Zoom closes account of U.S.-based Chinese activist after Tiananmen event(https://www.axios.com/zoom-closes-chinese-user-account-tiananmen-square-f218fed1-69af-4bdd-aac4-7eaf67f34084.html)2003 points|surajama|5 years ago|517 comments
Vulnerability in the Mac Zoom client allows malicious websites to enable camera(https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5)1937 points|mplanchard|6 years ago|456 comments
Zoom Acquires Keybase(https://keybase.io/blog/keybase-joins-zoom)1879 points|vikram7|5 years ago|711 comments
Zoom lied to users about end-to-end encryption for years, FTC says(https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/)1616 points|eddieoz|4 years ago|425 comments
Zoom needs to clean up its privacy act(https://blogs.harvard.edu/doc/2020/03/27/zoom/)1597 points|seapunk|5 years ago|509 comments
Zoom terms now allow training AI on user content with no opt out(https://explore.zoom.us/en/terms/)1581 points|isodev|2 years ago|511 comments
Zoom iOS app sends data to Facebook even if you don’t have a Facebook account(https://www.vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account)1433 points|softwaredoug|5 years ago|360 comments
Apple has pushed a silent Mac update to remove hidden Zoom web server(https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/)1358 points|coloneltcb|6 years ago|532 comments
Zoom rolled their own encryption scheme, transmit keys through servers in China(https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/)1248 points|gasull|5 years ago|302 comments
Zoom meetings aren’t end-to-end encrypted, despite marketing(https://theintercept.com/2020/03/31/zoom-meeting-encryption/)1230 points|tony101|5 years ago|339 comments
Zoom says it won’t encrypt free calls so it can work more with law enforcement(https://twitter.com/nicoagrant/status/1268020841054269440)1094 points|sneak|5 years ago|458 comments
Zoom Acknowledges It Suspended Activists' Accounts at China's Request(https://www.npr.org/2020/06/12/876351501/zoom-acknowledges-it-suspended-activists-accounts-at-china-s-request)1069 points|dehrmann|5 years ago|371 comments
Samsung “space zoom” moon shots are fake, and here is the proof(https://old.reddit.com/r/Android/comments/11nzrb0/samsung_space_zoom_moon_shots_are_fake_and_here/)1024 points|petodo|2 years ago|386 comments
Jitsi Meet: An open source alternative to Zoom(https://meet.jit.si)897 points|LockAndLol|5 years ago|285 comments
Google bans Zoom from employees' computers(https://www.buzzfeednews.com/article/pranavdixit/google-bans-zoom)882 points|Lagogarda|5 years ago|437 comments
SpaceX bans Zoom over privacy concerns(https://www.reuters.com/article/us-spacex-zoom-video-commn/elon-musks-spacex-bans-zoom-over-privacy-concerns-memo-idUSKBN21J71H)879 points|mortenjorck|5 years ago|283 comments
Zoom to bring end-to-end encryption to all users, including non-paying(https://blog.zoom.us/wordpress/2020/06/17/end-to-end-encryption-update/)845 points|jmsflknr|5 years ago|524 comments
How the Zoom macOS installer does its job without you clicking ‘install’(https://twitter.com/c1truz_/status/1244737672930824193)796 points|_Microft|5 years ago|325 comments
What You Should Know Before Leaking a Zoom Meeting(https://theintercept.com/2021/01/18/leak-zoom-meeting/)735 points|danso|4 years ago|211 comments
Why is the Zoom app listening on my microphone when not in a meeting?(https://community.zoom.com/t5/Meetings/Why-is-the-Zoom-app-listening-on-my-microphone-when-not-in-a/td-p/29019)687 points|mangala_murti|3 years ago|383 comments
Zoom executive charged with disrupting meetings commemorating Tiananmen Square(https://www.justice.gov/opa/pr/china-based-executive-us-telecommunications-company-charged-disrupting-video-meetings)685 points|imraj96|4 years ago|228 comments
Tell HN: Cisco WebEx on OS X uses the same pre-installer tricks as Zoom673 points|mmastrac|5 years ago|180 commentsI noticed while installing WebEx today that the installer immediately terminated itself after popping up the pre-installation script.Running `strings` on the installation plugin (CWSPkgPlugin.bundle) shows why - it's using a similar process to what Zoom does [1] +[CWSUtilBase unzip:to:] /usr/bin/unzip Clean up temp unziped app done: %i unzip:to: [...] Cisco Webex pkg plugin, begin init work. Install CWS result: %i Launch CWS result: %i Terminate installer: %@ Terminate self: %@ [...] /usr/sbin/lsof forceTerminatePreviously discussed here: https://news.ycombinator.com/item?id=22736608[1] https://www.imore.com/zooms-preinstallation-script-workaroun...
Zoom lays off 15% of employees(https://blog.zoom.us/a-message-from-eric-yuan-ceo-of-zoom/)636 points|brakmic|2 years ago|559 comments
The Zoom installer let a researcher hack his way to root access on macOS(https://www.theverge.com/2022/8/12/23303411/zoom-defcon-root-access-privilege-escalation-hack-patrick-wardle)630 points|neodypsis|3 years ago|393 comments
Please stop disabling zoom(https://www.matuzo.at/blog/2022/please-stop-disabling-zoom/)620 points|zachflower|3 years ago|303 comments
‘War Dialing’ tool exposes Zoom’s password problems(https://krebsonsecurity.com/2020/04/war-dialing-tool-exposes-zooms-password-problems/)585 points|feross|5 years ago|234 comments
Zoom’s Use of Facebook’s SDK in iOS Client(https://blog.zoom.us/wordpress/2020/03/27/zoom-use-of-facebook-sdk-in-ios-client/)576 points|patrickyevsukov|5 years ago|259 comments
Stop using Zoom, Hamburg’s data protection agency warns state government(https://techcrunch.com/2021/08/17/stop-using-zoom-hamburgs-dpa-warns-state-government/)568 points|jrepinc|4 years ago|229 comments
Zoom has a signed binary that runs any unsigned script(https://twitter.com/DanAmodio/status/1245329512889487361)562 points|kccqzy|5 years ago|214 comments
Ask HN: Why does Zoom Desktop examine all processes and arguments?547 points|neolog|4 years ago|263 commentsLooking at syscalls, I see Zoom desktop reads all processes and arguments. [pid 3844872] stat("/proc/1", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0 [pid 3844872] openat(AT_FDCWD, "/proc/1/stat", O_RDONLY) = 4 [pid 3844872] openat(AT_FDCWD, "/proc/1/cmdline", O_RDONLY) = 4 [pid 3844872] readlink("/proc/1/exe", 0x20c0520, 1024) = -1 EACCES (Permission denied) [pid 3844872] stat("/proc/2", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0 [pid 3844872] openat(AT_FDCWD, "/proc/2/stat", O_RDONLY) = 4 [pid 3844872] openat(AT_FDCWD, "/proc/2/cmdline", O_RDONLY) = 4 [pid 3844872] stat("/proc/3", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0 [pid 3844872] openat(AT_FDCWD, "/proc/3/stat", O_RDONLY) = 4 [pid 3844872] openat(AT_FDCWD, "/proc/3/cmdline", O_RDONLY) = 4 ...Why would it do that? Is there any way to prevent it?
Running `strings` on the installation plugin (CWSPkgPlugin.bundle) shows why - it's using a similar process to what Zoom does [1]
Previously discussed here: https://news.ycombinator.com/item?id=22736608
[1] https://www.imore.com/zooms-preinstallation-script-workaroun...