Let’s be clear about this: Zoom, the makers of a video conferencing app used by millions of people around the world, did not handle the discovery of a privacy vulnerability its software at all well.
A flaw in the Mac version of the company’s app was initially explained away as a “legitimate solution to a poor user experience problem, enabling our users to have faster, one-click-to-join meetings.”
That, and veiled criticism of the researcher who responsibly shared details of the problem with Zoom, did not go down well with computer users concerned that they could be tricked into joining a video conference with no warning, with their audio and webcam enabled.
I’m sure I wasn’t the only Mac user who was startled to find out that even after I had uninstalled the Zoom video conferencing app from my Mac, web server code Zoom had planted on my computer remained, allowing the software to be reinstalled without asking for my permission anytime I clicked on a Zoom meeting link.
Just listen to this edition of the “Smashing Security” podcast (recorded on Tuesday) to hear how pissed off I was:
Well, it seems it didn’t take long for Zoom to realise it was on the wrong end of the argument.
In a blog post, Zoom founder and CEO Eric S. Yuan doesn’t go so far as using words like “sorry” or “apologise” but does ..
Support the originator by clicking the read the rest link below.
