Hacker News new | ask | show | jobs
by giantg2 1021 days ago
I'm not saying bad code doesn't exist there. My thought is that the percent of bad code increases with volume (or at least higher number of producers). Tens of millions of people committing to Github should mean its more cluttered with garbage than in MS. I at least assume MS has some automated code standard or security scans. That's at least more than nothing.
1 comments
dh2022 1021 days ago
" I at least assume MS has some automated code standard or security scans." -- that is a .... big assumption.
link
giantg2 1021 days ago
No, it really isn't when we're dealing with an organization that is audited for SOC 1/2, DoD, and likely others.
link
clankyclanker 1021 days ago
Are you sure?

https://arstechnica.com/security/2023/09/hack-of-a-microsoft...

The Azure-State-Department breach had nearly a half dozen contributing bugs...

link
giantg2 1021 days ago
And how does that compare to all the bugs on Github?
link
dh2022 1021 days ago
My friend - Chinese secret services read Secretary of Commerce's emails because of Microsoft's security leaks: https://abcnews.go.com/Politics/commerce-secretary-gina-raim...

So yeah, assuming Microsoft systems are up to standard or have security reviews or whatever is a .... big assumption.

link
tmpX7dMeXU 1021 days ago
My friend, nobody implied that any of these things result in a foolproof system.
link
lannisterstark 1021 days ago
Do you have the exact style of talking in all your comments lol?
link