Welcome to attendees of my talk, “Cyber Security for Fandom Conventions”! The handout for the talk is available from here.
Of course, sometimes something happens to the presenter that also becomes a great case study! As some of you pointed out, unbeknownst to me, every few minutes during my presentation, for a single frame, a white window would flash up … some of you commented that you could see a spreadsheet. Here is a (slightly redacted) version of the frame that showed up.
So clearly we’ve hit a bug of some sort – it’s a mashup of what’s behind the window I was sharing but none of it actually complete … but there was potentially sensitive information that could have been revealed. In my case it didn’t, although I redacted a few bits just to be safe, really, all that was revealed was some fairly innocuous spreadsheets, public announcement emails, and some search windows for musical equipment.
Was this luck that nothing sensitive got out? Not really. Screen shares going wrong are part of my risk assessment. Even without the bug, sometimes you share the wrong screen or window. Mistakes happen a lot.
I can reduce the probability by closing programs that cause issues (e.g. avoid running too many programs at the same time that grab the screen) and keeping software up to date so bugs get fixed. For big work presentations, I’ll even reboot the computer and not load anything that isn’t needed for the presentation (or use a different computer). Actually I didn’t do the former this time – I had OBS Studio, Skype, and BlueJeans clients running at the same time. I was in a rush and I wanted to try a few things. 😉
I can also reduce the impact by making sure that even if something goes wrong, nothing too sensitive will end up inadvertently shared. Any sensitive emails or documents get closed whenever they’re not actively used, chat histories which aren’t quite so sensitive get minimised wherever possible. Getting into this habit means that it isn’t a novel thing when I share my screen. The windows that I did have open were random spreadsheets I was using to calculate hours, emailed public announcements and equipment I was looking for on Amazon. I care less about those going public.