Marco ArmentNov 14, 2023

Trying to help my town public meetings avoid random internet jerks joining the Zoom and spamming racist stuff.

How do these kids usually find public Zoom meetings to harass?

Trying random IDs?

Searching/scraping the web for Zoom links?

What do other places do with public Zoom meetings to minimize this?

Show threadSam GrossNov 14, 2023

@marcoarment It’s the embedded password in the link, people crawl the web and mine other sources for zoom links and then join for fun.

Some tips!
1. New zoom link every month instead of reusing the old link (if a password leaks once, you’re hosed)
2. Do not include the password in the link. It’s slightly less convenient, but when the link leaks you’re still ok
3. If possible, only allow invitees in without the waiting room and make others be admitted (requires a human to let them in)

Show threadSam GrossNov 14, 2023
@marcoarment the main way, AIUI, is looking for Zoom links with the password in them. Could well be mitigated with just a custom URL redirect!
Show threadMarco ArmentNov 14, 2023
@SamTheGeek That's the first idea I had: just use a link shortener.
Show threadSam Gross

@marcoarment it’ll only help if the true link never leaks! But if you’re rotating passwords it should be fine.

It’s not just your problem: https://krebsonsecurity.com/2023/10/dont-let-zombie-zoom-links-drag-you-down/

Don’t Let Zombie Zoom Links Drag You Down – Krebs on Security

Nov 14, 2023 at 2:53pmIvory for iOS