[albert180]

From the guys that got their Azure Master Key stolen due to gross incompetence. That's funny

[pcdevils]

Same company that ran it's 'container services' on an ancient version of kubernetes with broken isolation

[geraldhh]

containers are for packaging and deployment NOT for isolation

[adrian_b]

In this case, that does not prove much.

For big companies like Microsoft it is normal to have both some employees who may be security experts and also thousands of others who not only are ignorant about security but they also do not seek the advice of those who may be more knowledgeable.

So without other information, the fact that some document about security comes from Microsoft cannot be used to guess anything about whether it is valuable or not.

[blibble]

also the Russians got into their senior executives email accounts via some test account by brute forcing passwords

https://www.theverge.com/2024/1/26/24051708/microsoft-hack-r...

[b0ner_t0ner]

The company that had poor security practices for their Azure Cosmos DB cluster.

[probably_satan]

Haha. This. Except it wasn't stolen they flat out gave it away and sold out America to China. That's why they put so much effort into trying to spin Microsoft as some forward fighter in infosec these days even though anyone with a half of a brain knows that Microsoft is the greatest liability in security/democracy and engaged in espionage against the US. They should stick to what they do best, steal other people's ideas/concepts/some current trend in tech, try and rebrand it as a Microsoft thing and weaponize litigation to capitalize on it.

[iJohnDoe]

There is no doubt Microsoft is in cahoots with all US 3 letter agencies. They have connections and systems in place to make it easy for data collection.

However, I don’t think I ever heard of Microsoft engaged in espionage against the US. Elaborate?

[zare_st]

Organization proven to use and abuse the security via obscurity model.