Audio conference calls as just as bad. I noticed a long time ago that a lot of my co-workers, especially executives, never bother to set passwords on their conference calls, check who's on a call, or drop all the lines between back-to-back calls. It would be trivial for almost any employee to dial into some sensitive calls. Or heck, ex-employees. Not that I would do that but it's clearly a security issue.
This is interesting. A large challenge in videoconferencing systems is encouraging use, since many of the legacy systems have 42 button remote controls, complicated scheduling, and quality problems. So there's been a huge push to make it as easy as possible to drive adoption of the technology.<p>That said, there would likely still be indicators that there was an active video. Unless they were able to compromise the firmware also, which is less likely than simply port 5060 being open. Many of the systems are on a URI/IP dialing system and the port may be left open intentionally. So it's bad - but not 'dozens of listeners listening at all times without anyone having a clue' bad (hopefully).