Microsoft CEO Satya Nadella is now personally responsible for security flaws.
    • floofloofOPEnglish
      22·
      8 days ago

      I guess they say it each time they’re caught not prioritizing security. Then back to management as usual, prioritizing bullshit new features and marketing over security and bug fixes.

  • BombOmOm@lemmy.worldEnglish
    43·
    10 days ago

    Are they going to drop the constant data collection, or is that data collection also considered ‘secure’?

    Microsoft admitted that it could have taken steps to prevent two aggressive nation-state cyberattacks from China and Russia

    Microsoft spent years ignoring a vulnerability while he proposed fixes to the “security nightmare.” Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security

    Jesus fucking Christ Microsoft.

    Edit: OP, the article currently links to page 2, which is a bit odd to read first. Here is page 1.

    • nexussapphire@lemm.eeEnglish
      14·
      10 days ago

      They also released a borderline useless posix subsystem to get government contracts that only authorized the purchase of posix compliant systems.

      Windows subsystem for Linux is pretty much the modern version of that. Before it was partially based on openbsd and called windows subsystem for unix. The original was NT posix subsystem and was hastly hacked together to just barely support the standards required by the US government. If I remember right there was zero user facing utilities it only supported compiling posix compatible code.

      It’s quite fascinating history. Also Apple just ported unix system V to Macintosh, heavily modified x server, some Macintosh app compatibility, and called it A/UX. Actually apples version of unix was fully featured and seems nicer than system 7 it ran beside.

  • masterspaceEnglish
    26·
    10 days ago

    Always weird to see "Microsoft in damage control mode, when like 98% of Microsoft employees see literally no difference from the day before.

      • chingadera@lemmy.worldEnglish
        4·
        9 days ago

        Not technically, it’s the marketing team, mitigating by the age old strategy of “I said I was gonna.”

  • AutoTL;DR@lemmings.worldBEnglish
    5·
    10 days ago

    This is the best summary I could come up with:

    The company has invited the Cybersecurity and Infrastructure Security Agency to attend a “detailed technical briefing” on SFI and Microsoft’s other engineering objectives to explain “the specific ways we are implementing the CSRB’s recommendations,” Smith said.

    Although he acknowledged that Microsoft has “by far the first and greatest responsibility” to heed the CSRB’s report, “no single company can protect a country and other nations from what is emerging as a cyberwar waged by four aggressive governments,” Smith said.

    Smith suggested that the committee members could “do more in support of cyber defense” by funding critical cybersecurity programs, strengthening countermeasures, and “imposing appropriate punishment” and heavy fines to deter malicious activity.

    The spokesperson further explained that Microsoft historically has prioritized its "security response work by considering potential customer disruption, exploitability, and available mitigations.”

    “We continue to listen to the security research community and evolve our approach to ensure we are meeting customer expectations and protecting them from emerging threats,” Microsoft’s spokesperson said.

    “We accept responsibility for the past and are applying what we’ve learned to help build a more secure future,” Smith said, vowing that Microsoft would soon “establish stronger multi-layered defenses to counter the most sophisticated and well-resourced nation-state actors.”

    The original article contains 541 words, the summary contains 200 words. Saved 63%. I’m a bot and I’m open source!

  • oo1@lemmings.worldEnglish
    51·
    9 days ago

    After a thorough review, our lame language model told us that if we don’t have all your data, and if we don’t use our AI to analyse it it, then it will be impossible for us to keep you safe from evil haxors , jeffrey epstine, putain, terrorists, china and drag queens.

    For your own protection we’re duty bound to enable it by default in the next version. #savingyourlife

  • Petter1@lemm.eeEnglish
    2·
    9 days ago

    They should just finaly switch to Unix style OS MS-DOS is such dogshit, lol.

    • floofloofOPEnglish
      2·
      8 days ago

      The last Windows that had any MS-DOS in it was Windows ME, a quarter of a century ago. Everything since then has run on the NT kernel.

      • Petter1@lemm.eeEnglish
        1·
        8 days ago

        It seems to me, that it is as shit as MS-DOS, in that case 😂