Security Hype as a Dumb Excuse (SHaaDE) 🔓

If big tech companies are insistent on using security concerns as an excuse to fortify their competitive advantage, we should at least have the right to call it out.

(FLY:D/Unsplash)

For a few years now, I’ve been one to question the degree to which companies use security concerns as a shield to cover themselves from things they don’t want to do.

Perhaps it involves not wanting to support older generations of hardware or software, or making it more difficult to put alternative operating systems on a machine.

But I think that we’re finally starting to see a large number of people figuring out that large tech companies are taking advantage of the cover that security gives them to make controversial or even anticompetitive decisions.

Screen Shot 2021 07 04 at 7 04 35 PM

I had to use a hack to get Windows 11 installed on my M1 Mac, as Parallels does not support TPM on the device at this time.

I wrote about one a couple of weeks ago—the move by Apple to put up a privacy shield around industry-standard email tracking practices such as open rate—but I think a couple of others have emerged since that time that are perhaps a little more obvious and highlight why I found that move so frustrating:

The announcement of Windows 11 last week came with word that Microsoft was going to require a baseline level of support for security functionality at the hardware level—namely Trusted Platform Module (TPM) version 2.0. This new Windows version cuts off most generations of hardware before 2018, which will force unexpected upgrades for a lot of folks to stay current. A late-2017 laptop I own, on paper, does not support Windows 11 based on Microsoft’s listed requirements, despite being perfectly capable of doing so. The news upset a lot of people that spent the past five-plus years perfectly happy with a Windows operating system that worked on devices that are more than a decade old. (Look hard enough and you’ll find examples of 2006 Mac Minis running Windows 10.) There are security reasons for these changes, sure, but they seem to have the convenient side effect of convincing tens of millions of people to upgrade their still-viable laptops for a seemingly arbitrary reason.

On the Apple side of things, the company faced a harsh rebuke from a top European Union official, Margrethe Vestager, who criticized the company’s case against sideloading on iOS for security reasons. “I think privacy and security is of paramount importance to everyone,” she told Reuters. “The important thing here is, of course, that it’s not a shield against competition, because I think customers will not give up neither security nor privacy if they use another app store or if they sideload.” Given that Apple spent a whole lot of energy recently trying to convince people that sideloading would break their entire security apparatus, it’s clear that the people they needed to convince are not buying it.

In both of these cases, large software manufacturers representing tens of millions of users, each, appear to be making cases rooted in security, but in reality leave consumers more dependent on them or their partners.

S Haa DE 1

There are other forms of this, like planned obsolescence or the right to repair issues I’ve talked about many times, but to me it’s becoming a bit more nakedly obvious that the stated desire for security comes with too many positive side effects for the companies for that to be an accident.

As consumers, the problem with this is that we’re sort of at the mercy of these companies when they make these cases, because how are we supposed to know any better?

Companies are going to continue doing this unless they get publicly called out for it, so let’s give it a name. Here’s what I’ve got: Security Hype as a Dumb Excuse (SHaaDE).

There are actual security concerns out there that must be taken seriously, as Margrethe Vestager put it, but things that end users did not ask for that don’t actually keep them safe, and further act to either kneecap their competitors or support your partners are not valid reasons to strengthen our security.

So, if you think a big company is trying to screw you over for overstated security reasons that might be hiding some under-the-radar ploy to protect or extend their competitive advantage, throw them some #SHaaDE. (Use the hashtag, to make sure they hear it!)

After all, there are plenty of other options out there that can keep you safe online without arbitrarily limiting what your desired tools are capable of.

Time limit given ⏲: 30 minutes

Time left on clock ⏲: alarm goes off

Ernie Smith

Your time was just wasted by Ernie Smith

Ernie Smith is the editor of Tedium, and an active internet snarker. Between his many internet side projects, he finds time to hang out with his wife Cat, who's funnier than he is.

Find me on: Website Twitter

Related Reads