The aftermath to the recent Microsoft Azure hack by suspected PRC actors.

What is the solution to this? Make sure cloud services are open source so they can be independently vetted? If government and corporate entities chose to use open source solutions, most are presented “as is” with no warranty.

  • RileyIsBad (she/her)@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Funny how on the consumer side, they keep pushing TPMs and other intrusive technologies under the guise of security, and they can’t even keep their shit together on the business end long enough for people to actually believe them.

    Edit: Typo

    • GreyBeard@lemmy.one
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      I gotta stand up for my boy TPM. I manage a lot of Windows systems, and TPM does a lot of heavy lifting. I’m an open source advocate, but I recognize that without TPM, most users wouldn’t bother with encrypting their device.

      And since Microsoft has strongly integrated it in their stack, it significantly reduces the need for regular signins and user focused security. Of course, this does require you to invest in their stack. There’s little to no support for machine level authentication for Linux. But in business, it really does make a practical and useful difference in security.

      • Freeman@lemmy.pub
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Oh yeah. Of course old tpm (1.2) that was the only key to the Castle isn’t great in the hand of someone with some know how and alligator clips since it communicated in clear text at the bus level so key extraction was possible. But for most folks security model, who cares. If it was a risk the business handled it with a pass phrase and tpm.

        Apple does security prettt well and integrated too. Especially for most that don’t care.

    • V ‎ ‎ @beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      It really is ridiculous at this point. Just a few weeks back they renamed one of their products on the backend (for no good reason) and broke a ton of stuff with no recourse besides “fix it yourself”. Pile on the endless updates and constant vulnerabilities and I don’t see how anyone can willingly choose to build new projects on it. They can’t even ship a usable replacement to win32!

      On second thought though, pretty much every recent super-scalable cloud enterprise project of note is not Windows-centric anymore. Docker? Redis? Grafana? Kubes? The list goes on.

  • ookees@beehaw.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Why businesses continue to trust Microsoft I’ll never quite understand. The number of breaches Microsoft has had overall the last 5 years is amazing. Compare that to what I believe is the ZERO breaches Google has had in the same time frame. Not that Google is to be trusted, but if anything of magnitude would have happened there it would have certainly leaked by now.

    Cloud at this point is very hard to ignore. Internal IT team sizes shrinking, it’s becoming harder running all of those business needs internally. Businesses will learn the hard way when they continue to put their trust in the cloud, especially Microsoft’s. Some facets of IT are just too much work to bother with keep hosting internally. Exchange is a steaming pile of garbage. I managed it for years, so I can see why people cloud their email. Which I’m all for, because email is just a bitch to run in general. But use Gmail or something else. It’s a night and day difference. I’m dreading the day my company decides that Microsoft is the better deal just because Office needs updating. Instead of keeping the status quo, spend the money training employees on alternatives and run as far as you can from Microsoft’s hold.

    Microsoft makes a lot of good products but keeping them secure is an after thought.

  • kglitch@kglitch.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Recently I was doing some Azure integration work, with OAuth, Teams and Outlook. At one point I noticed that logging in with a MS account causes my browser to do ~10 redirects between different services while downloading over 30 MB of Javascript and thought “Huh, this looks like decades of technical debt. Either MS devs are waaay smarter than me or this is a pile of garbage”. I guess both could be true.