Chrome Enterprise is the Security Industry’s Latest Fraudware

August 07, 2024

After losing its antitrust case in federal court this week Google is throwing money at a tech sector that is immune to facts and scrutiny: cybersecurity. On today’s The Daily they advertised Chrome Enterprise, a version of Chrome for business customers designed to be secure, because apparently the regular Chrome they ship for consumers is not. For $6 per user per month you can tell your boss that you have paid for security for your enterprise users and pretend to be smarter than the dolts that just downloaded the regular free version of Chrome.

Why It Matters

It seems odd that the security industry and its approach to protecting users and its data is not under scrutiny after the Crowdstrike incident. The no blame postmortem has wilted into a no accountability box checking exercise. The amount of security hoops to jump through seems to grow every year, but so do the number of breaches. We cannot keep paying more for failure.

You Have to Trust Someone

Whole classes of security software duplicate functionality provided by other software or hook in to monitor it. If Windows and MacOS have built-in anti-malware tools, why does your browser also need that? Is Crowdstrike really going to be better at identifying threats than Microsoft? If you’re going to deploy restrictions on software users can install, what level of scrutiny is sufficient for approval? Did you read the source code? Did you read the source code for the dependent libraries? In a zero trust environment should a browser extension really be a threatening attack vector?

Secure by Default

When corporations buy automobiles, they do not buy special versions that have different locks and immobilizers than what the general public buys. Yet for some reason folks think corporations need special versions of software to be secure. The fact that Google touts a secure version of Chrome implies that the regular version is not secure. Yet there is no special reason they could not simply integrate the secure settings and features into their main version.

Want to get posts like this in your email?

This work by Matt Zagaja is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.