this post was submitted on 15 Jun 2024
151 points (97.5% liked)

Technology

59708 readers
2060 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 21 comments
sorted by: hot top controversial new old
[–] [email protected] 50 points 5 months ago (1 children)

says it will prioritize security

Heard this so many times before.

[–] [email protected] 22 points 5 months ago* (last edited 5 months ago)

I guess they say it each time they're caught not prioritizing security. Then back to management as usual, prioritizing bullshit new features and marketing over security and bug fixes.

[–] [email protected] 43 points 5 months ago* (last edited 5 months ago) (1 children)

Are they going to drop the constant data collection, or is that data collection also considered 'secure'?

Microsoft admitted that it could have taken steps to prevent two aggressive nation-state cyberattacks from China and Russia

Microsoft spent years ignoring a vulnerability while he proposed fixes to the "security nightmare." Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security

Jesus fucking Christ Microsoft.

Edit: OP, the article currently links to page 2, which is a bit odd to read first. Here is page 1.

[–] [email protected] 14 points 5 months ago

They also released a borderline useless posix subsystem to get government contracts that only authorized the purchase of posix compliant systems.

Windows subsystem for Linux is pretty much the modern version of that. Before it was partially based on openbsd and called windows subsystem for unix. The original was NT posix subsystem and was hastly hacked together to just barely support the standards required by the US government. If I remember right there was zero user facing utilities it only supported compiling posix compatible code.

It's quite fascinating history. Also Apple just ported unix system V to Macintosh, heavily modified x server, some Macintosh app compatibility, and called it A/UX. Actually apples version of unix was fully featured and seems nicer than system 7 it ran beside.

[–] [email protected] 34 points 5 months ago

...will prioritize security over AI

They should have been doing that already??

[–] [email protected] 32 points 5 months ago (1 children)

And Congress, like idiots, will believe them. Because they're paid to.

[–] [email protected] 9 points 5 months ago (1 children)

Congress is the opposite of Progress.

That's why it starts with Con.

[–] [email protected] 3 points 5 months ago (1 children)

You're right, but that line is lazy.

[–] [email protected] 2 points 5 months ago (1 children)
[–] [email protected] 2 points 5 months ago

Fair enough, cheers :)

[–] [email protected] 26 points 5 months ago (1 children)

Always weird to see "Microsoft in damage control mode, when like 98% of Microsoft employees see literally no difference from the day before.

[–] [email protected] 4 points 5 months ago (1 children)

Technically you can “control” damage without necessarily reducing it…

[–] [email protected] 4 points 5 months ago

Not technically, it's the marketing team, mitigating by the age old strategy of "I said I was gonna."

[–] [email protected] 13 points 5 months ago

No it won’t. No one does. No one ever does.

[–] [email protected] 5 points 5 months ago (1 children)

This is the best summary I could come up with:


The company has invited the Cybersecurity and Infrastructure Security Agency to attend a "detailed technical briefing" on SFI and Microsoft's other engineering objectives to explain "the specific ways we are implementing the CSRB’s recommendations," Smith said.

Although he acknowledged that Microsoft has "by far the first and greatest responsibility" to heed the CSRB's report, "no single company can protect a country and other nations from what is emerging as a cyberwar waged by four aggressive governments," Smith said.

Smith suggested that the committee members could "do more in support of cyber defense" by funding critical cybersecurity programs, strengthening countermeasures, and "imposing appropriate punishment" and heavy fines to deter malicious activity.

The spokesperson further explained that Microsoft historically has prioritized its "security response work by considering potential customer disruption, exploitability, and available mitigations.”

“We continue to listen to the security research community and evolve our approach to ensure we are meeting customer expectations and protecting them from emerging threats,” Microsoft's spokesperson said.

"We accept responsibility for the past and are applying what we’ve learned to help build a more secure future," Smith said, vowing that Microsoft would soon "establish stronger multi-layered defenses to counter the most sophisticated and well-resourced nation-state actors."


The original article contains 541 words, the summary contains 200 words. Saved 63%. I'm a bot and I'm open source!

[–] kewko 6 points 5 months ago (1 children)

Cluster fuck of an article = cluster fuck of the summary ¯\_(ツ)_/¯

[–] [email protected] 4 points 5 months ago* (last edited 5 months ago)

Click on page 1; OP linked to page 2 which is chaotic to read first.

[–] [email protected] 4 points 5 months ago

After a thorough review, our lame language model told us that if we don't have all your data, and if we don't use our AI to analyse it it, then it will be impossible for us to keep you safe from evil haxors , jeffrey epstine, putain, terrorists, china and drag queens.

For your own protection we're duty bound to enable it by default in the next version. #savingyourlife

[–] [email protected] 2 points 5 months ago (1 children)

They should just finaly switch to Unix style OS MS-DOS is such dogshit, lol.

[–] [email protected] 2 points 5 months ago (1 children)

The last Windows that had any MS-DOS in it was Windows ME, a quarter of a century ago. Everything since then has run on the NT kernel.

[–] [email protected] 1 points 5 months ago* (last edited 5 months ago)

It seems to me, that it is as shit as MS-DOS, in that case 😂