Hacker News new | past | comments | ask | show | jobs | submit login

There is nothing in the article that suggests 'abuse' let alone rules, which is what you said. It's not entirely clear exactly what was done here but it was probably an update to the Malware Removal Tool which does what you can surmise from the name, without user interaction.

I care far more about the facts than about what's in the article.

Zoom is clearly not malware. It just has a bug. Is updating regular third party software documented behaviour of macOS? If so then I agree that it is not abuse. Otherwise Apple has some explaining to do.

I wouldn't call it a bug. Zoom deliberately engineered their app so it opened a security threat, accessible from any website on your browser, on your local machine without the user's knowledge. Then they reinstalled their software after the user had uninstalled it. Again, deliberately engineered that way.

That is not a bug

Zoom's intention was not to introduce a security vulnerability. That's why I'm calling it a bug.

Their intention was to bypass an inbuilt security measure. So no, maybe they didn't mean to add a vulnerability but they did mean to reduce the security of the system as a whole

Sure, facts are important. You started here:

The problem is that Apple appears to have made an exception to its own rules in this particular case. If I understand correctly, they used a first party system update mechanism to change third party software.

I don't think any of these are established facts and I don't understand how you, a fellow fact-fancier, haven't acknowledged that before breezily moving on to a discussion of the precise definition of the term 'malware'.

If you read the quote carefully, you will see that I did use rather cautious language, and I did that exactly because I wasn't sure that I knew all the facts.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact