Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
Im going to laugh if this is what gets the feds to finally break up Microsoft into smaller separate companies.
Also remember when the feds used Unix on IBM machines? Maybe they should consider going back to Unix instead of commodity software that’s designed for small businesses.
To be fair, they’ve handled security excellently on their Xbox consoles. 360 still hasn’t had a software exploit after the King Kong exploit was patched (and even then, it needed a DVD drive that could play burned discs), and it was only recently that an Xbox One and Series kernel exploit was found, and that’s limited to the SystemOS VM.
Basically, shove everything in virtual machines and it’ll probably be fine. QubesOS does a very similar thing on the desktop side. If no running programs can access the host OS, then it’s very unlikely that code execution on the host OS can occur, save for the very rare hypervisor escape exploits.
On Windows, macOS, and most Linux distros, everything runs on the host OS.
Im going to laugh if this is what gets the feds to finally break up Microsoft into smaller separate companies.
Also remember when the feds used Unix on IBM machines? Maybe they should consider going back to Unix instead of commodity software that’s designed for small businesses.
If only the feds had some inkling, based on decades of history, that Microsoft might not manage security well…
/s
All sarcasm aside, I wonder if there will be consequences for the dismissed warnings. I’m hoping so, because this is thoroughly inexcusable.
I appreciate the former employee for speaking out.
To be fair, they’ve handled security excellently on their Xbox consoles. 360 still hasn’t had a software exploit after the King Kong exploit was patched (and even then, it needed a DVD drive that could play burned discs), and it was only recently that an Xbox One and Series kernel exploit was found, and that’s limited to the SystemOS VM.
Basically, shove everything in virtual machines and it’ll probably be fine. QubesOS does a very similar thing on the desktop side. If no running programs can access the host OS, then it’s very unlikely that code execution on the host OS can occur, save for the very rare hypervisor escape exploits.
On Windows, macOS, and most Linux distros, everything runs on the host OS.
Use Unix instead of the privacy-invading billboard masquerading as useful software.