Comment by thijsvandien
6 years ago
Positively terrible... Kudos to this researcher. I liked Zoom when I used it a couple of times, but the reinstall “feature” is a huge violation of my trust. Software from the company behind it will not touch my system anymore. Too bad really, because properly working video chat is hard to find. The App Store model is not my favorite, but at times like these, a forced sandbox and inspection by a trusted third party start to look like the only way forward.
If you had a sandbox, you wouldn't even need anyone to inspect it - since all the app's files would be contained in one place, uninstalling it would remove everything, and there wouldn't be a way to leave a server behind.
This just in: Bad behavior is still bad behavior when it's possible to mitigate it on the user side.
Consider how many people use Zoom and don't even know that Hacker News exists.
Right, I agree! My point is that preventing this situation from happening in the first place, through better sandboxing restrictions, is both more fair and more effective than having each app be individually approved. If you try to mitigate this just with app review, then 1) you're going to miss apps that do bad things, and 2) It introduces huge conflicts of interest for the reviewer. But if you were to have effective sandboxing, it wouldn't be possible for Zoom or any other app to do this in the first place, so that you would be able to trust the apps that you install even if they haven't been reviewed.
What reinstall feature?
This "feature": https://apple.stackexchange.com/questions/358651/unable-to-c...
It silently reinstalls if you follow any Zoom meeting link.
For which loading an iFrame by visiting a website or opening an email is enough...