Zoom's engineering team is based in China - the product is primarily built out of there. [1]
What guarantee is there that the CCP is not intercepting/backdooring all video communications? Especially in current situations, where so much sensitive information is being discussed via Zoom?
[1] https://www.cnbc.com/2019/03/26/zoom-key-profit-driver-ahead...
When I installed Zoom for Mac for the first time, I noticed it took a while to start up and caused beachballing. So I grabbed a sample of the process via Activity Monitor. To my utter horror, the Zoom binary is shelling out by calling system(3) on the fucking main thread.
I just verified this is the case on the latest version of Zoom for Mac. The binary zoom.us.app/Contents/Frameworks/zmLoader.bundle/Contents/MacOS/zmLoader invokes system(3) on three separate occasions in two functions: -[ZPMBSystemHelper disablePTAutoRestoreWindow] and -[ZPMBSystemHelper disableConfAutoRestoreWindow].
And looking at what the string was, it's just a fucking call to defaults(1). Now I'm not a Mac programming expert but I cannot understand why Zoom needs to change its own preference settings this way. This just screams sloppy software engineering quality. I guess this is what you get when you outsource software engineering.
I would not be surprised at all if someone reports vulnerabilities in Zoom, whether deliberate or accidental.