Every new exploit, they clearly have a meeting and convince themselves “that’s gotta be the last of it, right?”
So the next day-after-patch-tuesday rolls around and lo and behold, this guy drops some more nukes on their reputation as far as their most important customer demographic are concerned (corporate IT)
Given this genuinely does seem to stem from Microsoft mishandling this guy, why the fuck do they keep escalating
Very little seems to be beyond the incredulity of MS meetings, remember they had a meeting where someone suggested the OS take a screenshot every ten seconds of whatever the user was doing and upload it to MS servers and rather than everyone laughing they agreed to move it into development.
Puts a lot of evidence towards his claims that Microsoft was behaving badly from the outset and the reason why he started doing this. They keep escalating. Its a war they started.
you know, since this little saga began I’ve had this tiny voice in my head hoping this one vindictive dude is, eventually, directly responsible for Microsoft going out of business/doing severe restructuring or downsizing as a consequence of businesses losing faith in the company’s products. Lots of people already raise an eyebrow at Windows 11’s issues, things like “all our shit is fundamentally insecure because microslop left a backdoor in [insert critical thing here], and has been for [weeks/months/years/???]” tend to have an adverse effect on sales, especially to risk-averse business customers. It’s not impossible to imagine that continued “holy fuck what 0day exploit just dropped?” incidents, on the level of YellowKey, happening every month, could result in businesses deciding to drop their enterprise licensing of MS products; and that’s going to hurt. That’s where a big chunk, if not the biggest chunk iirc, of their revenue comes from. It’s unlikely, it’s a longshot, but I’m allowed to have hope.
I’m especially now wondering, if YellowKey was the teaser – you know, just casually revealing a backdoor in BitLocker, like nbd – what the actual fuck are they going to drop in July? If that’s the appetizer, how juicy’s the entree gonna be?
I think as long as nothing actually happens, other companies wont care. No one is capable of thinking about the future anymore, there is only next quartal and short term profits.
It might actually be needed for something big to go down first, like those 0day exploits actually get exploited and some client company or few loses a lot of money because of it. Considering how unsecure windows is, i’m a bit perplexed how nothing hasn’t happened already.
Some of the other 0days this guy released are already being actively exploited in the wild, but no reports of big losses as a result of them yet. Having said that, the entire point of BitLocker was that it was full disk encryption that you didn’t have to think too much about; and now I bet every corporate IT department out there is looking at it with suspicion. If this guy can keep delivering on “things that keep sysadmins awake at night”, like “oh god every hard drive we’ve had stolen in the last few years can be fully decrypted now”, eventually a lot of them will decide it is less harrowing and less work to move their entire stack away from Microsoft than it is to live with them.
They’d better not be overselling this bomb they’re gonna drop in July. I’m already moved over to Linux fully now, to quote photonicinduction: I wantflames. I don’t just want to see it all over the tech news, I’m hoping he screws with them hard enough the story makes it to actual TV news channels.
Man, Microsoft just keeps footgunning this one.
Every new exploit, they clearly have a meeting and convince themselves “that’s gotta be the last of it, right?”
So the next day-after-patch-tuesday rolls around and lo and behold, this guy drops some more nukes on their reputation as far as their most important customer demographic are concerned (corporate IT)
Given this genuinely does seem to stem from Microsoft mishandling this guy, why the fuck do they keep escalating
Very little seems to be beyond the incredulity of MS meetings, remember they had a meeting where someone suggested the OS take a screenshot every ten seconds of whatever the user was doing and upload it to MS servers and rather than everyone laughing they agreed to move it into development.
You misspelled “firing the authoritarian nutjob for cause,” which would’ve been the bare minimum of reasonable reactions.
if that’s bare minimum, what is the upper limit for reasonable reactions? Hang him?
Puts a lot of evidence towards his claims that Microsoft was behaving badly from the outset and the reason why he started doing this. They keep escalating. Its a war they started.
you know, since this little saga began I’ve had this tiny voice in my head hoping this one vindictive dude is, eventually, directly responsible for Microsoft going out of business/doing severe restructuring or downsizing as a consequence of businesses losing faith in the company’s products. Lots of people already raise an eyebrow at Windows 11’s issues, things like “all our shit is fundamentally insecure because microslop left a backdoor in [insert critical thing here], and has been for [weeks/months/years/???]” tend to have an adverse effect on sales, especially to risk-averse business customers. It’s not impossible to imagine that continued “holy fuck what 0day exploit just dropped?” incidents, on the level of YellowKey, happening every month, could result in businesses deciding to drop their enterprise licensing of MS products; and that’s going to hurt. That’s where a big chunk, if not the biggest chunk iirc, of their revenue comes from. It’s unlikely, it’s a longshot, but I’m allowed to have hope.
I’m especially now wondering, if YellowKey was the teaser – you know, just casually revealing a backdoor in BitLocker, like nbd – what the actual fuck are they going to drop in July? If that’s the appetizer, how juicy’s the entree gonna be?
I think as long as nothing actually happens, other companies wont care. No one is capable of thinking about the future anymore, there is only next quartal and short term profits.
It might actually be needed for something big to go down first, like those 0day exploits actually get exploited and some client company or few loses a lot of money because of it. Considering how unsecure windows is, i’m a bit perplexed how nothing hasn’t happened already.
Some of the other 0days this guy released are already being actively exploited in the wild, but no reports of big losses as a result of them yet. Having said that, the entire point of BitLocker was that it was full disk encryption that you didn’t have to think too much about; and now I bet every corporate IT department out there is looking at it with suspicion. If this guy can keep delivering on “things that keep sysadmins awake at night”, like “oh god every hard drive we’ve had stolen in the last few years can be fully decrypted now”, eventually a lot of them will decide it is less harrowing and less work to move their entire stack away from Microsoft than it is to live with them.
They’d better not be overselling this bomb they’re gonna drop in July. I’m already moved over to Linux fully now, to quote photonicinduction: I want flames. I don’t just want to see it all over the tech news, I’m hoping he screws with them hard enough the story makes it to actual TV news channels.
“Footgunning”?
A colloquial term equivalent to “shooting oneself in the foot”
https://en.wiktionary.org/wiki/footgun
https://en.wiktionary.org/wiki/shoot_oneself_in_the_foot
AI loves to use the word. I never heard it regularly until AI started helping popularize it.
Then you did not speak with programmers regularly, I learned this term probably back in 2008ish
FWIW I’ve proudly been using it for years
Prove you haven’t been an Ai for years
You’re very right! There’s a lot of reasons to believe I might be an AI, such as:
The verdict? I may in fact be an AI
Shit