As the COVID-19 pandemic has forced schools, colleges, and businesses to limit in-person meetings, the world quickly adopted video conferencing from services such as Zoom and Google Meet. That, in turn, gave way to “zoombombing,” the term for when Internet trolls join online meetings with the goal of disrupting them and harassing their participants. Meeting services have adopted a variety of countermeasures, but a new research paper finds that most of them are ineffective.
The most commonly used countermeasures include password-protecting meetings, using waiting rooms so that conference organizers can vet people before allowing them to participate, and counseling participants not to post meeting links in public forums.
The problem with these approaches is that they assume the wrong threat model. One common assumption, for instance, is that the harassment is organized by outsiders who weren’t privy to meeting details. Researchers at Boston University and the State University of New York at Binghamton studied zoombombing calls posted on social media for the first seven months of last year and found that wasn’t the case in most instances.