Zoom Update Prevents Microphone From Staying Active After Calls On Mac (9to5mac.com) 16
Popular video conferencing platform Zoom this week released an important update to its macOS app following user reports about the microphone not being disabled after ending a conference. Luckily, according to the company, this was just a bug that has now been fixed. 9to5Mac reports: Since December last year, a number of users have been complaining about this bug in the Zoom Community (via The Register). According to them, the Mac's microphone stayed active even after ending a Zoom conference -- which certainly raised privacy concerns.
Zoom has confirmed that there was a bug in its macOS app that could cause the orange microphone-in-use indicator to appear even after leaving a call. According to a company representative, the latest version of the app no longer has this problem: "We experienced a bug relating to the Zoom client for macOS, which could show the orange indicator light continue to appear after having left a meeting, call, or webinar. This bug was addressed in the Zoom client for macOS version 5.9.3 and we recommend you update to version 5.9.3 to apply the fix."
Zoom has confirmed that there was a bug in its macOS app that could cause the orange microphone-in-use indicator to appear even after leaving a call. According to a company representative, the latest version of the app no longer has this problem: "We experienced a bug relating to the Zoom client for macOS, which could show the orange indicator light continue to appear after having left a meeting, call, or webinar. This bug was addressed in the Zoom client for macOS version 5.9.3 and we recommend you update to version 5.9.3 to apply the fix."
Power off your cameras and mics (Score:3)
Plug your USB camera/mic into a HUB with a power switch.
Turn off the camera when you aren't using it.
https://www.aliexpress.com/ite... [aliexpress.com]
Re: Power off your cameras and mics (Score:3)
Re: (Score:2)
If someone could get so far in that you think you have to take that step,
nothing's going to stop them from opening the default built-in camera,
possibly without notification.
MacOS CoreAudio prevents that, but other platforms? Who knows.
Re: (Score:2)
Some people solve that by buying laptops without built-in cameras.
Others use different solutions. My wife was annoyed that the camera on my laptop didn't work even after she removed the electrical tape from it. I told her to go into the BIOS and turn it on. (She got me good the next weekend, though -- she hid my belt AND my suspenders!)
Re: (Score:2)
Buy said hub on Aliexpress.
Have the CCP listen in on everything anyway.
Re: (Score:2)
I agree Zoom is used to so many people because it was in the news a lot when the pandemic started.
With so many people using Gmail, I'm constantly surprised why people are not using Google Meet instead. Meet is a much better video conferencing platform when compared to Zoom. I'd even put Zoom below Skype, and that's a pretty low bar already.
Re: (Score:2)
Lol. Ditching zoom for google over privacy is a bit.... ok...
Zoom had a lot of problems early on due to unexpectedly gaining way more customers than they anticipated. they spent a lot and have fixed most of their problems.
IN terms of corporate telco software, they're easy to deal with and their customer support is excellent.
This just goes to show (Score:3)
that a software light to say the mike is "on" is a spectacularly useless idea, made even worse by needing to activate the mike and light with separate operations.
The lamp must be activated by the mike circuit.
Re:This just goes to show (Score:4, Interesting)
AFAIK, it is activated and deactivated by having an active CoreAudio processing thread that is taking input from the microphone. So what this means is that they failed to stop their CoreAudio processing thread when they were no longer using it. It's more a battery life concern than a privacy concern, as long as that data isn't going anywhere, but as long as that light is on, you can't be sure that it isn't.
Re: (Score:2)
Sounds untruthful (Score:4, Interesting)
There is no API call to independently turn the mic light on or off.
The only way to toggle it is to open the microphone. Apple figured that out a long, long time ago.
Zoom.app not a Mac App Store download, it's direct from Zoom, so there's minimal to no vetting.
Either they are using an unpublished API and that seems doubtful because they really don't need to.
They're just pulling video from the camera API.
or
They were doing something nefarious, but if they were, I would think that they would
be vigilant about turning that light on and off to not get caught and kill the company.
or
They were sloppy and didn't close the camera, got worried about looking bad,
and some notech manager/legal team issued a statement and stupidly lied about it.
That seems the most likely to me.
As a side note, a walled garden(gasp!) analysis can prevent these types of issues,
especially where opening the camera and mic are concerned.
No using undocumented APIs and no pulling video without notification. For freedom.
Re: (Score:2)
> The only way to toggle it is to open the microphone.
Right, now have another read of the title. They're saying the microphone was still on and recording. The indicator accurately showed what Zoom was actually doing.
Zoom marketing speak isn't contradicting that either. Just brushing it with the phrase "... which could show the orange indicator light continue to appear". Which is euphemism for Zoom was still recording.
Re: (Score:2)
As a side note, a walled garden(gasp!) analysis can prevent these types of issues, especially where opening the camera and mic are concerned. No using undocumented APIs and no pulling video without notification. For freedom.
You don't need the walled garden for that. The ability to sideload apps from outside the store doesn't in any way impair your security - you are free to not use it and just get vetted apps if you want, without denying other people the ability to choose otherwise.
Besides, shit like that should be prevented at OS level, not at app vetting level. Why the hell does the API to turn on camera without the light even exist at all, documented or not?! And, apparently, not even requiring root access?!
Dispose of you computer after each call (Score:3)
The best thing I can suggest as a security expert with both a PhD and a GED from Slashdot University is to throw away the machine and purchase a new Mac after each call. That is the only way to be certain with these things.
Another fine example (Score:2)
Of overpaid developers screwing up the most basic of tasks. This is the 21st century. If you can't code your software to stop doing something when the person tells it to stop, you shouldn't be allowed anywhere near a computer.
If these developers are this inept they should go stand by the doorway and flip a light switch up and down to get an idea of how this is supposed to work.