Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Education Media

School Quits Video Calls After Naked Man 'Guessed' the Meeting Link (techcrunch.com) 143

An anonymous reader quotes a report from TechCrunch: A school in Norway has stopped using popular video conferencing service Whereby after a naked man apparently "guessed" the link to a video lesson. According to Norwegian state broadcaster NRK, the man exposed himself in front of several young children over the video call. The theory, according to the report, is that the man guessed the meeting ID and joined the video call. One expert quoted in the story said some are "looking" for links. Last year security researchers told TechCrunch that malicious users could access and listen in to Zoom and Webex video meetings by cycling through different permutations of meeting IDs in bulk. The researchers said the flaw worked because many meetings were not protected by a passcode.
This discussion has been archived. No new comments can be posted.

School Quits Video Calls After Naked Man 'Guessed' the Meeting Link

Comments Filter:
  • by Anonymous Coward on Saturday March 28, 2020 @08:07AM (#59881632)
    Or his cousin Sven no doubt.
  • If a student, being at home and maybe not thinking about it, joins the video session underdressed, does the teacher need to immediately end the lesson, or be in receipt of CP?

    • Mere nudity is in most legislations not pornographic.
      • "Most"...

        • You should always know all the local laws that apply to you.
          Fortunately, this is only several tens of thousands of pages.
      • It's always somewhat subjective, and when children are involved, subjective can be pushed a long, long way to wards 'burn the nonce.' People do love that rush of moral rightousness that comes from punishing another.

      • by sjames ( 1099 )

        In most places, yes. However, in the U.S. teens sending nude selfies have themselves been charged with making and distributing child pornography.

  • by Dallas May ( 4891515 ) on Saturday March 28, 2020 @08:49AM (#59881696)

    Yeah. It's most likely that guy.

    You know the one.

  • You're complete morons.

    Like when you had access to other Citibank accounts, by logging into your own, and then changing the account number in the URL.

    • Like when you had access to other Citibank accounts

      No you ignorant twat, accessing other people's bank accounts is nothing at all like joining other people's conference calls.

      • That depends on the context of the call, actually.

        • No it doesn't, because the facility exists to password protect the conference call. The ignorant twat literally compared a critical bug that allowed access to other's bank accounts, to someone guessing something that someone else specifically decided should be publicly accessible to anyone knowing where it is.

          • Nope. Wrong.

            "But Your Honor, the door wasn't even locked! How can it be theft?! The cash wasn't even glued to the table!"

            If time-sensitive, private financial information is being shared in the call, things like account numbers, or transactions that will affect publicly traded stocks, and you join the call using some sort of hacking tactic like guessing the ID number, you could not only go to jail, depending on the actual context you could even be robbing the bank by doing it.

            The act has criminal intent, whi

    • Wait, that shit really happened? How fucking stupid can you be to not tie the session to the account?

      • Bank of America was equally stupid at the time, allowing SSN/SSN as both username and password, something the parents knew about their kids, plus they had the mother's maiden name.

  • Any conferencing software worth its weight in electrons would allow the moderator (in this case teacher) to limit the interactions between the participants and what was shown to the conferencing session as a whole by said participants. I would think the default setup for educators would be that the teacher would be able to see questions/video/screens from the students but the students wouldn't be able to interact with each other unless specifically granted that permission by the teacher. That way, at most

    • by jmccue ( 834797 )

      Any conferencing software worth its weight in electrons would allow the moderator (in this case teacher) to limit the interactions

      Yes, but the security of these applications tends to be very poor and I blame them. I believe if these video programs even has encryption I think one needs to pay for it. I would no e surprised if the passwords are all plain text.

      With that said, most teachers know little about tech details, for them it is 'click' and hope it works, never mind knowing how to block or limit interactions other than saying "shut-up". This was rolled out so fast that I am sure there was no training and they are pretty much on

      • It would be worth figuring out what actually happened. Maybe one of the kids has a perv uncle who used the link that was emailed to the kids or something.

        Anyways the summary says they're going to stop using this particular service, not videoconferencing overall, which is sane.

      • What do encryption, passwords and even knowledge of the software have to do with it? Again if properly designed the moderator would have to specifically grant permissions to participants, if the teacher didn't know how to use the software it would be by default safe for the participants (children) as they would only see what the moderator (teacher) was displaying. A malicious party would have to gain control of the moderators computer specifically (a lot more difficult than guessing a meeting number) in o

    • by orlanz ( 882574 )

      Yeah, totally software fault. These things can be mitigated*. Use a GUID. Easy to make, the "guess" defense goes out the window. I think clients that have teleconf setup can click a link. Use a "lobby" that the moderator allows folks in from. Log the IPs of all connections. Go send a good citation for the idiot who was being a jack ass.

      This isnt' news. It should just be a reddit post under "People that don't understand the interwebs".

      * = We can't do anything about dumbass moderators who allow anyone

    • If you told schools back in January, "In two months, you will have to conduct all your classes via video conferencing," you would've been met with a chorus of howls and protests that it was impossible, and they needed at least 2-3 years to put together the resources and software to do it properly. Then the virus hit and they were all forced to do it in just 1-2 months.

      There just aren't that many out-of-the-box choices here, so it's not surprising that the software isn't exactly well-made. I suspect Zoo
    • by Cederic ( 9623 )

      Any conferencing software worth its weight in electrons would allow the moderator (in this case teacher)

      Teachers are on the whole incapable of using technology.

      Source: I know many teachers.

  • I mean, the Scandinavians have been telling the rest of us prudes for years about how nudity is completely natural, nobody should be ashamed of it, etc.

    So I fail to see how turning school videoconferencing sessions into chatroulette is anything but educational.

    • Not proper response (Score:5, Interesting)

      by bussdriver ( 620565 ) on Saturday March 28, 2020 @10:47AM (#59881952)

      Back in my day; in a large city elementary school, we had a flasher come to the playground and flash us 4-5th grade children at the edge of the property. We nearly all responded by pointing and laughing; the man ran off vastly more damaged than us kids who didn't get any attention (cops picked him up not too far away... he was likely a mental case.) We also had sex ed around 11 years old (without warning the stupid parents so they could opt out... 1 upset father turned out to be abusing his daughter.)

      The proper response is to point, laugh, and ridicule the sick fuck, then kick him off the meeting. People freak out because parents do not rationally especially the incompetent parents who are itching to shove blame onto EVERYBODY else. But it should be clear to a thinking adult, to NOT give the mental case what they are seeking. You should inform authorities; although, in the USA they can't do shit to cure these mental cases acting out... if anything they push them in the wrong direction.

      • The proper response is to point, laugh, and ridicule the sick fuck, then kick him off the meeting.

        No, the proper response is to hunt him down and get rid of him so we don't have to deal with his idiocy in the future.

        • No, the proper response is to hunt him down and get rid of him so we don't have to deal with his idiocy in the future.

          I try to fix that for you:

          No, the proper response is to hunt you down and get rid of YOU! so we don't have to deal with anti social assholes like you in the future.

          WTF? He posed naked in front of some kids. And you want to hunt him down? You rant implies you want to kill him. What the relation to his "crime" there? Are you an complete idiot or were just drunk when you typed this?

          Take it: I h

  • by Opportunist ( 166417 ) on Saturday March 28, 2020 @10:39AM (#59881924)

    "And here kids, we see the effects of too much masturbation, it leaves you with a really small dick"

    That should take care of others trying the same...

  • Comment removed based on user account deletion
    • if you haven't had to hold your hand over your children's eyes as a streaker runs through a HS football game near graduation
      So I assume your kids never saw you naked ...

      Actually I never had to do that, and if a naked man would run over the football field I doubt any parent (here) had the urge to hold his hands in front of the eyes of a kid. Most would probably pull out their mobile to film it. And the kids, too.

  • These web video chat services should know where kid users are, and give them access to their school without letting any other IP address in. It takes just a simple firewall to give 10 users access to the virtual replacement for the classroom, and keep intruders out.

  • And I can assure you: they had not kicked my Adonis body from the screen :P

I've noticed several design suggestions in your code.

Working...