Zoom Considers Their Major Security Vulnerability a Feature, Not a Flaw

Nicole Nguyen, reporting for BuzzFeed News:

Not only did Zoom allow attackers access to the video cameras of its Mac app users, but it also left its web server running in the background, even after the user uninstalled the Zoom app. BuzzFeed News also verified that the server also reinstalled the Zoom app when a meeting link was clicked, without notifying the user, if the Zoom app had been deleted from the machine.

Saitta criticized these behaviors, saying they are “not justifiable in these cases and come with significant risk.” She recommends that people remove Zoom from their systems and refrain from using the app until the company delivers a version without that always-on web server. “This is an excellent example of what my friend Deb Chachra calls ‘nonconsensual technology,’” she told BuzzFeed News. “It’s a sadly common attitude among tech companies that what the user wants can be ignored on a whim.”

Simply outrageous.

Wednesday, 10 July 2019