- cross-posted to:
- technology@lemmy.world
- technology@beehaw.org
- cross-posted to:
- technology@lemmy.world
- technology@beehaw.org
Microsoft is pivoting its company culture to make security a top priority, President Brad Smith testified to Congress on Thursday, promising that security will be “more important even than the company’s work on artificial intelligence.”
Satya Nadella, Microsoft’s CEO, “has taken on the responsibility personally to serve as the senior executive with overall accountability for Microsoft’s security,” Smith told Congress.
His testimony comes after Microsoft admitted that it could have taken steps to prevent two aggressive nation-state cyberattacks from China and Russia.
According to Microsoft whistleblower Andrew Harris, Microsoft spent years ignoring a vulnerability while he proposed fixes to the “security nightmare.” Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security, ProPublica reported.
This apparent negligence led to one of the largest cyberattacks in US history, and officials’ sensitive data was compromised due to Microsoft’s security failures. The China-linked hackers stole 60,000 US State Department emails, Reuters reported. And several federal agencies were hit, giving attackers access to sensitive government information, including data from the National Nuclear Security Administration and the National Institutes of Health, ProPublica reported. Even Microsoft itself was breached, with a Russian group accessing senior staff emails this year, including their “correspondence with government officials,” Reuters reported.
You must log in or register to comment.
I’ve spent the better part of my life watching microsoft fuck people over and then when they finally - finally get called out on it they do a bunch of bashful aw-shucksing before doing it again and again and again.
No.
Microsoft is dead. Kill it with fire. The US government should have known better, but they didn’t because like every other organization they have a boatload of clueless mid-level managers who only every learned Windows and fall for microsoft’s garbage every time, despite the eye-popping price.
NO MICROSOFT. EVER. They’re a criminal organizaiton, the amount of destruction they’ve created will never be known.
Linux is great. It was initially concerning to migrate but overall I’m happy I did. I assume Microsoft will attempt to make things more incompatible and proprietary as a last chance attempt to hold onto users. Ultimate this will just lead to more people switching to Linux faster over time.
There is no way a regular user will switch to Linux. And that is comming from me, who is an advocate for Linux desktop daily driver.
I thought I would never switch to Linux, and here we are.
Some distros are really beginner friendly
Yes, they are. But there are still some issues and don’t get me started on MS Office which many people are used to. Belive me, that the true hill the Linux will die on. I tried to switch couple of people and they all refused because of the MS Office. And no, LibreOffice, nor OnlyOffice nor Google or MS online editors do not hit the mark sadly.
I really hate Office’s UI especially Word, but in all schools they teach it. sadly
I’d say the problem with Linux is not so much with beginner users, it’s easy enough to setup a basic desktop with a web browser and some tools, but with intermediate users who know enough to be dangerous on Windows and think that makes them “advanced”, who then can’t apply their clickety clackety ways of figuring things out on Linux.
As beginner friendly as they are you still can’t play Sims 1 and 2 on them.
You can’t play Helldivers 2 because of the anti cheat it has. Also some what less importantly it can run any of my work software. Now, I could dual boot but this a pain to deal with because now I have to swap OS’s depending on what software I want to run.
You can’t play Helldivers 2 because of the anti cheat it has.
Wrong, entirely. I have played Helldivers 2 on Linux Mint using Proton Experimental compatibility through steam.
Never been an issue for me debian+kde+steam it started right up the first time i tried. No tweaking needed.
Those anticheats are so annoying. You can play brawlhalla on linux but since they added EAC you often can’t play offline because of random updates
Helldivers works fine. Sometimes its anticheat complains but most of the time when that happens it launches and works anyway or you kill it and start again and it works.
I could not get it to load up. The game would load but the anti cheat just refused to run, and then I couldn’t connect.
I couldn’t get anything to work but steamdb seems to have plenty who do. I will try again.
They legally can’t prioritize shit but shareholder profits. We are all about to watch a US based company, purposefully fuck over the US government and possibly us by extension, and nothing will happen. Fuck this oligarchy.
They legally can’t prioritize shit but shareholder profits.
This is a lie… Stop spreading it as it helps corporations hide behind it to do evil shit
I just jumped down a rabbit hole, thank you. Where the fuck did that statement come from? I didn’t find the source of it. Only that its not true.
There was some case where shareholders sued the board or the CEO because they were borderline embezzling.
In the judgement there was some language that these thieves were not prioritizing the shareholders and from that, the whole lie evolved that USA corporations have to kill their grandma’s if that’s the only way to profit
Things like this that make me wish we still had the pillory punishment.
Look at his smug little smile. He knows they are not going to do shit. The smile would fade quickly if he faced 6 hours locked up being pelted with rotting vegetables and fruit in 90° heat.
To reinforce the shift in company culture toward “empowering and rewarding every employee to find security issues, report them,” and “help fix them,” Smith said that Nadella sent an email out to all staff urging that security should always remain top of mind.
Yeah that ought to do it.
"Of course, fixing these kinds of issues won’t push your product deadlines back at all. But we’ll be thankful to you! "
That’s just barely thoughts-and-prayers level. They could at least schedule a mandatory meeting that interrupts everyone’s day for half an hour.
Usually they set up a hotline which may or may not get you fired.
Using the hotline won’t get you fired, but somehow - for totally unrelated reasons - after using it you’ll end up on a PIP with untenable goals, and that will get you fired.
Happy cake day!
Lol. Considering it was senior management that ignored staff, this statement is even fucking dumber than it sounds.
“Next week to improve employee morale we will have a pizza party” - Nadella, probably
they could throw a pizza party for their government clients. Less work than fixing the problem
Same energy as “You have unlimited PTO here, but we also have this nifty little thing called performance metrics”
We prioritize security until our stock price drops a single point.
the funniest part of the fall of MS for me has been the cunts getting so excited about fucking off the home users they forgot one vital thing: C-suite and beancounters run at a home user level. And most infrastructure techs will happily flick to a linux distro come server build time.
Their current direction has also pretty much killed their use in anything related to media distribution, it’s virtually a detailed list of TPN violations
a detailed list of TPN violations
Eh, that’s actually kind of a selling point. I’ve got no interest in an OS on my personal PC that focuses on being made more friendly to the MPA.
I doubt MS even knows what security means
Oh they know, Azure is running on Linux
So we start…click on the paint brush icon…that tiny colourful thing right under the big ass “W” Icon. Now hit agree on the window asking if you’re secure. Wait a few moments and agree you your 2FA app on your phone. You might have to ask your wife to agree if you are married and bought the license for your spouse only. Cheapskate! Now stay here for a few minutes, we’ve called the 🚓🚨 police.
If Microsoft cares so much about security, then WTF are they doing greenlighting a project like CoPilot / Recall?
deleted by creator
If Microsoft cares so much about security
they don’t, this is all lip service
To be fair, MS “delayed” recall yesterday to fix the security issues, everybody else is hoping this is a soft-kill https://www.theverge.com/2024/6/13/24178144/microsoft-windows-ai-recall-feature-delay
Its part of their large scale automation strategy, wherein they gobble up as much of the business practices of an organization’s staff as possible and then offer to provide “AI Employees” who replicate the logic of human staffers at a discounted price.
Businesses that buy the enterprise versions of their software can disable those features in policy.
They are far less concerned with your security than their paying customers: businesses.
Like most big tech companies, they’re actually several divisions all competing with each other. Lately, the AI divisions have latched on to the hype and they’re pushing their wares to other divisions, often with enough clout to keep those in security/privacy quiet. Integrating LLM’s is also a great way for a middle manager type to curry favour with the bosses, and to build little empires for themselves.
Microsoft cares so much about security
Are you kidding? I’ve known Microsoft as a shitty software vendor that gives a rats ass about security for over 40 years now. Microsoft never has cared about security, it’s a running gag at this point
Too late, my office just switched to Linux.
…what? What kind of office do you work in that understands linux??? Most offices I’ve worked in don’t even understand the copier.
Software.
Microsoft focused on security at this point is like a builder focusing on building strong foundations now that the house is built on top.
It’s a little too late my dudes.
I remember them saying all the same exact things in the early 2000s after a slew of widespread disasters. Security will never be a higher priority than whatever cool new thing they want to sell.
It would take ripping apart and rewriting hundreds of thousands of lines of source code, if not millions. Not just bloat from one off bright ideas, that led to the next bright ideas, but the deliberate obsfucation to protect proprietary code, in more instances than I can imagine. I’m not a programmer, so I could be wrong, obviously, but from my admittedly limited perspective, they’d be better off writing a whole new OS without all the built-in garbage nobody wants.
I think Windows 11 was supposed to be that clean break. They’ve reimplemented a lot of core functionality compared to XP & 7. If they’re still getting breached then they obviously aren’t serious about security.
That’s … TFW words aren’t enough and too much, at once.
The issues are primarily with Azure, I believe.
Microsoft uses damage control.
fancy animation
It was not effective.
Microsoft is confused.
It hurt itself in it’s confusion.
Look at this smug assholes face. He knows damn well they won’t be doing anything of the sort unless it increases their profit margins. And he also knows damn well the government won’t do anything to seriously hinder their margins.
Bread and circuses. This is just another show. You want change? Stop using Microsoft. Period.
That’s all week and good for the minority of jobs that didn’t cling to it like a codependent partner.
The only way to get them to really make changes is to leave.
