Reply to post: Re: Sure you do

Zoom agrees to pay subscribers $25 to put its security SNAFUs behind it

Roland6 Silver badge

Re: Sure you do

>They knew exactly what they were doing.

The reports indicate Zoom used the SDK's from Facebook and others to implement the "Login with xyz social network" functionality, rather than anything more sinister. I suspect they probably even used the SDK with the SDK providers defaults (probably set to collect lots that might be useful to the social network).

Obviously, there is a big takeaway here for developers incorporating third-party integrations using the third-party provided SDK to double-check both the personal information the SDK collects (is it necessary and sufficient to allow your app to work) and what your app is telling users about it's data sharing.

Bottom line: If you have a FB account and on a non-FB app, such as Zoom, you decide to use the "Login with FB" option then it is obvious some of your Zoom data will be passed to FB (and potentially vice versa - many app's will read your social network contacts).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021