Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

Microsoft in damage-control mode, says it will prioritize security over AI

Microsoft is pivoting its company culture to make security a top priority, President Brad Smith testified to Congress on Thursday, promising that security will be "more important even than the company’s work on artificial intelligence."

Satya Nadella, Microsoft's CEO, "has taken on the responsibility personally to serve as the senior executive with overall accountability for Microsoft’s security," Smith told Congress.

His testimony comes after Microsoft admitted that it could have taken steps to prevent two aggressive nation-state cyberattacks from China and Russia.

According to Microsoft whistleblower Andrew Harris, Microsoft spent years ignoring a vulnerability while he proposed fixes to the "security nightmare." Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security, ProPublica reported.

This apparent negligence led to one of the largest cyberattacks in US history, and officials' sensitive data was compromised due to Microsoft's security failures. The China-linked hackers stole 60,000 US State Department emails, Reuters reported. And several federal agencies were hit, giving attackers access to sensitive government information, including data from the National Nuclear Security Administration and the National Institutes of Health, ProPublica reported. Even Microsoft itself was breached, with a Russian group accessing senior staff emails this year, including their "correspondence with government officials," Reuters reported.

Treczoks ,

Question is: For how long? Security costs money, AI brings profits (in several ways).

At the moment they are making a big production of caring for the user. Which they basically never did, actually. They are only as pro user as they have to to improve their profits. Just wait until the shareholders reign them in because they want the company to extract more money out of the customers victims.

ChaoticEntropy ,
@ChaoticEntropy@feddit.uk avatar

That is basically the biggest fuck up you could make as a government contracted technology provider. They even let it happen and hid it deliberately.

psycho_driver ,

That is basically the biggest fuck up you could make as a government contracted technology provider. They even let it happen and hid it deliberately.

Big paydays incoming for certain senators.

Omgboom ,

Until next week when they change their mind again

NutWrench ,
@NutWrench@lemmy.world avatar

If Microsoft cares so much about security, then WTF are they doing greenlighting a project like CoPilot / Recall?

capital ,

Businesses that buy the enterprise versions of their software can disable those features in policy.

They are far less concerned with your security than their paying customers: businesses.

EnderMB ,

Like most big tech companies, they're actually several divisions all competing with each other. Lately, the AI divisions have latched on to the hype and they're pushing their wares to other divisions, often with enough clout to keep those in security/privacy quiet. Integrating LLM's is also a great way for a middle manager type to curry favour with the bosses, and to build little empires for themselves.

polographer ,

To be fair, MS “delayed” recall yesterday to fix the security issues, everybody else is hoping this is a soft-kill https://www.theverge.com/2024/6/13/24178144/microsoft-windows-ai-recall-feature-delay

UnderpantsWeevil ,
@UnderpantsWeevil@lemmy.world avatar

Its part of their large scale automation strategy, wherein they gobble up as much of the business practices of an organization's staff as possible and then offer to provide "AI Employees" who replicate the logic of human staffers at a discounted price.

demonsword ,
@demonsword@lemmy.world avatar

If Microsoft cares so much about security

they don't, this is all lip service

phoenixz ,

Microsoft cares so much about security

Are you kidding? I've known Microsoft as a shitty software vendor that gives a rats ass about security for over 40 years now. Microsoft never has cared about security, it's a running gag at this point

nutsack ,

three trillion dollars and they basically can't do it

Bluefalcon ,

We prioritize security until our stock price drops a single point.

phoenixz ,

According to Microsoft whistleblower Andrew Harris, Microsoft spent years ignoring a vulnerability while he proposed fixes to the "security nightmare." Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem, choosing profits over security, ProPublica reported.

And this is exactly the problem. You STILL cannot trust them, fool me once, fool me twice?

This entire "weeewweeee sowwwyyy" bullshit excuse completely ignored the fact that they purposefully allowed the US government to be attacked because money is their bottom line. If it were a person (and aren't companies persons now in the US?) they would have been jailed for treason. Jail these assholes already and switch ALL your computers to Linux

barsquid ,

There needs to be a fine far larger than the contract to have any hope of curtailing this behavior.

The people making the decisions should be in jail. I don't know if this is fraud in the legal sense but this is literally fraudulent behavior.

Asafum ,

fucking seriously! Reading this absolutely disgusted me.

werefreeatlast ,

So we start...click on the paint brush icon...that tiny colourful thing right under the big ass "W" Icon. Now hit agree on the window asking if you're secure. Wait a few moments and agree you your 2FA app on your phone. You might have to ask your wife to agree if you are married and bought the license for your spouse only. Cheapskate! Now stay here for a few minutes, we've called the 🚓🚨 police.

phoenixz ,

Seriously, why are governments using Microsoft software?

Don't give me the nonsense line of "they need support". There is support for Linux too, and Linux, sorry, works, is reliable and most importantly: a hell of a lot safer than windows. This is example where Microsoft not only fails to keep windows even remotely safe, but actively sabotaged their customers (in this case the US government) for their own profit.

And again, "wwheeeyyyrreee sooowwyyyy, pleeeaaasseeee forgif us?" Look! Look! Even our CEO will now be interested in secuwity!

Seriously I'm so tired of having to read this over and over and he government will just contoi to pump millions over millions into that piece of crap company.

Switch to Linux already and have computers that you can trust have no known issues that are not being resolved to cover for a few rich assholes!

MojoMcJojo ,

A much much larger proportion of users are computer illiterate, especially federal employees. On top of that, the vast majority of basic software applications used are the Microsoft suite of Outlook, Word, Excel, PowerPoint, etc. How do you

  1. Retrain an aging workforce to use a new OS.
  2. Retrain to use new software suite for email, docs, etc.
  3. Or rebuild existing software to run on Linux
  4. ...there's more but I'm short on time...

The ENTIRE US govt runs on Microsoft. That's a very big pie to rebake. Where do you even begin. I do agree with you, it just feels unsurmountable.

UnderpantsWeevil ,
@UnderpantsWeevil@lemmy.world avatar

Political leadership isn't technically knowledgeable. It is focused on building large social networks of agreeable people. And Linux is an application by and for techies, not CEOs or social clubs. Consequently, when you've got six old white Harvard Alums in a room discussing how to run the country, one of them is going to be a Microsoft C-level and none of them are going to mention an alternative OS (except maybe Apple, in so far as they want their phone to magically integrate with a hostile OS rival).

Switch to Linux already and have computers that you can trust

A lot of these Microsoft features are about internal surveillance of staff and accumulating behavior patterns for future automation of service. This is not intended to be about building trust in the OS from the perspective of system security. Its more about finding patterns in human behavior that can be leveraged to reduce the size and pay-scale of your work force.

To that end, Microsoft is a highly valued partner while the Linux developers are an outright threat.

kandoh ,

When I worked with defense contractors in Canada, Microsoft would sue the government whenever it didn't get awarded a contract it applied for.

jj4211 , (edited )

A lot of the 'big establishment' companies will imediately sue when they lose a contract.

A few years back, the JEDI acquisition triggered Oracle and IBM:

I imagine it must suck to be involved in a big government procurement, because you are pretty much guaranteed to have to get pulled into legal proceedings by one or more of the losers.

phoenixz ,

Again, just install Linux.

Dump your windows, install Linux, be done with this nonsense.

UnderpantsWeevil ,
@UnderpantsWeevil@lemmy.world avatar

Sadly, I cannot do this for my work computer.

explodicle ,

You switching is like turning around a rowboat.

Them switching is like turning around a cruise ship.

MehBlah ,

You mean they have been letting it slip?

https://lemmy.world/pictrs/image/1b7e610c-afba-48b0-8ba2-c7625a7cd447.gif

Jayjader ,

Microsoft is pivoting its company culture

Oh yes, the thing they're well known for succeeding at.

wagoner ,

They excel at pivots

MarshReaper ,
@MarshReaper@lemmy.world avatar

In today's news, Microsoft commits treason against the United States Government.

!remindme 6 months

I wonder what the outcome will be.

ultratiem ,
@ultratiem@lemmy.ca avatar

According to Microsoft whistleblower Andrew Harris, Microsoft spent years ignoring a vulnerability while he proposed fixes to the "security nightmare." Instead, Microsoft feared it might lose its government contract by warning about the bug and allegedly downplayed the problem

This says everything about this shitty company. Worst of the worst. Because that’s how they make 90% of their cash. By exploiting licensing deals and siphoning data to sell to whomever because they do not care who it is so long as they bid the highest.

It’s amazing no one has tried to break up their control over PCs. Make this world make sense.

homesweethomeMrL ,

I've spent the better part of my life watching microsoft fuck people over and then when they finally - finally get called out on it they do a bunch of bashful aw-shucksing before doing it again and again and again.

No.

Microsoft is dead. Kill it with fire. The US government should have known better, but they didn't because like every other organization they have a boatload of clueless mid-level managers who only every learned Windows and fall for microsoft's garbage every time, despite the eye-popping price.

NO MICROSOFT. EVER. They're a criminal organizaiton, the amount of destruction they've created will never be known.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • technology@lemmy.world
  • random
  • incremental_games
  • meta
  • All magazines
    •