←back to thread

Show HN: Zoom Redirector

(github.com)
279 points arkadiyt | 1 comments | 22 Mar 20 22:11 UTC | HN request time: 0.208s | source
Show context
DyslexicAtheist ◴[23 Mar 20 08:54 UTC] No.22662212[source]
I don't want to diss an effort made with good intentions. though this is like using duct tape on fatally flawed design - it doesn't solve the problem. We're dealing with an inherently hostile company which aggressively uses dark pattern, ignoring privacy and security best practices. Not only are they ignoring these things they actively bypass the security control on the host-system where it is installed - this is literally what malware does. You don't put duct tape on malware so it works better for you!

If they would be a Chinese company they'd be banned and probably even sanctioned. Stop using this shit and stop justifying its use just because your employer makes you use it. Grow some balls (or eggs) and speak up naming it for what this is (malware) - so that we can all have nice things and not be forced to engage in endlessly justifying ourselves because "team or company XYZ is using it too and it works great for them ..."

replies(4): >>22662425 #>>22662461 #>>22662654 #>>22663295 #
skrebbel ◴[23 Mar 20 09:48 UTC] No.22662425[source]
I have absolutely no idea what you're on about. How is Zoom malware?

By "actively bypass the security" do you mean "it's a program that you need to install on your computer"?

Can you elaborate why Zoom is malware in ways that VS Code, VLC Media Player or Photoshop aren't?

EDIT: I mean the question honestly, as a question. I might have missed something. I mean, I saw yesterday's HN topic on a tweet that claims it sends info about all active programs to a server. But I saw nothing to substantiate that other than an "attention tracking" feature which is way less invasive than what's described in that tweet and off by default.

Did I miss the evidence, or some other damning privacy invading misfeature?

replies(2): >>22662486 #>>22662641 #
DyslexicAtheist ◴[23 Mar 20 10:34 UTC] No.22662641[source]
@rainforest's reply pretty much covers it. NPAPI was deprecated for security reasons so they thought it was a good idea to bypass that deprecation by installing a local webserver. My other comment on yesterdays thread: https://news.ycombinator.com/item?id=22658173
replies(1): >>22663200 #
skrebbel ◴[23 Mar 20 12:07 UTC] No.22663200[source]
How is that the same as malware? I.e. "software intentionally designed to cause damage to a computer, server, client, or computer network", if the Wikipedia definition has authority. That's not at all what Zoom does.

You're assuming ill intent where there is none. At the worst, it's incompetence. And they fixed the local http server flaw.

I'd much rather we reserve the term "malware" for actual malware and not dilute it to mean "any program made by a programmer who's either not very good at security or doesn't have the exact same opinion about it as me".

replies(2): >>22663724 #>>22663736 #
1. chupasaurus ◴[23 Mar 20 13:09 UTC] No.22663736[source]
Spyware (which Zoom is) is also a type of malware.