The true difference between Microsoft and Google is perception.
I always say that people treat different companies differently and not based on anything objective at all. Often times the bigger offender is treated better than the lesser offender. If it were the other way around there would be less to complain about. Anyway, I finally got my first concrete example that I remembered to keep track of. A tweet today.
EVERY SINGLE RESPONSE defends the data breach as of the time I read it. Admittedly, I would agree that the data being leaked is not *generally* all that hazardous. Like any exploit, or breach of data, in the right situations it could be used with malicious intent. But for the average person, the likelihood of this being used against them is akin to winning a lottery.
What makes this mind blowing is that based in the tweet, the leak of data is a bug. And people are defending a bug!!! This is far more damning than Microsoft sharing WiFi passwords in encrypted fashion with a controlled group of people or storing encryption keys in OneDrive; two topics people absolutely lost their shit over and virtually every response to every tweet or blog post on it was written as if to try and tear MS a new A-hole over these privacy "violations".
One person even disregards the notion of performing a MITM attack with this bug because if a person were on your WiFi they already knew your location. Of course, that response just shows that A) the person isn't being remotely objective and B) didn't even read the original post. It isn't leaking this data over your home network. It is leaking it over THE INTERNET. Vastly different scenarios, with vastly different ramifications. The difference is that someone looking in the right spot could intercept this data and learn where these people live and then use a MITM to determine based on usage if people are home or not. Like I said, unlikely. But definitely more dangerous than many things that seem to piss people off elsewhere.
By contrast, for someone to gain access to your WiFi via Windows 10 password sharing the person would need to be someone in your contacts and physically in range of your WiFi. They wouldn't know your address, be able to determine that you had WiFi or even know if they had access to your network until they were actually within range of it. There is no chance of a data trail leading back to you and even if someone gets within range you still have some form of control over who gets that "free" access.
Similarly to the complaint about MITM attacks, but this time actually true, is the thing about storing device encryption keys in OneDrive. There is currently no indication that anyone has hacked OneDrive and acquired someone else's key through any exploit such as this Nest one, but EVEN IF we assume that magically someone got a hold of your device encryption key, it is literally useless if they don't physically have your device as well. There is NOTHING they can do with it without that. AND on top of that, we're not talking about something trivial to acquire either.
I don't care about this bug personally. I imagine it will be fixed if it is indeed a bug. The point is, it is interesting how people respond. They want to like Google so they are more willing to dismiss the news or discredit those that bring it, whereas Microsoft's image is less desirable and people are more inclined to believe the negative or even fabricate stories or scenarios without sufficient evidence.
EVERY SINGLE RESPONSE defends the data breach as of the time I read it. Admittedly, I would agree that the data being leaked is not *generally* all that hazardous. Like any exploit, or breach of data, in the right situations it could be used with malicious intent. But for the average person, the likelihood of this being used against them is akin to winning a lottery.
What makes this mind blowing is that based in the tweet, the leak of data is a bug. And people are defending a bug!!! This is far more damning than Microsoft sharing WiFi passwords in encrypted fashion with a controlled group of people or storing encryption keys in OneDrive; two topics people absolutely lost their shit over and virtually every response to every tweet or blog post on it was written as if to try and tear MS a new A-hole over these privacy "violations".
One person even disregards the notion of performing a MITM attack with this bug because if a person were on your WiFi they already knew your location. Of course, that response just shows that A) the person isn't being remotely objective and B) didn't even read the original post. It isn't leaking this data over your home network. It is leaking it over THE INTERNET. Vastly different scenarios, with vastly different ramifications. The difference is that someone looking in the right spot could intercept this data and learn where these people live and then use a MITM to determine based on usage if people are home or not. Like I said, unlikely. But definitely more dangerous than many things that seem to piss people off elsewhere.
By contrast, for someone to gain access to your WiFi via Windows 10 password sharing the person would need to be someone in your contacts and physically in range of your WiFi. They wouldn't know your address, be able to determine that you had WiFi or even know if they had access to your network until they were actually within range of it. There is no chance of a data trail leading back to you and even if someone gets within range you still have some form of control over who gets that "free" access.
Similarly to the complaint about MITM attacks, but this time actually true, is the thing about storing device encryption keys in OneDrive. There is currently no indication that anyone has hacked OneDrive and acquired someone else's key through any exploit such as this Nest one, but EVEN IF we assume that magically someone got a hold of your device encryption key, it is literally useless if they don't physically have your device as well. There is NOTHING they can do with it without that. AND on top of that, we're not talking about something trivial to acquire either.
I don't care about this bug personally. I imagine it will be fixed if it is indeed a bug. The point is, it is interesting how people respond. They want to like Google so they are more willing to dismiss the news or discredit those that bring it, whereas Microsoft's image is less desirable and people are more inclined to believe the negative or even fabricate stories or scenarios without sufficient evidence.
Comments
Post a Comment