Daniel RubinoMicrosoft should get into the home security business because Eufy, Amazon, Google, and others all have major trust issues.
Excellent article by @Gwanatu, with some input from myself.
theOmegabit@daniel_rubino and Microsoft is the one to lead trust? I mean, relatively, sure, the bar is so low with the others. But I don’t think that makes that sound good.
@theomegabit Yes. MS's rep amongst consumers is 📈:
https://www.theceomagazine.com/business/management-leadership/trusted-brands-2021/
https://www.windowscentral.com/microsoft-has-better-reputation-apple-google-and-other-tech-giants
https://www.rankingthebrands.com/The-Brand-Rankings.aspx?rankingID=37&year=1422
https://www.rankingthebrands.com/The-Brand-Rankings.aspx?rankingID=118&year=1352
https://www.rankingthebrands.com/The-Brand-Rankings.aspx?rankingID=248&year=1365
@daniel_rubino Their rated rep and reality are two very different things. I mean ffs, one (spot reading) of the brands listed in your linked articles is Alipay in China. You can’t claim with a straight face that is legit. You’re conflating mixing security and privacy when they’re both different.
@theomegabit Then show me some data to back up your point that Microsoft is not trusted vs. just your opinion?
@daniel_rubino At best, Microsoft is no better than the current players you mentioned. That said, where do you want to start?
- Microsoft’s more friendly Chinese censorship stance?
- Their status as first PRISM participant for domestic spying? https://en.wikipedia.org/wiki/PRISM
- Their long storied history of continued, invasive telemetry and data collection throughout all of their products, which over time has gotten worse, not better.
- Increased scrutiny over the above data collection combined with Linkedin - https://www.fastcompany.com/90290137/how-microsoft-has-avoided-tough-scrutiny-over-privacy-issues
- The return to the IE days of data collection with Edge: https://www.zdnet.com/article/a-professor-says-edge-is-the-worst-for-privacy-microsoft-isnt-happy/
- Well documented pitfalls in security response in general: https://arstechnica.com/information-technology/2022/06/botched-and-silent-patches-from-microsoft-put-customers-at-risk-critics-say/
@daniel_rubino But in the sphere of home security / IoT, it’s mostly a vast wasteland of garbage and unregulated crap. That bar couldn’t get lower. And in privacy, Microsoft, along with amazon and google are atrocious. In terms of security, it flips - all three are actually quite good organizationally.
@daniel_rubino To your question though - are we talking trust / privacy or security - not that there is really much difference in the outcome but there is some nuance.
@theomegabit Privacy/security/trust all go hand in hand on this issue, doesn't matter. Again, Microsoft does rank well, or rather near the top (Amazon does do quite well, although I'd argue Ring has had some security concerns with footage, hacking, etc. in the past)
MS's role in cybersecurity is massive (see war in Ukraine and Russia's Fancy Bear)
https://www.newsweek.com/americas-most-trustworthy-companies-2022
https://www.marketingcharts.com/customer-centric/privacy-and-security-119158
https://www.wired.com/story/microsoft-russia-fancy-bear-hackers-sinkhole-phishing/
@daniel_rubino My point is, I (and many others do) argue they’re no better, at all, than the others in that list. That c-level ranking garbage (not yours specifically but most of that) as it pertains to the realities of security and privacy are just that - garbage. It’s meant to appease some board level audience that there’s nothing to see here and everything is just swell
@daniel_rubino Go hand in hand in which way?
You can be good at one and not the other. In the case of the big players (Amazon / Google / Microsoft) they are all quite good at security in their own ways. Truly. Privacy however, none of them are.
@theomegabit "Privacy however, none of them are."
Is this your opinion or is this backed up by consumer sentiment/data/evidence/independent ratings?
Becase I'm looking for data here on this topic, not conjecture.
@daniel_rubino I mean, if you want to consider it the opinion of the majority of the security / infosec community, sure, it’s just opinion. Are you being serious or not? Ask anybody (seriously) in the security community / industry on if the big 3 (or 5 if you want to expand to social companies ) are leaders in privacy or have a leg to stand on re: privacy. And then simultaneously ask why you might not see those realities surfacing on c-level charts and marketing materials.
@daniel_rubino To your point though, my previous response has numerous links, some of which touch on the various failures of Microsoft’s privacy practices, specifically.
@daniel_rubino How about another - https://arstechnica.com/information-technology/2020/03/study-ranks-edges-default-privacy-settings-the-lowest-of-all-major-browsers/
This is hardly a fringe belief and is well researched.
@theomegabit Again, you're missing the point.
Linking to stories about security vulnerabilities (from 3 years ago) is not the same as consumer trust/sentiment, which is the point I'm driving when arguing for MS to go into home security.
@daniel_rubino I’m not - you mentioned security and privacy being one in the same. As for age of some of the bulbs, sure. I spent 10 seconds googling. Point being, this isn’t some birds-aren’t-real conspiracy….
I expect some level of bias (you write for a windows site after all). I’m merely asking you to perhaps realize said bias.
While I do work primarily with AWS now, that’s only the last ~5 years. I spent twice that prior in Windows / Microsoft exclusively.
@theomegabit I may be biased, but I did not write the article, nor was it my idea for the MS angle, and it didn't appear on Windows Central. It's on Android Central.
@daniel_rubino dude, lets not be pedantic. I’m aware of where that specific article was published.
@theomegabit Name a company that is involved with consumer security or privacy that is flawless.
Pointing out past issues or problems is not the same as consumer sentiment regarding trust in those companies (or independent rankings), which is the point I'm getting at.
I also can't name another non-Chinese tech company with the security nohow, cloud infrastructure, hardware abilities, and positive consumer sentiment besides MS that can scale in home security.
1) I never said anyone was flawless - merely that your inference that Microsoft would bring something new to the IoT privacy conversation (they won’t) was flawed because Microsoft is no better than the current players. Their well documented history of anti-privacy practices and poor comms is not only historic, but also current. I can keep pulling sources if you’d like.
2) your independent ranking are flawed in that they’re tightly scoped in reach and scope.
1/n
@theomegabit Look, we can just end this here as we're two ships in the night making different points.
Agree to disagree.
3) Microsoft has a slight edge, admittedly (historically) in hardware. However, that is small piece of the IoT security topic we’re talking about. It’s not just hardware but software, patching, comms, etc. As we’ve already discussed, they’re at best, “the same” here.
4) Cloud…. Oh boy. This is where they distinctively trail Amazon and Google, chiefly because the majority of Azure was never designed to be a multi-tenant public cloud. The key distinction with cloud however
@daniel_rubino is that none of the cloud providers reliably release this info. That said, one thing I suggest you follow if you care about this is the @cloudvulndb initiative - https://www.cloudvulndb.org/
