A different way to frame the comment might be something like: "we were willing to sell out your privacy and security for a mere pittance, 'cause we're cheap whores".
I assume they didn't intend to compromise security. I think it's more accurate to say that they stiffed their users with adware that nobody wants in exchange for a little bit of money, and that were so indifferent to security and privacy while doing it that either didn't notice or didn't care that it was a fundamentally bad idea.
In my opinion that is worse. Most any clueful technocrat can tell you that injecting traffic into HTTPS sessions is a MITM attack. I am willing to bet that fact most certainly did make it to an executive level (certainly at the fishy company) and a choice was made to not care about that problem.
The road to poor security is paved with indifference.
My co-worker Tom has this mental model he calls the "prostitute-physician scale." Basically, it's a scale for measuring how willing you are to simply take the client's money and do whatever, versus giving advice in the best interest.
I think many sex workers with personal standards would be insulted by your comparison with physicians, who seem to be happy to take money (not your money, I guess) to push drugs that may or may not actually help you[0].
I think many sex workers with personal standards would be insulted by your comparison with physicians, who seem to be happy to take money (not your money, I guess) to push drugs that may or may not actually help you[0].
I do not object to this notion at all! For one thing, it's not my comparison, it's my co-worker's. Also, an "inversion" of the scale's sign would serve as a sharp and salient commentary on problems in our society.
