←back to thread

Zoom is reinstalling itself after a minute of being uninstalled [video]

(www.youtube.com)
223 points maloga | 6 comments | 09 Jul 19 11:33 UTC | HN request time: 0.793s | source | bottom
Show context
eeeeeeeeeeeee ◴[09 Jul 19 12:25 UTC] No.20391053[source]
I couldn't reproduce it (Mac, Mojave 10.14.5). I did this:

1. Ensure Zoom client is not running (the GUI, not the ZoomOpener)

2. Completely delete Zoom client app from /Applications, empty trash

(ZoomOpener continues to run from ~/.zoomus/, not just from memory, it is never deleted)

3. Wait 5 minutes

However, if you click on any Zoom link after you've done those three steps, it will absolutely re-install that client app into /Applications AND launch it into that video room. I confirmed that.

I still feel this is a violation of my trust and I'm uninstalling this app entirely and won't use Zoom again.

Also, if Apple actually cared about the Mac and privacy like they say they do, they would temporarily revoke Zoom's app signing key until they cut this shit out.

replies(5): >>20391115 #>>20391836 #>>20391859 #>>20392126 #>>20392982 #
1. MacroChip ◴[09 Jul 19 14:33 UTC] No.20392126[source]
You sure you want that last sentence? If that were happening, we would all be commenting on here about how Apple decides who succeeds and who fails by threatening to revoke companies' keys on a whim.
replies(3): >>20392353 #>>20392395 #>>20392665 #
2. vorpalhex ◴[09 Jul 19 14:54 UTC] No.20392353[source]
Apple did that when Facebook was abusing enterprise signed apps and nobody threw shade at Apple. There's a time and place for that, and this is it.

Now, if Apple revoked their cert because they didn't like Zooms view on <some political issue> then I'd be ranting and raving with the rest of HN.

replies(1): >>20408025 #
3. eeeeeeeeeeeee ◴[09 Jul 19 14:57 UTC] No.20392395[source]
Yes, I do. And in no way is revocation in this instance a “whim.”
replies(1): >>20408001 #
4. princekolt ◴[09 Jul 19 15:22 UTC] No.20392665[source]
Why not? The software is effectively working as malware. I should be revoked. And when they approve it again, they should issue a new certificate, to make sure the old software never gets past GateKeeper again.
5. MacroChip ◴[11 Jul 19 00:29 UTC] No.20408001[source]
Understood. I would hope that they spell out the terms of when a key revocation would happen if they were to revoke keys.
6. MacroChip ◴[11 Jul 19 00:33 UTC] No.20408025[source]
Ok thanks for the example. I hadn't heard of that, so I just briefly read about it. It looked like there were clear terms about the Enterprise apps: that it was for internal, employee use. Facebook was distributing it to non employees. I imagine that is why there was little shade thrown.