The aftermath to the recent Microsoft Azure hack by suspected PRC actors.

What is the solution to this? Make sure cloud services are open source so they can be independently vetted? If government and corporate entities chose to use open source solutions, most are presented “as is” with no warranty.

  • kglitch@kglitch.social
    link
    fedilink
    arrow-up
    28
    ·
    1 year ago

    Recently I was doing some Azure integration work, with OAuth, Teams and Outlook. At one point I noticed that logging in with a MS account causes my browser to do ~10 redirects between different services while downloading over 30 MB of Javascript and thought “Huh, this looks like decades of technical debt. Either MS devs are waaay smarter than me or this is a pile of garbage”. I guess both could be true.

    • eltimablo@kbin.social
      link
      fedilink
      arrow-up
      17
      ·
      1 year ago

      They have no choice but to be smarter than us on account of the pile of garbage they’ve been given.

    • Scrubbles@poptalk.scrubbles.tech
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      I’ve done some contracts there and yeah, while they are incredibly smart, there’s so much bloated corpo overhead that they are restricted by red tape. I’m not surprised a simple login takes 30 redirects at all.