News Rundown

How to Solve Zoombombing | Gestalt IT Rundown: April 8, 2020

Zoombombing is becoming a problem and the industry, and Zoom itself reacts. Plus the MANRS group gets lots of new members to improve internet routing security, the Linux Foundation is working with a microkernel and the FCC is set to vote on 6GHz. Join Rich Stroffolino and Tom Hollingsworth as they discuss on the Gestalt IT Rundown!

This week on the Rundown:

Microsoft Makes Skype…Good?

Microsoft announced it updated Skype to allow people to join cross-platform video conferences and download Skype without an account. Microsoft also published a web page to allow anyone to start a free Skype meeting from any device from a browser with the full Skype feature set, with a link that does not expire.

SameSite Cookie Rollback 

Google is rolling back its SameSite cookie requirements that blocked most third-party cookies unless specifically set by the website you were on. The idea was to encourage sites to change their practices for more privacy. But with resources taken up with complications related to COVID-19, Google is giving sites some extra time to adapt.

Linux Foundation Gives Microkernels the Hard seL4

The Linux Foundation is working with Data 61, Australia’s national science agency, on a new security-first operating system kernel called seL4. This is a member of the L4 microkernel family, not a Linux kernel, and is a mathematically verified bug-free operating system kernel, obviously designed with security in mind and tested with mixed real-time systems. The Linux Foundation will host the new seL4 Foundation, and help deploy the microkernal in real-time embedded computing systems.

Open COVID-19 Pledge

Intel, Mozilla, and Creative Commons announced they have joined the Open COVID-19 Pledge, which provides free licenses for patents, copyrights, and certain other property rights to anyone developing technologies for the diagnosis, prevention, or treatment of COVID-19. The licenses is backdated, effective December 1, 2019, and runs until a year after the World Health Organizations declares the pandemic to be over. While the Pledge does not provide a specific license, rather providing guideancce and recommendation on terms, Creative Commons says it is working to create a framework that allows the development of diagnostic tools, treatment, and preventative solutions.

How do you stop Zoombombing?

Zoombombing, or joining public and private Zoom conferences uninvited to broadcast disruptive content saw several recent reactions. Several school districts, including New York City Department of Education and Clark County Public Schools in Nevada have banned teachers from using the platform as a result, while many others are reassessing its use and updating security practices. In a similar vein, Taiwan recently announced that it was forbidding government works from using Zoom, probably had something to do with the company admitting it ran some calls through China. Meanwhile the a press release on the US Department of Justice’s website warned that federal, state, and local law enforcement will pursue charges for Zoombombing, including for “disrupting a public meeting, computer intrusion, using a computer to commit a crime, hate crimes, fraud, or transmitting threatening communications.” To combat the practice, Zoom announced that as of April 5th, passwords will be required to enter calls by Meeting ID and turn on virtual waiting rooms by default so hosts can manually add call participants.

FCC to Vote on 6GHz

The US Federal Communications Commission announced it will vote on a proposal to open the 6GHz band for unlicensed Wi-Fi use on April 23rd. This would provide more than twice the bandwidth as the 5GHz band, supporting up to seven 160MHz channels at once. FCC Chair Ajit Pai announced he approved the proposal last year, and the Wi-Fi Alliance announced the new Wi-Fi 6E designation for devies supporting the band in January.

Hyperscalers Join MANRS

The COVID-19 pandemic has had a big impact on how people are using the internet, and the industry is responding. Amazon, Google, Facebook, Microsoft, Akamai, Cloudflare and Netflix, among others, have signed up to the Mutually Agreed Norms for Routing Security or MANRS group, in an effort to shore up internet routing security. The group pushes for the use of filtering, anti-spoofing, and then coordination and validation to help reduce the ability to execute route leaks and other routing related exploits. Signing up means the companies will have their routing practices audited by the group, with occassional spot checks if there are reported issues.

The Gestalt IT Rundown is a live weekly look at the IT news of the week. It broadcasts live on YouTube every Wednesday at 12:30pm ET. Be sure to subscribe to Gestalt IT on YouTube for the show each week.

About the author

Rich Stroffolino

Rich has been a tech enthusiast since he first used the speech simulator on a Magnavox Odyssey². Current areas of interest include ZFS, the false hopes of memristors, and the oral history of Transmeta.

Leave a Comment