Keybase in May and developed this impressive security feature within just six months.” Zoom announced the upgrade a couple of weeks ago, but said it was live as of Monday for Windows, macOS and Android users. Approval for the feature on iOS was awaiting approval from Apple’s App […]
The post Zoom credits Keybase acquisition with quick turnaround on end-to-end encryption appeared first on CyberScoop.
Continue reading Zoom credits Keybase acquisition with quick turnaround on end-to-end encryption