Are they going to drop the constant data collection, or is that data collection also considered ‘secure’?
Microsoft admitted that it could have taken steps to prevent two aggressive nation-state cyberattacks from China and Russia
Microsoft spent years ignoring a vulnerability while he proposed fixes to the “security nightmare.” Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security
Jesus fucking Christ Microsoft.
Edit: OP, the article currently links to page 2, which is a bit odd to read first. Here is page 1.
They also released a borderline useless posix subsystem to get government contracts that only authorized the purchase of posix compliant systems.
Windows subsystem for Linux is pretty much the modern version of that. Before it was partially based on openbsd and called windows subsystem for unix. The original was NT posix subsystem and was hastly hacked together to just barely support the standards required by the US government. If I remember right there was zero user facing utilities it only supported compiling posix compatible code.
It’s quite fascinating history. Also Apple just ported unix system V to Macintosh, heavily modified x server, some Macintosh app compatibility, and called it A/UX. Actually apples version of unix was fully featured and seems nicer than system 7 it ran beside.
autotldr@lemmings.world
on 15 Jun 00:55
nextcollapse
This is the best summary I could come up with:
The company has invited the Cybersecurity and Infrastructure Security Agency to attend a “detailed technical briefing” on SFI and Microsoft’s other engineering objectives to explain “the specific ways we are implementing the CSRB’s recommendations,” Smith said.
Although he acknowledged that Microsoft has “by far the first and greatest responsibility” to heed the CSRB’s report, “no single company can protect a country and other nations from what is emerging as a cyberwar waged by four aggressive governments,” Smith said.
Smith suggested that the committee members could “do more in support of cyber defense” by funding critical cybersecurity programs, strengthening countermeasures, and “imposing appropriate punishment” and heavy fines to deter malicious activity.
The spokesperson further explained that Microsoft historically has prioritized its "security response work by considering potential customer disruption, exploitability, and available mitigations.”
“We continue to listen to the security research community and evolve our approach to ensure we are meeting customer expectations and protecting them from emerging threats,” Microsoft’s spokesperson said.
“We accept responsibility for the past and are applying what we’ve learned to help build a more secure future,” Smith said, vowing that Microsoft would soon “establish stronger multi-layered defenses to counter the most sophisticated and well-resourced nation-state actors.”
The original article contains 541 words, the summary contains 200 words. Saved 63%. I’m a bot and I’m open source!
I guess they say it each time they’re caught not prioritizing security. Then back to management as usual, prioritizing bullshit new features and marketing over security and bug fixes.
After a thorough review, our lame language model told us that if we don’t have all your data, and if we don’t use our AI to analyse it it, then it will be impossible for us to keep you safe from evil haxors , jeffrey epstine, putain, terrorists, china and drag queens.
For your own protection we’re duty bound to enable it by default in the next version.
#savingyourlife
threaded - newest
Are they going to drop the constant data collection, or is that data collection also considered ‘secure’?
Jesus fucking Christ Microsoft.
Edit: OP, the article currently links to page 2, which is a bit odd to read first. Here is page 1.
They also released a borderline useless posix subsystem to get government contracts that only authorized the purchase of posix compliant systems.
Windows subsystem for Linux is pretty much the modern version of that. Before it was partially based on openbsd and called windows subsystem for unix. The original was NT posix subsystem and was hastly hacked together to just barely support the standards required by the US government. If I remember right there was zero user facing utilities it only supported compiling posix compatible code.
It’s quite fascinating history. Also Apple just ported unix system V to Macintosh, heavily modified x server, some Macintosh app compatibility, and called it A/UX. Actually apples version of unix was fully featured and seems nicer than system 7 it ran beside.
This is the best summary I could come up with:
The company has invited the Cybersecurity and Infrastructure Security Agency to attend a “detailed technical briefing” on SFI and Microsoft’s other engineering objectives to explain “the specific ways we are implementing the CSRB’s recommendations,” Smith said.
Although he acknowledged that Microsoft has “by far the first and greatest responsibility” to heed the CSRB’s report, “no single company can protect a country and other nations from what is emerging as a cyberwar waged by four aggressive governments,” Smith said.
Smith suggested that the committee members could “do more in support of cyber defense” by funding critical cybersecurity programs, strengthening countermeasures, and “imposing appropriate punishment” and heavy fines to deter malicious activity.
The spokesperson further explained that Microsoft historically has prioritized its "security response work by considering potential customer disruption, exploitability, and available mitigations.”
“We continue to listen to the security research community and evolve our approach to ensure we are meeting customer expectations and protecting them from emerging threats,” Microsoft’s spokesperson said.
“We accept responsibility for the past and are applying what we’ve learned to help build a more secure future,” Smith said, vowing that Microsoft would soon “establish stronger multi-layered defenses to counter the most sophisticated and well-resourced nation-state actors.”
The original article contains 541 words, the summary contains 200 words. Saved 63%. I’m a bot and I’m open source!
Cluster fuck of an article = cluster fuck of the summary ¯\_(ツ)_/¯
Click on page 1; OP linked to page 2 which is chaotic to read first.
And Congress, like idiots, will believe them. Because they’re paid to.
Congress is the opposite of Progress.
That’s why it starts with Con.
You’re right, but that line is lazy.
Guilty as charged
Fair enough, cheers :)
They should have been doing that already??
Heard this so many times before.
I guess they say it each time they’re caught not prioritizing security. Then back to management as usual, prioritizing bullshit new features and marketing over security and bug fixes.
Always weird to see "Microsoft in damage control mode, when like 98% of Microsoft employees see literally no difference from the day before.
Technically you can “control” damage without necessarily reducing it…
Not technically, it’s the marketing team, mitigating by the age old strategy of “I said I was gonna.”
No it won’t. No one does. No one ever does.
After a thorough review, our lame language model told us that if we don’t have all your data, and if we don’t use our AI to analyse it it, then it will be impossible for us to keep you safe from evil haxors , jeffrey epstine, putain, terrorists, china and drag queens.
For your own protection we’re duty bound to enable it by default in the next version. #savingyourlife
They should just finaly switch to Unix style OS MS-DOS is such dogshit, lol.
The last Windows that had any MS-DOS in it was Windows ME, a quarter of a century ago. Everything since then has run on the NT kernel.
It seems to me, that it is as shit as MS-DOS, in that case 😂