Your Mac could be hijacked through major security flaw in Zoom conferencing

first_img 14 Photos Now playing: Watch this: The top 3 upgrades in MacOS Catalina 0 4:39 Apple Aug 31 • iPhone XR vs. iPhone 8 Plus: Which iPhone should you buy? In a statement, Zoom said the local web server is a workaround for Apple’s Safari 12 web browser, introduced last September.”Zoom installs a local web server on Mac devices running the Zoom client,” the statement reads. “This is a workaround to an architecture change introduced in Safari 12 that requires a user to accept launching Zoom before every meeting. The local web server automatically accepts the peripheral access on behalf of the user to avoid this extra click before joining a meeting. We feel that this is a legitimate solution to a poor user experience, enabling our users to have seamless, one-click-to-join meetings, which is our key product differentiator.”In regard to a potential denial of service attack, Zoom says it has no record of such a weakness being exploited, and says it fixed that security flaw in May. Along with the likes of Slack, Uber and Pinterest, Zoom is one of many tech companies to go public in 2019. It raised $356 million upon its April 18 IPO, with its shares trading as high as $66 on that day. The stock has risen since, currently sitting at around $90.70. Post a comment Aug 31 • iPhone 11, Apple Watch 5 and more: The final rumors Enlarge ImageZoom says the flaw was born out of a workaround for Safari 12. Sarah Tew/CNET Your computer’s webcam has always been a gateway for potential security intrusion, which is why people like Mark Zuckerberg and ex-FBI head James Comey put tape over theirs. On Monday, security researcher Jonathan Leitschuh gave Mac users another reason to fret over their webcams — there’s a security flaw in the Zoom video-conferencing app.Zoom is most notable for its click-to-join feature, through which clicking on a browser link takes you directly to a video meeting in Zoom’s app. But Leitschuh in a Medium post explained that he months ago discovered Zoom achieves this in insecure ways, allowing websites to join you to a call as well as activating your webcam without your permission.He added that this would allow any webpage to denial-of-service a Mac by repeatedly joining you to an invalid call. Uninstalling the Zoom app from your Mac isn’t enough to fix the problem, either. Zoom achieves its click-to-join function by installing a web server on your computer — which can reinstall Zoom without your permission.”If you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you,” Leitschuh writes, “without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day.”1-mrgy9jojkkjsrp-xjsyomwHere’s the first setting you should change in Zoom. Jonathan Leitschuh/Medium For those of you who have the Zoom app installed on your Mac, Leitschuh, in his Medium post, lists directions to neutralize the local server in his Medium post. You should also activate the Turn off my video setting when joining a meeting, as seen above.The researcher said he contacted Zoom on March 26, giving the company a public disclosure deadline of 90 days. He said Zoom patched the issue, disabling the ability of a webpage to automatically turn on your webcam, but still this partial fix regressed on July 7, allowing webcams to once again be turned on without permission. reading • Your Mac could be hijacked through major security flaw in Zoom conferencing app Aug 31 • Verizon vs AT&T vs T-Mobile vs Sprint: Choose the best 5G carrier • See All Share your voice Aug 31 • Your phone screen is gross. Here’s how to clean it Apple Tags Computers Security Apple Mac Pro: Expensive, sleek and definitely not for grating cheeselast_img read more

Alleged Killer of Deputy Greenwood Committed Suicide

first_img Share To embed this piece of audio in your site, please use this code: 00:00 /01:04 – / 2Al Ortiz |Houston Public MediaDeputy Greenwood’s funeral gathers thousands on April 6th, 2017.Investigators with the Baytown Police Department say Assistant Chief Deputy Clint Greenwood was killed by William Kenny, 64, of Houston.Kenny apparently shot himself near Ben Taub Hospital last Tuesday – a day after Greenwood’s death and with the same gun the Harris County Precinct 3 deputy constable was killed with.Lt. Steve Dorris with the Baytown Police Department’s criminal investigations division said Kenny had filed several complaints with the Harris County Sheriff’s Office, “but why Assistant Chief Deputy Greenwood was the person that he went after we just don’t know right now, and unfortunately that’s one of those questions that will be difficult for us to answer because the person that can answer it is no longer here.”A website registered under the name Bill Kenny mentions Greenwood among other public servants who he claims conspired against him.Lt. Dorris would not confirm that there’s a connection.“Our detectives still have a lot of work to do,” he said. “And we will continue to work this investigation as if he is still alive and planning to go forth with the prosecution on it.”Greenwood was gunned down outside the Baytown Courthouse annex where he worked.The crime has been investigated by several law enforcement agencies, including Baytown PD, the FBI and the Texas Rangers.They used surveillance video from different locations to track down the vehicle used by the suspect until they got a good shot of Kenny. Listen Xlast_img read more