[bramhaag]

  > We reported the vulnerability to Microsoft in April and they have since fixed it as a moderate severity vulnerability. As only important and critical vulnerabilities qualify for a bounty award, we did not receive anything, except for an acknowledgement on the Security Researcher Acknowledgments for Microsoft Online Services webpage.

I guess it makes sense that a poor little indie company like Microsoft can't pay bug bounties. Surely no bad things will come out of this.

[n2d4]

The important part:

  > Now what have we gained with root access to the container?

  > Absolutely nothing!

  > We can now use this access to explore parts of the container that were previously inaccessible to us. We explored the filesystem, but there were no files in /root, no interesting logging to find, and a container breakout looked out of the question as every possible known breakout had been patched.

I'm sure there are more ways to acquire root. If Microsoft pays out for one, they have to pay out for all, and it seems pretty silly to do that for something that's slightly unintended but not dangerous.

[bramhaag]

  > a container breakout looked out of the question as every possible known breakout had been patched

This is the part that concerns me. It only encourages an attacker to sit on an exploit like this until a new container breakout is discovered.

[tptacek]

Are you not concerned about all the other platforms that rely on containers as security boundaries between tenants? There are a lot of them.

[bgwalter]

It is hard to answer that since the stack is so convoluted. Some parts are forced on the user. Copilot is built into Microsoft Office workplace applications.

If you break out of a container, do you have access to the same system that serves these applications? Who knows, it looks like a gigantic mess.

[whazor]

I expect that they run their containers more isolated as virtual machines. So they have bigger problems of there is a breakout possible.

[nicce]

Severity is based on impact. What was the impact here beyond single container and that specific user instance? Feels like moderate was okay, or even too high.

[DSMan195276]

IMO if they truly don't consider it dangerous then they shouldn't have considered it a vulnerability at all, just a non-security bug. Labeling it a moderate vuln and not paying just seems like a bad middle ground to me, as though they haven't really decided if restricted root permissions is part of the security model or not.

[eddythompson80]

Eh, I’m guessing it’s just one of those bugs that have to be categorized as security, but the design assumes that this particular security layer is leaky and is only really there for the experience rather than actual security.

The container is almost certainly running with hypervisor isolation. The trust boundary is with the container. But an LLM is executing arbitrary code in a Jupyter notebook there. It could trash the container, which is not a security issue in itself (again since your boundary is hypervisor anyway) but it’s a pretty shitty experience. Suddenly copilot could trash its container and it no longer can execute code and you’re stuck until whatever session or health check kicks in to give you a new instance. So running LLM generated code/commands in a non-root user makes it easier to have a better experience.

At the same time, you’ll be laughed at if you don’t categorize a root escalation when not expected as a “not a security issue”

[amelius]

Maybe this was their honeypot container.

[citizenpaul]

I'll never understand why people do free dev work for multinational trillion dollar conglomerates.

[hnthrow90348765]

It's still good for reputation. This is by a researcher at a company, so a benefit for both of them. Plus if we didn't have bug bounty programs, they'd have to willingly work at Microsoft to do this research.

[nicce]

This could have turned badly in terms of reputation if they had tried to complain that the vulnerability should be critical, e.g. or using other ways to seek attention for not getting bounty, but current way was rather neutral way.

[hombre_fatal]

Could say the same thing about open source software.

[blendergeek]

It's why I don't understand why people believe in "open source". Why would I contribute free dev work to a billion dollar corporation? I do believe in "Free Software" which is contributing free dev work to my fellow man for the benefit of all man mankind.

[CharlesW]

This may be a misconception. "Free software" (e.g. Linux) also benefits billion-dollar corporations and "open source" also benefits all mankind.

[blendergeek]

Free software and open source are two ideologies for the same thing. Free Software is the ideology of developing the software for the benefit of mankind (it's sometimes termed a "political" stance but I see it as an ethical stance). Open source is the ideology of saving money at a corporation by not paying the developers. Sure open source can benefit mankind but will only develop corporate software for money. When developing on my own time, I will focus on software that either personally benefits me or benefits other regular people.

[CharlesW]

I applaud your choice! I just can't think of any free software examples that don't also benefit corporations.

[NoOn3]

at least under some licenses like GPL/AGPL you get some code back.

[eastbound]

> Why would I contribute free dev work to a billion dollar corporation?

The billion dollars company contributed more to your startup than you do to them. Microsoft provides:

- VSCode,

- Hosts all NPM repositories. You know, the ones small startups are too lazy to cache (also because it’s much harder to cache NPM repositories than Maven) and then you re-download them at each build,

- Typescript

[wkat4242]

Meh it depends whether you use those things of course. There's other IDEs, other languages. And Microsoft isn't doing this out of charity. A lot of the really useful plugins are not working on the open source version, so people that use them provide telemetry which is probably valuable. Or they use it as a gateway to their services like GitHub Copilot.

If a mega corporation gives you something for free it's always more beneficial to them otherwise they wouldn't do it in the first place.

[eastbound]

So, no OSS contribution is valid unless you are using this very library?

Did Microsoft contribute more to the OSS world, or did the OSS world contribute more to Microsoft? I pardon Microsoft because they have donated Typescript, which is a true civilizational progress. You could say the OSS world has contributed to Microsoft because they’ve given them a real OS, which they didn’t have inner expertise to develop. We’re even.

Now you sound like you have a beef against large companies and would find any argument against them. Some guy once told me that I didn’t increase my employees by 30% out of benevolence, but because I must be an awful employer. See, why else would I increase employees.

This behavior is actively harmful to the rest of the world. You are depriving good actions from a “thank you” and hence you are depriving recipients of good actions from more of them. With this attitude, the world becomes exactly like you project it to be: Shitty.

[exe34]

I think the argument is that when big companies make use of stuff, it gets more scrutiny and occasionally they contribute back improvements, and the occasional unicorn gets actual man hours paid for improving it. So if your project gets big enough, it's beneficial. But you have to have a MIT/BSD license usually, because companies will normally stay away from GPL.

[victorbjorklund]

Why do basic science which benefits everyone else for free?

[dylan604]

I know maintainers of projects have been hired directly by companies using their code as it is the most expedient way forward. Others might just offer up enough money to get the maintainer to take up a few of their specific issues/requests in a way that makes it worth their while. Just because someone is working on a project that is open source does not mean that money cannot be involved in the development. The company paying that money knows that the updates released as a normal part of the project will be available to anyone else using it as well.

[pharrington]

It's called "I use the software, I already want to improve the software I'm using, so after I improve it I'll contribute the improvements I've already made to the broader community."

Granted, I myself have been guilty of not giving back to the open source community this way in the past, but I won't pretend that was reasonable or ethical of me!

edit: after reading some commemnts, i realize i may have meant to say "free software" instead of "open source"

[Disposal8433]

No, we can't say. I'm not an asshole, it helps people, and companies shun GPL licenses. That's not a valid comparison. Microsoft can go fuck itself, people around me love my software and it improves their lives.

[tptacek]

It's... 100% a valid comparison? The point is that doing free vulnerability research isn't irrational, not that doing open source work is bad. You're twisting yourself into a pretzel trying to keep the original argument alive.

[MattGaiser]

It mostly pays in career benefits. Same reason why plenty intern for free.

[qbit42]

Who is interning for free as a software engineer?

[MattGaiser]

People people who did bootcamps and thus are too risky to hire for most roles and cannot get into the standard CS hiring pipeline. Especially now that junior roles are drying up.

In professions like fashion, virtually everyone seems to at some point.

[koakuma-chan]

Me

[jimbokun]

Well a lot of people do this kind of work to be able to commit crimes.

[apwell23]

i don't think they did the work for them. they just reported it to them.

[paulddraper]

As you’ll see elsewhere, “root” got them literally nothing. They tried but there was nothing to be had.

[wkat4242]

They didn't find anything they could do with it but that container isn't there for no reason. I agree with the rating but it's nonetheless worrying. You don't leave the house you bought unlocked because there's nothing in it to steal yet.

[paulddraper]

More like leaving your front gate unlocked.

[0xbadcafebee]

M$: If you're not going to send any money, send some swag. Make it cool and hackers will wear it, and now you have them advertising for you and possibly even want to work for you. Culture is a tool, and hackers have culture, so learn how to use it.