Adobe Connect User Community
Menu

#1 2010-04-26 13:31:35

**_freeman_**

Security Issue: Exposed Attendee List and Chat pods

In experimenting with the Connect Pro Mobile app, we've discovered participants viewing pods they are not supposed to have access to.

It seems that if you have a chat or attendee list pod, these become available to view using the mobile app, even if the pods are in the Presenter Only area, and even if the pods are hidden.   I've found the only way to keep this information from the app is to delete the pods altogether.

For our meetings, we typically keep our attendee list confidential.    We put the attendee list pod in the Presenter Only area so hosts can see who's in, but participants can't.     But with this app, it appears this information becomes public.   Just click on chat (even if there's no chat pod defined), and the list appears for those using the app.

We also like to keep a private chat pod open in the Presenter Only area so our presenters can talk privately.   Again, with this app, this chat becomes viewable.   

I haven't tested the layouts yet, but I suspect if there is a chat pod in any of the layouts, even if it's not the currently viewable layout it's going to already be visible to the mobile app user.

These are seminar rooms, by the way.

I admit I am not an expert with Adobe Connect Pro and perhaps I'm not understanding how this is supposed to work, but regardless, is there a way to keep the Presenter Only area private and blocked from the mobile app?   If not, can I block usage of the mobile app?  Or is there another way to keep the attendee list viewable but restricted to hosts?

Thanks,
Tom Freeman

Offline

#2 2010-04-27 08:15:39

**_tlchurch_**

Re: Security Issue: Exposed Attendee List and Chat pods

Hi Tom,

Showing the chat and attendee list pod is a known issue with the mobile app (see http://www.connectusers.com/tutorials/2 … ssues.pdf).

I don't know about blocking it. Certainly a hack to block it is to turn on a quick disclaimer since that is also not supported on the app.

Offline

#3 2010-04-27 09:20:20

**_freeman_**

Re: Security Issue: Exposed Attendee List and Chat pods

Thanks for the link.

Yes, adding the compliance notice seems to keep the app from accessing the room, so we'll just do that until a fix is out.

Offline

#4 2010-07-19 07:53:40

**_princecheck13_**

Re: Security Issue: Exposed Attendee List and Chat pods

I will be able to post a rough schedule soon.just need to confirm it is release, but there will be further announcements in the next few weeks.

Offline

#5 2010-10-13 21:12:03

**_jessicaleahy_**

Re: Security Issue: Exposed Attendee List and Chat pods

Thank you I am looking forward to your update..:)

Offline

Board footer