I don't think Zoom has done anything malicious. I think they just built their software quickly and just made it work.
Now that it's under a lot of scrutiny they're paying a bit of PR price. But they'd probably do it all over again since they are now seeing hundreds of millions of users.
You make it sound like a startup that build a piece of software quickly and forgot a few things.
There are two issues with that argument.
First, they put in EXTRA effort to break the security of their users. The feature of 'upon de-installation, install a daemon on the system that silently re-installs the app whenever a zoom link is clicked' is MORE work than not doing that, for example.
Second, they are 8 years old, have 2500 employees and a revenue of over 600 million. I work at a 30 ppl startup and I would not at all be surprised of we invested more hours in security in 2019 than Zoom did...
I don't think Zoom has done anything malicious. I think they just built their software quickly and just made it work.
Now that it's under a lot of scrutiny they're paying a bit of PR price. But they'd probably do it all over again since they are now seeing hundreds of millions of users.