[LINK] Jitsi in the time of COVID-19

Roger Clarke Roger.Clarke at xamax.com.au
Sat Apr 4 17:27:02 AEDT 2020


G'day Marghanita, all

Responding only to this bit:

On 4/4/20 2:59 pm, Marghanita da Cruz wrote:
> Roger, I would love to hear your thoughts on privacy in this new world
> of videos links by whatever means works.

The insecurity features, such as the capability to sneak harmful links 
into chat sessions in Zoom, are small beer compared with the big issues, 
all of which are of long standing.

It's a long time since I've thought about this particular pickle, but 
some quick thoughts are:

(1)  Indefinite Login

Many service-providers force you to login.

Many make it non-obvious that you're logged in, and make it hard to 
logout, resulting in many people remaining unwittingly logged in for 
long periods, in many cases indefinitely.

Some service-providers take advantage of that to gather more data, on an 
ongoing basis.

(2)  Remote Webcam Operation

I haven't checked on this in recent years, but it was at one stage far 
too easy for software developers to get access to the on/off switch.

(3)  Indefinite Webcam Operation

Even if the device provides visual notification that the camera is 
oeprational, and the developer hasn't found a way to subvert that 
feature, only a small proportion of users notice it and appreciate what 
it means.  And even fewer know how to turn the camera off.

(4)  Indefinite Audio Operation

Audio may in some cases be implied by Video operation, and even where 
it's separately controlled, developers may have access to the levers.

(5)  Non-Granular Permissions / Bundled Consent

Many applications and services are take-it-or-leave-it offers.
'Yes, I'd like to have access to <list of attractive-sounding features>' 
may well, according to the semi-hidden Terms of Service, mean 'Yes, do 
what you like with my machine', including turning on video and audio.


I've *not* done any reviews of the current status of camera and mike 
controls, access to them, etc.  But the trustworthiness of 
service-providers has got worse over time, so assume that your 
service-provider is using every vulnerability they can find.


[Declaration:  I use Zoom, and have for some time, for two Boards I'm 
on, and I'm experimenting with it as a capture tool for lectures and 
slides.  (It's not looking too good for that purpose though).

[Sometimes I click into and out of a meeting as guest, and I generally 
operate with my camera off, and audio muted except when needed.  When I 
operate from my account, I login when I need it, and logout when I'm 
finished.  All use of IT is a risk-management exercise.

[In business contexts, I regard video as a 90% waste of bandwidth.  I 
took part in my first video-conference in 1972, my next in the early 
1990s, and sporadically thereafter.  I agree that a brief video-session 
prior to a meeting starting can be valuable, both when there are people 
you know, and when there are people you don't (but for different 
reasons).  Thereafter the information-content of the screen is almost 
zero, and continuing in audio-tele-conference mode is fine.

[Grandparental use is a different 'value-proposition', of course.]


Why I cover my iPhone and laptop camera and why you should too
Ben Grubb
December 20, 2013
https://www.theage.com.au/technology/why-i-cover-my-iphone-and-laptop-camera-and-why-you-should-too-20131220-2zp59.html

____________

On 4/4/20 2:59 pm, Marghanita da Cruz wrote:
> Hi All,
> 
> just to elaborate - because my laptop was closed with an external 
> monitor no picture was recorded or transmitted.
> 
> A warning - video conferencing is  real issue with accidentally leaving 
> microphones and cameras on. I was just checking out the software - 
> didn't expect to end up in a chat!
> 
> It turned out we were both there because of interest in open source 
> software and video...http://ramin.com.au/linux/
> 
> Same would apply to facetime, skype and zoom.
> 
> Roger, I would love to hear your thoughts on privacy in this new world 
> of videos links by whatever means works.
> 
> 
> M
> 
> On 4/4/20 12:57 pm, Marghanita da Cruz wrote:
>> Following up on Glen's recommendation of open source Jitsi, I came 
>> across *https://meet.jit.si/*
>>
>> *Entering "Chat" I had a brief conversation with someone in 
>> Scotland... luckily had my laptop closed at the time.*
>>
>> *M
>> *
>>


-- 
Roger Clarke                            mailto:Roger.Clarke at xamax.com.au
T: +61 2 6288 6916   http://www.xamax.com.au  http://www.rogerclarke.com

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Visiting Professor in the Faculty of Law            University of N.S.W.
Visiting Professor in Computer Science    Australian National University



More information about the Link mailing list