This is not about zero trust security, this is about people not trusting each other in the Tech sector.
* Below is based on synthesis of many sources that I read / went through, plus my opinions. Since this is a personal blog and not an academical study, I don’t feel a need to provide any of the sources though.
Trust between people is an evolutionary mechanism that allowed human kind to get this far. Trust is frequently put at risk by people lying to each other, betrayals, etc. However, evolutionary, human societies tend to punish trust-threatening behaviour. So that the value of trustworthiness gets the upper hand in the end of a day.
I believe we are going through a huge challenge to the trust-based system in the Tech industry. And, I’m not sure if the superiority of trust survives this time around.
Few recent examples that come to mind (there are many more):
- Reddit abruptly setting exorbitant costs to API usage
- Docker changing licensing policies for Docker Desktop and almost shutting down community organizations from Docker Hub (they reversed the course there though)
- Twitter restricting API access
- Smaller companies seemingly randomly shut down by large tech companies with no reasonable recourse (multiple HN threads on this)
Now, such actions are partly explainable by natural changes in business conditions, necessity for businesses to be profitable, inability to invest in proper customer support and other business-factors like that.
But the bigger implication is it creates a world where nobody trusts each other. Like I believe myself to be a trustworthy person, but people may ask – if you sell your company, this may be gone, because people who buy it may not be trustworthy.
Same applies to everybody. Even if you think someone is trustworthy, there are just too many bad actors out there. Those actors seem to dominate and their actions go unpunished. There are like no visible repercussions for breaking trust.
As a consequence, the level of fear to buy something that is not run on-prem or not easily backed up and portable between different services seems to be very high. This impacts productivity among other things – as people tend to make buying decisions towards something less productive but where they have full control. This is even affecting old build-vs-buy discussion – like people deciding to build in-house instead of buy, even though buying seems to be much easier – but without trust you would rather build yourself.
I don’t have a solution, just an observation that it feels like the whole industry is shooting itself in the foot – and it’s not going to be easy to dig out of this.