As the old saying goes, "When someone tells you who they are and you get fooled again, shame on you." That goes double for Microsoft, especially when it comes to security promises.
--
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
https://pluralistic.net/2024/06/14/patch-tuesday/#fool-me-twice-we-dont-get-fooled-again
1/
--
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
https://pluralistic.net/2024/06/14/patch-tuesday/#fool-me-twice-we-dont-get-fooled-again
1/
2 użytkowników udostępniło to dalej
Cory Doctorow
•Ostrzeżenie o treści: Long thread/2
That starts from the very earliest days, when the company was still called "Micro-Soft." Young Bill Gates was given a sweetheart deal to supply the operating system for IBM's PC, thanks to his mother's connection.
2/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/3
Microsoft then proceeded to make a fortune by monopolizing the OS market through illegal, collusive arrangements with the PC clone industry - an industry that only existed because they could source third-party PC ROMs from Phoenix:
https://www.eff.org/deeplinks/2019/08/ibm-pc-compatible-how-adversarial-interoperability-saved-pcs-monopolization
3/
'IBM PC Compatible': How Adversarial Interoperability Saved PCs From Monopolization
Electronic Frontier FoundationCory Doctorow
•Ostrzeżenie o treści: Long thread/4
4/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/5
5/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/6
The post-antitrust, gunshy IBM kept delivering dividends for Microsoft. When IBM turned a blind eye to the cloned PC-ROM and allowed companies like Compaq, Dell and Gateway to compete directly with Big Blue, this produced a whole cohort of customers for Microsoft.
6/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/7
7/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/8
Microsoft learned the opposite: monopolies are wildly profitable; expansive IP protects monopolies; you can violate antitrust laws so long as you have enough monopoly profits rolling in to outspend the government until a Republican bootlicker takes the White House.
8/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/9
Microsoft embodies the idea that you either die a rebel hero or live long enough to become the evil emperor you dethroned.
From the first, Microsoft has pursued three goals:
1. Get too big to fail;
2. Get too big to jail;
3. Get too big to care.
9/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/10
10/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/11
11/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/12
12/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/13
https://web.archive.org/web/20060325224147/http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=33338
13/
Macro Viruses
web.archive.orgCory Doctorow
•Ostrzeżenie o treści: Long thread/14
https://en.wikipedia.org/wiki/EternalBlue
Microsoft blamed everyone *except* themselves for these defects, claiming that their poor code quality was no worse than others, insisting that the bulging arsenal of Windows-specific malware was the result of being the juiciest target and thus the subject of the most malicious attention.
14/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/15
15/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/16
16/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/17
17/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/18
https://pluralistic.net/2024/02/21/im-feeling-unlucky/#not-up-to-the-task
Microsoft reneged on this bargain from day one, and they never stopped.
18/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/19
https://pluralistic.net/2020/11/25/the-peoples-amazon/#clippys-revenge
19/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/20
20/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/21
21/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/22
https://arstechnica.com/gadgets/2024/06/microsoft-delays-data-scraping-recall-feature-again-commits-to-public-beta-test/
For years, Microsoft waged a war on the single most important security practice in software development: transparency. This is the company that branded the GPL Free Software license a "virus" and called open source "a cancer."
22/
Microsoft delays Recall again, won’t debut it with new Copilot+ PCs after all
Ars TechnicaCory Doctorow
•Ostrzeżenie o treści: Long thread/23
This is "security through obscurity" and it's an idea that was discredited nearly 500 years ago with the advent of the scientific method.
23/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/24
Or, as Bruce Schneier puts it: "Anyone can design a security system that you yourself can't think of a way of breaking. That doesn't mean it works, it just means that it works against people stupider than you."
24/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/25
25/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/26
https://www.securityweek.com/supply-chain-attack-major-linux-distributions-impacted-by-xz-utils-backdoor/
But there's no good argument that this code would have been *more* secure if it had been *harder* for the good guys to spot its bugs.
26/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/27
The architects of that campaign are genuinely awful people, and yet they're revered as heroes by Microsoft's current leadership. There's Steve "Linux Is Cancer" Ballmer, star of *Propublica*'s IRS Files, where he is shown to be the king of "tax loss harvesting":
https://pluralistic.net/2023/04/24/tax-loss-harvesting/#mego
27/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/28
https://pluralistic.net/2021/07/08/tuyul-apps/#economic-substance-doctrine
Microsoft may give lip service to open source these days (mostly through buying, stripmining and enclosing Github) but Ballmer's legacy lives on within the company, through its wildly illegal tax-evasion tactics:
https://pluralistic.net/2023/10/13/pour-encoragez-les-autres/#micros-tilde-one
28/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/29
29/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/30
https://pluralistic.net/2021/04/13/public-interest-pharma/#gates-foundation
30/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/31
https://www.ineteconomics.org/perspectives/blog/millionaire-driven-education-reform-has-failed-heres-what-works
31/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/32
https://www.nytimes.com/2022/01/13/technology/microsoft-sexual-harassment-policy-review.html
The management culture of Microsoft started rotten and never improved. It's a company with corruption and monopoly in its blood, a firm that would always rather build market power to insulate itself from the consequences of making defective products than actually make good products.
32/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/33
https://pluralistic.net/2022/09/28/other-peoples-computers/#clouded-over
To gaming:
https://pluralistic.net/2023/04/27/convicted-monopolist/#microsquish
No one should ever trust Microsoft to do anything that benefits anyone except Microsoft. One of the low points in the otherwise wonderful surge of tech worker labor organizing was when the Communications Workers of America endorsed Microsoft's acquisition of Activision because Microsoft promised not to union-bust Activision employees.
33/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/34
https://80.lv/articles/qa-workers-contracted-by-microsoft-say-they-were-fired-for-trying-to-unionize/
Repeatedly:
https://www.reuters.com/technology/activision-fired-staff-using-strong-language-about-remote-work-policy-union-2023-03-01/
Why wouldn't they lie? They've never faced any consequences for lying in the past. Remember: the secret to Microsoft's billions is *impunity*.
Which brings me to Solarwinds. Solarwinds is an enterprise management tool that allows IT managers to see, patch and control the computers they oversee.
34/
QA Workers Contracted by Microsoft Say They Were Fired for Trying to Unionize
Gloria Levine (80lv)Cory Doctorow
•Ostrzeżenie o treści: Long thread/35
When the Solarwinds story broke, Microsoft strenuously denied that the Solarwinds hack relied on exploiting defects in Microsoft software. They said this to everyone: the press, the Pentagon, and Congress.
35/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/36
https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers
36/
Microsoft Refused to Fix Flaw Years Before SolarWinds Hack
ProPublicaCory Doctorow
•Ostrzeżenie o treści: Long thread/37
Yesterday, Microsoft president Brad Smith testified about this to Congress, and promised that the company would henceforth prioritize security over gimmicks like AI:
https://arstechnica.com/tech-policy/2024/06/microsoft-in-damage-control-mode-says-it-will-prioritize-security-over-ai/
37/
Microsoft in damage-control mode, says it will prioritize security over AI
Ars TechnicaCory Doctorow
•Ostrzeżenie o treści: Long thread/38
https://www.axios.com/2024/05/17/pentagon-weighs-microsoft-licensing-upgrades
38/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/39
39/
Cory Doctorow
•Ostrzeżenie o treści: Long thread/eof
https://laist.com/events/go-fact-yourself-live-with-aida-rodriguez
On June 21, I'm doing an online reading for the @Locusmag Awards at 16hPT.
On June 22, I'll be in Oakland, CA for a panel and a keynote at the Locus Awards:
https://locusmag.com/2024-locus-awards-weekend/
eof/
Go Fact Yourself LIVE with Cory Doctorow and Aida Rodriguez
LAistPyperkub
•Ostrzeżenie o treści: Long thread/35
D. G. Fitch
•sadly I don't think the same Pentagon that is blithely funding anti-vax psyops and "losing" billions of dollars is going to see through Microsoft's pinky swears that they care about security
Cory Doctorow
•House Panther
•Cory Doctorowudostępnił to.
gz
•Cory Doctorowudostępnił to.
ferricoxide
•Merc
•Here's a link that explains how Microsoft is using VSCode to fracture the dev communities and squeeze out competing developer tools.
https://ghuntley.com/fracture/
Visual Studio Code is designed to fracture
Geoffrey HuntleyCory Doctorowudostępnił to.
mafe en españa
•