Wednesday, March 25, 2020

A Different Zoom in the Mac App Store

Jeff Johnson:

Remember when people bought the wrong Zoom stock because ZOOM is Zoom Technologies, whereas ZM is Zoom Video Communications? Well they’re at it again, this time on the Mac App Store instead of the stock market. “Zoom is an [sic] screen magnifier” […]

[…]

The fact that mistakenly purchased abandonware is among the top paid apps is an indictment of the Mac App Store. Why isn’t the “real” Zoom on the Mac App Store? I don’t have any insider information, but as a Mac developer I can make an educated guess: Mac App Store policies. Specifically, Mac App Store policies that restrict API usage, especially the sandboxing requirement.

Previously:

Update (2020-04-10): Jeff Johnson:

The misidentified, mistakenly purchased Zoom app is now #1 top paid.

Update (2020-04-15): Jeff Johnson:

The mistakenly purchased “Zoom” Mac app, which hasn’t been updated in 4 years, did nonetheless raise its price in the past week.

6 Comments RSS · Twitter

Mark Lilback

It’s not in the Mac App Store because it installs a kernel extension. I only use Zoom on my iOS devices as a result.

Kevin Schumacher

From Johnson's article:
"This is an indication that at some point, the app's rating were reset. Did you know this was possible in the App Store?"

Why, yes, and you would, too, if you had been paying attention. You would know that the overall rating was reset by Apple after every new version was released until 2017. After that, you as a developer have a choice whether you want to reset ratings at the time of each release.

"... especially the sandboxing requirement."

Yeah, imagine why a company that secretly installed a web server on your machine wouldn't want to deal with a sandboxed environment. Despite Johnson's protestations, no, "previous controversies that Zoom has engendered, and *perhaps* Zoom deserves criticism for mistakes they've made" (emphasis mine) is not beside the point.

The reason people are looking for Zoom right now is because nobody learned a damn thing from their previous behavior. I'm not blaming individual users, for the most part, for looking for Zoom because most of them don't have a choice in the matter. Their corporations or higher-ed institutions are mandating the software that is used, so I'm blaming the "professionals" in IT at each and every one of those places that don't consider Zoom itself a security risk that shouldn't be worth taking.

The argument here is that because of sandboxing, Zoom can't be in the Mac App Store, and relaxing restrictions on apps in the Mac App Store would fix that. The answer to this issue is not to just throw security out.

People are too lazy or stupid (or both) to read the first line of the app description and find out that this is not a video conferencing app. (In contrast to my earlier statement, I *am* blaming individual users for that.) What makes one think these lazy and/or stupid people should be be given easier access to software that has *less* restrictions on it and could wreak more havoc? Witness the major, high-profile apps in the tightly-controlled iOS App Store that are reading the clipboard every time they launch for no apparent-from-the-outside reason. You really think that such companies should be handed less restrictions? You think Zoom, which has a history of covertly keeping software on your machine that can turn the camera on, even after you've "uninstalled" their software, should be given less of a leash in order to get them to come to the Mac App Store?

Apple should be doing everything they can to dissuade people from using Zoom, full stop, not lessening restrictions to let them come to the Mac App Store.

@Kevin It’s a bad situation because, as you say, individuals may not have a choice about which software they use. I’d rather not install Zoom as-is. It would have full run of my Mac, and it’s not up front about what it’s going to do. Ideally, I would like just about any app to be accepted into the Mac App Store, but with the capabilities explicit and justified. So Zoom would be able to install a kext, but it would have to tell me why (with Apple verifying that the reason makes sense), and as a user I could approve or deny that particular permission. If I denied it, the app would still work but without whatever features that enables. My hope is that bringing more apps into the fold would increase security because even though they wouldn’t be fully locked down, there would be more visibility and control over what they are doing. Whereas, now, there is nothing constraining Zoom’s behavior, and the Mac App Store is so restricted that they have an easy excuse to not be there. If the rules/entitlements were expanded, such that nearly every app could be in the store, the few that weren't would stick out and get extra scrutiny.

Kevin Schumacher

@Michael I don't necessarily disagree with that idea, though I do question what Apple would have to allow in order to entice Zoom into the store in the first place. They are in the iOS App Store, so at least on that platform they have complied with more restrictions. Though in that case, the choice is be in there or don't be installed (for the vast majority of users), so they don't really have a choice. On Mac, they do have a choice and I'm not sure that Apple could loosen things enough to get them in there, or that we wouldn't find out down the road that they have somehow wormed their way out of whatever security Apple did still impose and managed to do something terrible like the web server fiasco from last June.

All of that said, I also am not sure whether it would matter in the long run. As we have been discussing, this is a mandate from IT in many cases, who also have the ability (to the extent they understand Macs in the first place) to do many things to provide software directly to users where it would be bypassing the App Store whether Zoom was in there or not.

For regular users, perhaps it would be better, but I'm just not holding my breath for Zoom to acquiesce no matter what Apple does. I do agree that *some* loosening of restrictions would be helpful overall.

Why Apple dot make a Windows version FaceTime? So along with the Skype you can choose between two free "mainstream" apps.
For specialists there are the paid apps like Wire and etc.

Sören Nils Kuklau

> Why Apple dot make a Windows version FaceTime?

They make Windows versions of iTunes/Music and iCloud (to some degree) because those are front-ends to paid services.

There's no direct business reason to do FaceTime for Windows (or Android). They want FaceTime to be a reason people buy/stay on iPhones, iPads, Macs.

It's kind of a shame, because it leads to phenomena where even all-iPhone groups of relatives will instead use a cross-platform solution, because it's what they're more familiar with, because some friend of theirs who doesn't have an iPhone uses it. (I think it was on Gruber's Talk Show where he recently relayed an anecdote to that effect. Or was it Jason Snell? They were trying to convince family to just use FaceTime, but they insisted on WhatsApp.)

OTOH, the good news is there's tons of options out there.

I guess one way Apple is better is that FaceTime is one of very few video systems that is end-to-end-encrypted. And regardless of that, Apple's business model means they're not that interested in your data.

So on a privacy angle, especially for consumers, this does suck. Companies don't care as much, as they can host their own system.

Leave a Comment