There were tons of great responses and discussion with good points being made on both sides ranging from, “this is drug dealer tactics” to “Infosec pros complain about orgs not giving budget while not wanting to spend their own money on security.”
I believe there are three things at play here,
- The reality-expectation gap
- Understanding businesses
- Our relationship with software
1. The reality-expectation gap, as its name states is when reality does not match our expectations. For example, you study really hard for an exam and expect an A grade but end up with a B. The B grade isn’t bad, but the disappointment lies in what you expected and what you got.
Whenever we make the decision to use a software, make a purchase, or recommend something, we’ve made an investment. Whether that be a monetary investment, or time, or emotional. We expect things to work as they are, and when that is unexpectedly changed, it causes disappointment.
2. Understanding businesses is a vital part of the equation, especially tech companies. Many tech companies are not profitable, they have investment and often offer services at a loss in order to build market share. But this isn’t something that is sustainable indefinitely, and there comes a point where the user base needs to be monetised *cough* Facebook *cough* or culled.
This isn’t just for startups, we saw a few months back Google announced a change to its Photos services
whereby from June 1 users will no longer get free unlimited photo storage.
The last point on this is that any tech company’s primary objective is to make money. Sure, if they can make the world a better place in the process that’s good. But very rarely will a company try to make the world a better place without profiting from it. While we all would love all of our friends and families to use password managers or other security tools and software and be better at managing their online risk. Vendors don’t care if everyone does, they just want enough people using their service to allow them to turn over a nice profit.
3. Our relationship with software
today is not the same as it was back in the days when you got software on CD’s from magazines. As consumers, we have very little control. Even when there’s a physical product attached to the service, because everything is linked to a cloud backend, vendors can make any changes at any time. While sometimes public pressure can force a company to rethink any major change, like when Sonos did a U-turn over bricking its older smart speakers
, other vendors remain firm in their battle to force their customers to remain within their grasp, as the long-running dispute between John Deere and farmers
Is this a good thing? Well call me old-fashioned, but I grew up in a time when if you bought and paid for something, it was yours forever to do with as you pleased. We’ve entered into a weird muddled up world where we don’t know what direction a software will take or how our relationship will change with the provider on a day to day basis - whether that be paid or free. On the other hand, I’m sympathetic towards vendors and providers who may want to tweak or change an offering knowing that whatever changes are made will alienate a portion of its user base.