Hacker News new | ask | show | jobs
by purple-dragon 2230 days ago
> The fact that they hired Alex Stamos and ...

Call my cynical, but "hiring" a bunch of infosec celebrities and critics as part-time consultants or contractors should be considered nothing but a (brilliant and silencing) PR move until the day that product updates and analyses reveal otherwise.
1 comments
djrogers 2230 days ago
> until the day that product updates and analyses reveal otherwise.

The product (and their poor installer practice) has been updated several times in the past few months alone, and each move has made Zoom a more secure product, with the vast majority of the hubbub having been addressed. So are you simply ignoring that, or are you setting your own personal goalposts?

link
purple-dragon 2230 days ago
I'm doing neither. I'm pointing out a logical fallacy in the parent comment. Hiring people part-time and buying a company does not, on its own, convey anything about improvements to product quality, security, or the corporate culture of either. I can only infer from your comment that you might think I have some beef or issue with Zoom. I said no such thing.
link
wutbrodo 2230 days ago
Sure, but it's not "on its own", it's in the context of the investment in security mentioned by the parent comment.
link
purple-dragon 2230 days ago
At this point, I'm confused, and I'm not sure what point you or the other commenter are looking for me to concede. Zoom is paying some security consultants, pushed out some product updates, and bought Keybase, so it's a story book ending?
link
wutbrodo 2229 days ago
Just as your comment was aiming to narrowly point out a logical fallacy in the parent comment, I'm pointing out a flaw in your own: I disagree with your claim that investing in security practices is just theater, and that more concrete efforts in the same direction are irrelevant. The concrete efforts are Bayesian evidence that the newer investments are more than theater.
link
purple-dragon 2229 days ago
I didn't claim that. I believe in investing in security. I'm a security professional.
link
ViViDboarder 2229 days ago
I am not looking for you to concede anything. You said nothing has been done to show you that the calculus of their priorities has changed and I listed some things that could possibly show that. It’s up to you if you believe that is significant enough to convince you.

Frankly, I don’t care if it does or not. I was just providing some visible signs of investment.

link
purple-dragon 2229 days ago
I didn't see you respond to my comment in this thread unless you post under two different accounts.
link