Zoom is reinstalling itself after a minute of being uninstalled [video]

(www.youtube.com)

223 points maloga | 1 comments | 09 Jul 19 11:33 UTC | HN request time: 0.208s | source

Show context

eeeeeeeeeeeee ◴[09 Jul 19 12:25 UTC] No.20391053[source]▶

>>20390755 (OP) #

I couldn't reproduce it (Mac, Mojave 10.14.5). I did this:

1. Ensure Zoom client is not running (the GUI, not the ZoomOpener)

2. Completely delete Zoom client app from /Applications, empty trash

(ZoomOpener continues to run from ~/.zoomus/, not just from memory, it is never deleted)

3. Wait 5 minutes

However, if you click on any Zoom link after you've done those three steps, it will absolutely re-install that client app into /Applications AND launch it into that video room. I confirmed that.

I still feel this is a violation of my trust and I'm uninstalling this app entirely and won't use Zoom again.

Also, if Apple actually cared about the Mac and privacy like they say they do, they would temporarily revoke Zoom's app signing key until they cut this shit out.

replies(5): >>20391115 #>>20391836 #>>20391859 #>>20392126 #>>20392982 #

jonwinstanley ◴[09 Jul 19 12:36 UTC] No.20391115[source]▶

>>20391053 #

They need to leave them with their key so they can issue an update.

replies(2): >>20391119 #>>20392046 #

1. danShumway ◴[09 Jul 19 14:26 UTC] No.20392046[source]▶

>>20391115 #

> so they can issue an update.

Revoking the key and making its restoration conditional on issuing a security patch would be a way to make sure an update does happen. I'm not a fan Apple's approach to software signing, but this is a good opportunity to showcase some of the benefits that their system does legitimately have.

They'd be stepping in on behalf of users and saying, "Sure you can issue updates. After you fix the security hole."

Right now, Zoom is gambling that they don't need to care about security from a business point of view. Apple can change the situation so they do.

↑