> Taking responsibility would be "We fired all our 'security' people who told us we had best-of-breed security,
Based on what we know (not much) it's equally likely that their actual security experts completely understood the current situation, but marketing or high-level C-suite people came up with all of this.
I can completely picture the conversation between security engineers and marketing about whether they can use the term "End-to-end encryption" because I've had very similar conversations before about (mis)use of technical terminology.
How far do you go if you're unable to convince them to change the terms? What if you escalate all the way up to the CEO and they don't agree.. then what? Do you refuse to leave the CEO's office until they concede? Quit your job in protest? (What do you suppose that would accomplish?)
I'd be interested in hearing about the conversation of the installer.
Manager: Why does the installer require so much interaction with the user?
Dev: That's part of the OS protection efforts.
Manager: Can we make it require less interaction?
Dev: Not without hacking together our own too that once installed will allow the computer to run any script with root privileges. That's a bad idea.
Manager: If it means the user doesn't have to do anything, then do it.
Dev: But it is a bad bad bad thing.
Manager: meh
Or was it closer to
Manager: Can't we do something.
Dev: Sure (with an evil grin), we can do something
Manager: Great!!
Based on what we know (not much) it's equally likely that their actual security experts completely understood the current situation, but marketing or high-level C-suite people came up with all of this.
I can completely picture the conversation between security engineers and marketing about whether they can use the term "End-to-end encryption" because I've had very similar conversations before about (mis)use of technical terminology.
How far do you go if you're unable to convince them to change the terms? What if you escalate all the way up to the CEO and they don't agree.. then what? Do you refuse to leave the CEO's office until they concede? Quit your job in protest? (What do you suppose that would accomplish?)