How to see if Zoom is running a secret web server on your Mac (and remove it)
Zoom, a popular video conferencing app, is in hot water today. The Mac version is running a secret web server in the background – even after uninstalling it! – which can be used to reinstall Zoom and even turn on your video camera.
If you’re wondering if you’re affected (you might not be sure someone has already installed Zoom on your Mac and then uninstalled it), here’s how to check.
To see if the main Zoom app is currently installed, open the Finder app, select Applications, and search for “zoom.us” in the list. If you have this app installed, you almost certainly have the web server running.
But, even if you don’t have the app here, the web server will still run in the background if you’ve already installed and then uninstalled Zoom.
To check if the server is running, open a Terminal window. To do this, press Command + Space to open Spotlight Search, type “Terminal” and press Enter. You can also head to Finder> Applications> Utilities> Terminal.
To find out if the web server is running, type the following command and press Enter:
lsof -i :19421
If you see a “ZoomOpene” process running, the web server is running in the background. If you don’t, you don’t.
If you see Zoom’s web server running and you want to completely remove Zoom from your system, run the following commands.
These assume that you have first uninstalled the Zoom app from your Applications folder. If not, updating Zoom will likely reactivate the web server.
pkill ZoomOpener rm -rf ~/.zoomus
if you want to keep Zoom installed, LifehackerThe Quick Guide states that you should enable the “Turn off my video when I join a meeting” option for security reasons. Jonathan Leitschuh’s original disclosure provides more information about the problem.
Browser-based video conferencing apps might be a better solution in the future. If you just use an app in a browser without installing any software, it can’t do shady things like this on your Mac or PC.
Pro tip: Simply uninstall all meeting apps from your computer. Use the browser version of the meeting client. They are working fine now. Apps are running things in the background and I won’t even go into the stupid things that they waste CPU time on when you never even use them 99.9% of the time.
– SwiftOnSecurity (@SwiftOnSecurity) July 9, 2019