There is an interesting discussion going on on LinkedIn right now concerning video conferencing security concerns. DUH…’bout time this was brought up and not ignored. Let me first copy my comment (then you can understand why I am saying DUH), then I link to the original NY Times article, and then others who have responded.
My LinkedIn comment
“Starting video conferencing at Lawrence Livermore National Labs and then furthering H.323 at Lawrence Berkeley National Lab, security for us and our customers has always been a concern. This is a very interesting article, and should not take anyone by surprise as these issues (and more) have been with us for a VERY long time. Jim Berry, when he was at Sandia National Lab, pointed out more than a few security issues to the largest vendors at the time and was met with ire. Not a great response.
When not using the VC system…use the ON-OFF button to turn it OFF. Use passwords that are hard to guess, and default to either not auto-answer or to mute audio and video when accepting a call.
Oh, funny story…remember when the vendors first started to put PC / Windows functionality in their VC systems? We got hacked (at Berkeley Lab) the very night we turned it on. The hackers are out there and they will continue to try, and unfortunately, succeed.
Very interesting discussion….Thx David #1 for pointing us to this article and thanks to the replies from Vidyo and Lifesize.”
Friend David Maldow’s LinkedIn comment
“That article is all over the web today. I hope people who read it understand that it is simply an implementation issue and not an inherent weakness of videoconferencing.
Yes, deploying a large VC environment in a company that deals with secure information should be planned out with security in mind (auto-answers turned off, physical camera covers, obvious lights and indicators when mics are live, FIREWALLS, etc.)
Luckily there are a number of top notch VC consultants (not all of whom are named David) to help end-users get this right.”
Update: April 28, 2020: 8 years after I wrote this, the following TWO links are still valid. 🙂 Stay Safe!
David Danto (who has been around as long as I have) Responds
Friend Jeff Urdan at VeaMea Responds
Rapid7 Responds to Telepresence Options!!!!
I’m sure there will be more….I will keep you up-to-date on this interesting discussion.