What’s remarkable, to me, is how publicized these issues in Zoom became vs other software. Google also seems to have pointed their vulnerability researchers at it. I remember thinking at the time they were getting a lot more scrutiny than most software in that realm, which has the same types of issues. Maybe it just entered the public Zeitgeist and it’s all a coincidence, but as a long time infosec consultant that does vulnerability research I found it curious at least.
My take on it at the time was that while technically more knowledgable people were all happily having video calls in-browser for free, less tech savvy people were, by the millions, excitedly installing a pretty ropey app with root privileges and a whole bunch of vulnerabilities. It felt like a very necessary step when the normies thought they were entering the matrix.
