So is the poor user experience due to Apple's API/security model or Zoom's inability to program? And is there a hidden webserver on Windows installs?
Wondering how to whack Zoom's dodgy hidden web server on your Mac? No worries, Apple's done it for you
Apple has pushed a silent update to Macs, disabling the hidden web server installed by the popular Zoom web-conferencing software. A security researcher this week went public with his finding that the mechanism used to bypass a Safari prompt before entering a Zoom conference was a hidden local web server. Jonathan Leitschuh …
Thursday 11th July 2019 13:10 GMT thosrtanner
> Further, Zoom promised an update in a couple of days intending that users who select "Always turn off my video" on first use will have that preference saved automatically.
Is it just me who feels that "Always" implies "Always" and not saving the preference rather conflicts with the description?
I'd say I cannot believe people like this would be allowed near a computer, but clearly they have been. If you're actively coding round standard security practices, you are no better than malware writers.
Thursday 11th July 2019 20:12 GMT Anonymous Coward
Which is probably why Apple treated it as malware
And removed it from all Macs. Then users who installed it but rarely use it won't have a web server written by a company that doesn't understand security running on their computer, and users who want to keep using Zoom can simply reinstall the newer fixed version.
Thursday 11th July 2019 13:50 GMT Anonymous Coward
I've set up a virtual webcam with customised fake video, configured to always get picked before my actual webcam . Anyone incautious enough to try cam-snooping on my machine is going to get a surprise!
 Disclaimer - I haven't really. Maybe I should. Any ideas for content?  :-)
 *UNSUITABLE IDEA IN VERY POOR TASTE DELETED*
Thursday 11th July 2019 14:35 GMT Mike Moyle
"Apple appears to have concluded that it is better to protect users by silently disabling this component than to respect the wishes of those who like to think they are in control of what gets installed and removed. Few would disagree."
<sarcasm> CURSE YOU, HEAVY-HANDED APPLE CONTROL FREAKERY!!! </sarcasm>
Thursday 11th July 2019 19:33 GMT karlkarl
Or is this web server / client connecting to the zoom conference server directly, effectively not really even using the browser once started... In that case, this is just another case of everyone over-utilising a web browser as just a shite GUI library.
The whole thing sounds terrible. You wouldn't get this kind of mess in less popular software ;)
Thursday 11th July 2019 20:54 GMT Anonymous Coward
Friday 12th July 2019 02:04 GMT Anonymous Coward
Friday 12th July 2019 04:53 GMT gnasher729
It is quite possible that a company has engineers that are competent and care about security and are overruled by management who has received complaints from customers. (Customers will complain because they _wanted_ a connection and didn’t think there should be another prompt, oblivious of the fact that this prompt protects against hackers).
Saturday 13th July 2019 00:09 GMT Claptrap314