https://theintercept.com/2021/01/18/leak-zoom-meeting/ The Intercept_ * English * Portugues [ ] * Politics * Justice * National Security * World * Technology * Environment * Special Investigations * Voices * Podcasts * Videos * Documents * Become A Member * About * Policies and Reports * Become a Source * Join Newsletter First Look Media logo The Intercept is a First Look Media Company. (c) First Look Media. All rights reserved * Terms of use * Privacy The Intercept_ [zoom-leak-theintercept-SH-2] Donate Donate Illustration: Soohee Cho/The InterceptIllustration: Soohee Cho/The Intercept What You Should Know Before Leaking a Zoom Meeting At least one leaker has already been exposed. Here's how to protect yourself or your sources. Nikita MazurovNikita Mazurov Nikita Mazurov Nikita Mazurov January 18 2021, 1:00 p.m. [zoom-leak-] Illustration: Soohee Cho/The InterceptIllustration: Soohee Cho/The Intercept As more and more meetings take place over the videoconferencing service Zoom, it stands to reason that journalists will receive more and more audiovisual material leaked from such gatherings. This new leak medium poses unique challenges, requiring care to avoid exposing sources through digital watermarks or images of the user interface. At least one Zoom leaker has already been unmasked: a member of the New York State Assembly who apparently filmed his "self-view" while recording a dispute within the Democratic assembly conference over the renomination of the speaker. That may sound careless, but a feature developed by Zoom will allow future leakers to be exposed even without that sort of misstep. Join Our Newsletter Original reporting. Fearless journalism. Delivered to you. I'm in Zoom Watermarking Many users may not realize it, but Zoom has the capability to insert both video and audio watermarks into a meeting. 1-zoomadminsettings Video/audio watermark options in the Zoom settings panel. Screenshot: The Intercept 2-zoomsettings Zoom meeting scheduler video/audio watermark settings. (The individual meeting scheduler options appear after watermarking has been enabled via the main settings panel.) Screenshot: The Intercept The video watermarks are readily perceptible to meeting participants. When enabled, the video watermarking feature superimposes the username portion of each participant's email address over the content they are viewing when another participant shares their screen and places the same watermark over the current active speaker. Because the video watermark appears across the entirety of the video frame, blurring may adversely impact the visibility of the underlying material. 3-zoompatent Zoom patent diagram illustrating the video watermark feature. Screenshot: The Intercept In contrast, the audio watermarks are not readily perceptible to casual listeners, though they are what in watermarking parlance is known as "overt." That means the fact that they are embedded is easily discerned by meeting participants: When a Zoom meeting has the audio watermark, or what Zoom also calls the "audio signature," feature enabled, the meeting will have a green circular icon with a sound wave and a padlock at the top left of the frame next to the encryption icon. 4-audiosignature The presence of the circular audio watermark icon next to the encryption shield icon is an indicator that the audio of the meeting is watermarked. Screenshot: The Intercept It is not immediately apparent at what point Zoom injects its " ultrasonic" audio watermark into the audio stream -- whether this happens only if a meeting attendee presses the Record button in Zoom or if the audio stream is watermarked prior to that point. Nonetheless, when recording a Zoom meeting, it is best to avoid using Zoom's built-in recording option and to capture the meeting using a third-party audio/video recorder. Zoom mentions that in order to identify the participant who recorded the meeting, they need at least two minutes of audio from the meeting, though it stands to reason that shorter snippets may also be identifiable if they happen to contain the audio watermark. Journalists should also be wary of publishing raw audio leaked from Zoom meetings, particularly if the source is not sure whether audio watermarking was enabled or not. Recording Gotchas -- Inadvertent Source Identification Aside from Zoom's own watermarks, a number of elements appearing on an individual's own device may inadvertently give away the identity of the person who is recording. If the meeting video is being recorded either via screen recording software or a camera, there are a number of elements to watch out for. For example: The video layout order should be manually rearranged. * When displaying meeting participants, Zoom software on a smartphone, laptop, or other device prioritizes displaying the attendee who is using the device. In other words, each participant will typically see themselves displayed in the top row on their screen when in a Zoom meeting. This in turn means that it may be possible to deduce who recorded a leaked Zoom video based on the participant order displayed on the screen. To mitigate against this, prior to video recording a Zoom meeting, the video layout order should be manually rearranged at random. If viewing the video in full-screen mode, care should be taken to remove self-view from the frame. * The Zoom app should be positioned in such a way on the desktop as to minimize the chance for interference from other desktop apps, such as the chance of new message or email notification pop-ups appearing over the Zoom window. Upon completion of the recording, the video should be carefully reviewed to make certain that no such identifying notifications inadvertently appeared anywhere in the recording. * In certain cases, even revealing information about the recording user's underlying operating system may potentially compromise the source. For instance, if the source is recording a video of a company meeting from a Mac, and company personnel are known to predominantly use Windows, it may be possible to check meeting access logs to identify the meeting attendee who joined from a Mac. For this reason, the recording area may be tightly cropped to remove OS identifiers like menu or title bars. Additionally, elements such as mouse pointers should also be excluded from the recording area to avoid leaking information about the OS (owing to the fact that, for instance, a default mouse pointer on Windows machines is white with a black outline, while it is black with a white outline on Macs). * The participant recording the Zoom meeting should also be mindful of their participation in the meeting. For instance, if typing into the chatbox, this activity may be used to identify the recorder. * If recording meetings with an exterior device such as a phone camera, be aware that your camera may be uniquely identifiable via visible defects such as unique smudges or scratch patterns on the lens as well as a myriad of forensic techniques falling under the umbrella of source camera identification. For especially sensitive meetings, it is advisable to use a recording device solely acquired for purposes of conducting the recording of a specific meeting and to dispose of the device after the recording. Zoom meetings present a unique set of challenges for source protection, but these challenges can be minimized by following best practices and taking care not to publish raw meeting materials unless there is high confidence that the recordings were not watermarked and have been thoroughly reviewed to make sure no other potentially identifying features are present in the audio or video. Wait! Before you go on about your day, ask yourself: How likely is it that the story you just read would have been produced by a different news outlet if The Intercept hadn't done it? Consider what the world of media would look like without The Intercept. Who would hold party elites accountable to the values they proclaim to have? How many covert wars, miscarriages of justice, and dystopian technologies would remain hidden if our reporters weren't on the beat? The kind of reporting we do is essential to democracy, but it is not easy, cheap, or profitable. The Intercept is an independent nonprofit news outlet. We don't have ads, so we depend on our members -- 35,000 and counting -- to help us hold the powerful to account. Joining is simple and doesn't need to cost a lot: You can become a sustaining member for as little as $3 or $5 a month. That's all it takes to support the journalism you rely on.Become a Member Contact the author: Nikita Mazurov Nikita Mazurov Related [8ce8d0b7-83f1-48f5-8eaf-bdab17743326] Feds Are Tapping Protesters' Phones. Here's How To Stop Them. [58d6486c-da27-40bd-80f5-45e43c3a316a] Protesters, Here's How to Set Up a Cheap Burner Phone [86c73215-1b12-4cdf-87a8-ec5ba9cfd48e] Zoom's Encryption Is "Not Suited for Secrets" and Has Surprising Links to China, Researchers Discover [4ce61b72-33c3-4a60-909e-5dea17de4121] Zoom Meetings Aren't End-to-End Encrypted, Despite Misleading Marketing Latest Stories null Federal Prison Took Nine Months to Investigate Reality Winner's Abuse Claim Taylor Barnes -- 9:13 p.m. The NSA whistleblower says she was threatened by a guard after making a report of abuse. null With No Allegation to Investigate, UMass Creepily Probes Alex Morse's Romantic Life Instead Eoin Higgins, Ryan Grim -- Jan. 18 A university investigation found no policy violations by Morse -- unsurprising since he was accused of none -- but more evidence of Democratic Party meddling. null Big Tech Critics Alarmed at Direction of Biden Antitrust Personnel David Dayen, Ryan Grim -- Jan. 18 Renata Hesse, who has worked for Google and Amazon, is the leading candidate to run the Justice Department's antitrust division. Leave a comment The Intercept_ Join Our Newsletter Become a Member [ ] [*] Weekly editor's picks [*] Breaking stories and exclusives [*] Politics coverage [I'm in] The Intercept_ * About * Policies and Reports * Become a Source * Join Newsletter * Become a Member * Terms of Use * Privacy * Securedrop (c) First Look Media. All rights reserved