Update July 15, 20019: Apparently scrutiny and social media outcry and posts like these worked. Much later the same day, Zoom finally acknowledged that they shouldn’t compromise user security and use creepy tactics like installing web servers on their users’ computers. Even though initially they said it was fine. A few days later even Apple reacted and posted a silent update to all Macs that removes the web server even if you haven’t yet updated the Zoom app to the latest version. Which you totally should!
The drama is over. I’m happy that Zoom reacted quickly and I’m a little surprised that even Apple jumped in to really make sure this thing was over. That’s all good and I’m happy that the system worked, but as a cautionary tale I decided to leave the original blog post - you can skip the part about removing the server and read the rest of my thoughts on why we need high standards of ethics in the technology companies of today.
Original blog post from July 9, 2019:
Yesterday news broke that Zoom - a video conferencing tool that my Nozbe team is using - is doing creepy things to Mac users - Jonathan Leitschuh wrote a long blog post about how they are secretly running a web server on your Mac and potentially allow any website to enable your camera without your permission… and the sad story is that the Zoom company with more than 40 Million users (myself included) is standing by its creepy and ethically questionable “solution” for the sake of a “better user experience”. Luckily there’s a way to stop this web server from working and in this post I want to give you step by step instructions of how to get rid of the Zoom server from your Mac and later I want to explain myself why I was endorsing Zoom as a video conferencing solution for remote teams where we go from here… let’s do this:
How to get rid of the creepy Zoom server from your Mac
Make sure you’re logged in to your Mac, quit Zoom (zoom.us.app) and fire up the terminal and follow the instructions in my Gist:
Step 0 - update your Zoom app just in case
Before you start please open your Zoom app one more time and check for updates. Update the app and then quit it (CMD+Q). Wait for it, the app takes time to shut itself down. Now please continue:
Step 1 - kill the zoom server
Check if the zoom server is running on your Mac, by identifying the PID of it:
lsof -i :19421
If you’re running “Ring Central for Meetings” which is a rebranded Zoom, check port 19424 and if you’re running a Chinese version of Zoom (Zhumu) check out port 19433. Once you’ve got it, kill the server:
kill -9 PID
…where instead of PID put the number you’ll find with the previous command. In my case it was 1268 just like you see here:
Now you can repeat the “lsof” command to make sure the server is no longer working.
Step 2 - delete the zoom server from your Mac
Now you need to delete the zoom server, first go to your home directory and type this:
rm -rf ~/.zoomus/
This is not all! The zoom server will re-create itself upon launching Zoom again, so make sure to remove it from the Zoom app bundle:
rm -rf /Applications/zoom.us.app/Contents/Frameworks/ZoomOpener.app/
Now you’re done!
Open Zoom again and check with lsof command that Zoom server is actually not working anymore. It’s gone from your Mac.
Step 3 - change your Zoom settings just in case
Go to Settings in Zoom, in “Video” tick on the setting in “Meetings”: Turn off my video when joining a meeting:
Step 4 - do this all over again when you update your Zoom app…
Yes, whenever you update your Zoom app make sure to follow these steps again. That’s why bookmark this page for future reference. I’ll be trying to keep this page updated as soon as things change (hopefully for the better… but I’m not holding my breath…)
Why I was recommending Zoom as a video conferencing tool for remote teams
In my “No Office apps” book as well as my “No Office” blog I’ve been recommending Zoom many times over.
Zoom used to be great because:
- it works on all the major platforms. Also on mobile like Android or iPhone or iPad, where I can have my video on and see up to 4 people on the screen at a time
- you can define permanent “rooms” where you meet - we have set up rooms for my directors meeting, design fight, the podcast recording, mastermind group, etc…
- it doesn’t throttle your connection just because of one person’s poor internet connection, it’s very stable and very reliable
- it’s free to try and if you have a company like mine, it’s not really that expensive to run… and the convenience was worth the monthly cost
- and if you’re running Webinars, you can run them with Zoom as well!
Zoom is no longer great because they’re running this creepy web server and they’re standing by their choice. And they’ve been running this for months if not years and they were fine with that. They don’t care about my security and when running an all-remote company that’s what I care about the most!
Where we go from here?
I’m not sure. We will keep using Zoom until we find an alternative. I used to hate Skype but I’ll check if it works now and what this new Skype for Business is all about… I’ll check Go To Meeting and will keep exploring alternatives. If you have any ideas, let me know on Twitter.
We need to start having a new policy towards Silicon Valley apps from now on and have more scrutiny around their actions.
It seems that Zoom, being a Silicon Valley darling, a next “unicorn” that is about to IPO has subscribed to the “growth at all costs” philosophy.
We shouldn’t stand by and say it’s OK. It’s NOT OK.
We should be searching non-Silicon-Valley pieces of software in the future!
Silicon Valley (SV) is all about growth. Company like mine - Nozbe - is not. It’s a “lifestyle business” where there are no investors, we’re bootstrapped, we’re all-remote, and we’ve been 12 years in business and we’re doing great living off our customers’ payments. We won’t IPO, we won’t sell, we are here for the long haul.
If you’re in a market for a to-do app for your team which is not SV-based, definitely give Nozbe a try and let me know how it worked for you.
But this post is not about me or my app, it’s about ethics in software business and how we should start highlighting apps that want to do good and treat the security of their customers as priority one because they get their money only from these very customers - not from VCs or the stock exchange.
Now we have to find a non-SV video conferencing software - please let me know if you find it. Thanks!