Hi,
Due to personal experience, this comes as no surprise to me. My daughter’s Apple accounts are linked to mine, so I need to approve any apps she downloads to her iOS from the App Store. I regularly review the privacy policies for these apps, and have been surprised by the number of apps that share personal information of their users with social networks like Facebook and others, even if the app user does not have a Facebook account (my daughter doesn’t). I often reject apps with these features unless she really does need them (as an example, for school work).
If you really are concerned with the privacy implications of apps in the App Store, then I suggest you pay attention to the privacy policies before installing them on your iOS. Speaking for myself, I never installed Zoom on my iPhone, nor do I intend to. TBH, I’m not sure if the desktop application discloses my data in the same manner that the iOS version does.
Thanks.
Amr
> On Mar 28, 2020, at 5:05 PM, James Gannon <[log in to unmask]> wrote:
>
>
> Its not compromised however, its using the Facebook SDK (And has now been removed) to enable the FB live integration, while yes there may be a feature here that people were not aware of, its not "compromised" in any way.
>
> -----Original Message-----
> From: NCSG-Discuss <[log in to unmask]> On Behalf Of Carlos Afonso
> Sent: Saturday 28 March 2020 14:54
> To: [log in to unmask]
> Subject: Re: Zoom is compromised
>
> Dear Farell, I think you did not read the second message from Raoul:
>
> ====
> https://www.vice.com/en_us/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account
>
> "The Zoom app notifies Facebook when the user opens the app, details on the user's device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier <https://konsole.zendesk.com/hc/en-us/articles/115013349668-Identify-Android-AdIDs-Apple-IDFAs-and-Safari-IDs>
> created
> by the user's device which companies can use to target a user with advertisements <https://www.singular.net/mobile-tutorial-series-idfa-apple-identifier-advertisers/>
> "
> -Raoul
>
> ====
>
> This is far more serious than hacking vulnerabilities known in the standard configuration of Zoom.
>
> fraternal regards
>
> --c.a.
>
> On 28/03/2020 08:37, Farell FOLLY wrote:
>> Dear Raoul,
>>
>> Thanks for sharing this. However, I don’t think the word “compromised” is the right one to use here, unless I don’t understand what you would like to mean. What is described in the link you shared as well as in your second e-mail is something about privacy setting of the apps….that the user could prevent in many ways. Indeed, anytime you use your browser or anything that connect you to the internet, if you do not properly set up your privacy and cookie setting, it always send some data about your device, your operating system and your location. This situation is even worse when you accept cookies on a 3rd party website without reading it in details… A “yes” on a website most of the time means: “yes propagate all my date to all your thousand partners”.
>>
>>
>>
>>
>>
>>
>> @__f_f__
>>
>> Best Regards
>> ____________________________________
>>
>> (Ekue) Farell FOLLY
>> GNSO Councillor
>> linkedin.com/in/farellf
>>
>>
>>
>>
>>
>>
>>> On 27 Mar 2020, at 22:53, Raoul Plommer <[log in to unmask]> wrote:
>>>
>>> FYI:
>>>
>>> https://www.theguardian.com/technology/2020/mar/27/trolls-zoom-privac
>>> y-settings-covid-19-lockdown
>>> <https://www.theguardian.com/technology/2020/mar/27/trolls-zoom-priva
>>> cy-settings-covid-19-lockdown>
>>
>>
>
> --
>
> Carlos A. Afonso
> [emails são pessoais exceto quando explicitamente indicado em contrário] [emails are personal unless explicitly indicated otherwise]
>
> Instituto Nupef - https://nupef.org.br
> ISOC-BR - https://isoc.org.br
|
