Cisco’s enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user’s microphone is muted in the software, according to warning from a group of academic researchers.
According to researchers from the University of Wisconsin-Madison and Loyola University Chicago, popular video conferencing applications (VCAs), including those used within enterprise environments, can actively query the microphone even when the user is muted.
The issue s that the privacy control mechanism for muting the microphone is application-dependent and has no hardware indicator associated to it, to inform the user of microphone use (the camera, on the other hand, is controlled at the operating system level and also has a led indicator to show when it is in use).
To demonstrate the false sense of privacy that meeting participants have when muting the microphone so as to not be overheard by others, the researchers implemented a proof-of-concept background activity classifier that allowed them to accurately identify six types of common background activities based on the telemetry packets that VCAs sent while a user was muted.
Click here to view original web page at www.securityweek.com