For Apple, nothing more important then it’s user’s privacy and security. Since many corporate started trolling Apple for the biggest 4Chan leak of celebs pictures from the iPhones, Apple took a major step to make its products more secure. But the recent news roaming everywhere about Mac’s security breach as Zoom video-conferencing app version 4.4.4 using Mac camera without your permission.
Yes, you heard it right! Yesterday, Jonathan Leitschuh – security researcher has found the security break in the Zoom video-conferencing app and informing users that you should be careful while using the Zoom video-conferencing app on your Mac as it opens automatically without asking your permission.
Let me explain you about the Zoom’s app; it is trendy for its click to join feature as you can click on the browser link directly and it will take you directly to the video meeting in Zoom’s app. But recently, Jonathan Leitschuh wrote on its Medium post about security error on Mac when you use the Zoom app. He explained that how Zoom is insecure that allowing your Mac’s webcam activate without your permission. Well, he also told that uninstalling the Zoom App isn’t a proper solution as it directly installs in web server on your Mac. He added “without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day.”
So, Jonathan Leitschuh gave the tips that you can activate turn off my video setting when joining a meeting. Here’s what Zoom says about the incident “Zoom installs a local web server on Mac devices running the Zoom client,” the statement reads. “This is a workaround to an architecture change introduced in Safari 12 that requires a user to accept launching Zoom before every meeting. The local web server automatically accepts the peripheral access on behalf of the user to avoid this extra click before joining a meeting. We feel that this is a legitimate solution to poor user experience, enabling our users to have seamless, one-click-to-join meetings, which is our key product differentiator.” They also added that the error has been already solved in May.
Well, the ZDNet report claims that the company has removed the ability for a host to automatically join a call with video enabled. And at the end Zoom said “We acknowledge that our website currently doesn’t provide clear information for reporting security concerns,”