The popular video conferencing company Zoom has been under scrutiny over the past few days for the method used to install the Mac version of its app, which essentially abused a "preflight" compatibility check to install the app without the user needing to explicitly grant installation permission, as highlighted by developer Felix Seele earlier this week.
Screenshot of preflight compatibility check for Zoom; clicking Continue immediately installs the app if the user has admin privileges (via Felix Seele)
Zoom CEO Eric Yuan responded to Seele, noting that while the installation method was "implemented to balance the number of clicks given the limitations of the standard technology," he recognized the issue and promised to "continue to improve."
Revised installer with traditional installation process
Zoom has now updated its Mac app installer to no longer use the preflight installation method, instead using a traditional installation authorization process, as noted by The Verge.
“They completely removed the preinstall stuff, so you now need to click through the installer as it ought to be,” explains Seele in a message to The Verge. The fake prompt has also been removed so users have to specifically click through and install Zoom. “I must say that I am impressed,” says Seele. “I expected them to maybe change the dialog, but since the ‘zero-click’ aspect was so important to them, I thought they would stick with the preinstall-trick.”
The Mac app installation issue is hardly Zoom's first controversy, with the company seeing increased attention as its popularity has boomed amid self-isolation. Other recent controversies over just the past week have included its integration with a Facebook SDK that was sending Zoom user data to Facebook and misleading claims of end-to-end encryption.
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Wednesday July 24, 2024 9:06 am PDT by Joe Rossignol
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Thursday July 25, 2024 5:43 am PDT by Tim Hardwick
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...
Remember when they installed a web server on macs ('https://www.macrumors.com/2019/07/09/zoom-videoconferencing-app-vulnerability/') without anyone knowing that resulted in a zero day?
Not a fan of Zoom since then. Nothing they have done since then has endeared me any more. I prefer FaceTime, Skype, or pretty much any other method to connect than Zoom.
Remember when a person could hear you before you picked up a FaceTime call? Bugs happen.
A software bug is one thing, engineering a buggy web server to intentionally bypass a browser security measure, engineering an installer to get around user confirmation prompts, and being deceptive in your advertising and documentation are on a totally different level.
It seems like they made some bad choices, but it also seems like they are recognizing the fact they were bad choices and are quickly taking steps to address them.
It's easy to fault them but perhaps such quick acknowledgement and rapid changes are a good sign.
Let me know when they stop making bazillions auctioning users behavioural surplus on the data markets