Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

Microsoft in damage-control mode, says it will prioritize security over AI

Microsoft is pivoting its company culture to make security a top priority, President Brad Smith testified to Congress on Thursday, promising that security will be "more important even than the company’s work on artificial intelligence."

Satya Nadella, Microsoft's CEO, "has taken on the responsibility personally to serve as the senior executive with overall accountability for Microsoft’s security," Smith told Congress.

His testimony comes after Microsoft admitted that it could have taken steps to prevent two aggressive nation-state cyberattacks from China and Russia.

According to Microsoft whistleblower Andrew Harris, Microsoft spent years ignoring a vulnerability while he proposed fixes to the "security nightmare." Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security, ProPublica reported.

This apparent negligence led to one of the largest cyberattacks in US history, and officials' sensitive data was compromised due to Microsoft's security failures. The China-linked hackers stole 60,000 US State Department emails, Reuters reported. And several federal agencies were hit, giving attackers access to sensitive government information, including data from the National Nuclear Security Administration and the National Institutes of Health, ProPublica reported. Even Microsoft itself was breached, with a Russian group accessing senior staff emails this year, including their "correspondence with government officials," Reuters reported.

phoenixz ,

According to Microsoft whistleblower Andrew Harris, Microsoft spent years ignoring a vulnerability while he proposed fixes to the "security nightmare." Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security, ProPublica reported.

And this is exactly the problem. You STILL cannot trust them, fool me once, fool me twice?

This entire "weeewweeee sowwwyyy" bullshit excuse completely ignored the fact that they purposefully allowed the US government to be attacked because money is their bottom line. If it were a person (and aren't companies persons now in the US?) they would have been jailed for treason. Jail these assholes already and switch ALL your computers to Linux

barsquid ,

There needs to be a fine far larger than the contract to have any hope of curtailing this behavior.

The people making the decisions should be in jail. I don't know if this is fraud in the legal sense but this is literally fraudulent behavior.

Asafum ,

fucking seriously! Reading this absolutely disgusted me.

phoenixz ,

Again, just install Linux.

Dump your windows, install Linux, be done with this nonsense.

UnderpantsWeevil ,
@UnderpantsWeevil@lemmy.world avatar

Sadly, I cannot do this for my work computer.

explodicle ,

You switching is like turning around a rowboat.

Them switching is like turning around a cruise ship.

MehBlah ,

You mean they have been letting it slip?

https://lemmy.world/pictrs/image/1b7e610c-afba-48b0-8ba2-c7625a7cd447.gif

werefreeatlast ,

So we start...click on the paint brush icon...that tiny colourful thing right under the big ass "W" Icon. Now hit agree on the window asking if you're secure. Wait a few moments and agree you your 2FA app on your phone. You might have to ask your wife to agree if you are married and bought the license for your spouse only. Cheapskate! Now stay here for a few minutes, we've called the 🚓🚨 police.

Burn_The_Right ,

Why in the absolute fuuuuuck would a "secure" computer with sensitive data be running motherfucking Windows?! Linux is easy enough for pretty much any Windows user in an office environment to handle these days. There's just no excuse for sensitive business to ever be done on Windows at this point.

GoodEye8 , (edited )

The company I work at "supports" Linux in the sense that you're allowed to use Linux but then you're essentially on your own when it comes to solving problems. I asked why there's no proper Linux support and the short answer was "it's too much trouble". The long answer was "don't ask. I don't want to get into it".

So my guess is that setting up company wide policies and support for Linux is significantly more work than it is for Windows or Mac.

Bluefalcon ,

We prioritize security until our stock price drops a single point.

nutsack ,

three trillion dollars and they basically can't do it

kippinitreal ,

Microsoft focused on security at this point is like a builder focusing on building strong foundations now that the house is built on top.

It's a little too late my dudes.

Maeve ,

It would take ripping apart and rewriting hundreds of thousands of lines of source code, if not millions. Not just bloat from one off bright ideas, that led to the next bright ideas, but the deliberate obsfucation to protect proprietary code, in more instances than I can imagine. I'm not a programmer, so I could be wrong, obviously, but from my admittedly limited perspective, they'd be better off writing a whole new OS without all the built-in garbage nobody wants.

kippinitreal ,

I think Windows 11 was supposed to be that clean break. They've reimplemented a lot of core functionality compared to XP & 7. If they're still getting breached then they obviously aren't serious about security.

Maeve ,

That's ... TFW words aren't enough and too much, at once.

expr ,

The issues are primarily with Azure, I believe.

Tinidril ,

I remember them saying all the same exact things in the early 2000s after a slew of widespread disasters. Security will never be a higher priority than whatever cool new thing they want to sell.

Omgboom ,

Until next week when they change their mind again

Treczoks ,

Question is: For how long? Security costs money, AI brings profits (in several ways).

At the moment they are making a big production of caring for the user. Which they basically never did, actually. They are only as pro user as they have to to improve their profits. Just wait until the shareholders reign them in because they want the company to extract more money out of the customers victims.

SomeGuy69 ,

Microsoft uses damage control.

fancy animation

It was not effective.

OpenPassageways ,

Microsoft is confused.

It hurt itself in it's confusion.

299792458ms ,
@299792458ms@lemmy.zip avatar

This is like that psychopath GF that lies and pushes you around to test your limits with the evil plan to manipulate you. Every once in a while you can complain about her behavior and then she will bombard you with fake love and forgiveness to push later in the future again.

ichbinjasokreativ ,

So they lied und tried to cover it up, which led to the largest cyber attack ever. There's going to be serious punishment, right? Right?

Burn_The_Right ,

(⁀ᗢ⁀) hahahaha

Oh, shit haha! I thought you were serious for a second. Can you imagine if we ever held a corporation accountable for the damage they've caused? I mean it obviously can't happen, but wow! You had me for a second!

tootoughtoremember ,

Too late. Linux is going from my hobby project to my primary OS by the time they stop providing Windows 10 updates, if not sooner.

tomten ,

Thats what I did when win 7 support was ending, been very happy and there's no way I'm going back to Windows.

Vincente , (edited )

I hope MS can fulfill its promise and not abandon it like they did with Surface RT, Windows Mobile, Windows Phone 7, Lumia, Kinect, Xbox, MSN Messenger, Cortana, Tango Studio, “Windows 10 is MS’s last OS”, etc.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • technology@lemmy.world
  • incremental_games
  • random
  • meta
  • All magazines
    •