• nkat2112@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    18
    ·
    5 months ago

    If only the feds had some inkling, based on decades of history, that Microsoft might not manage security well…

    /s

    All sarcasm aside, I wonder if there will be consequences for the dismissed warnings. I’m hoping so, because this is thoroughly inexcusable.

    I appreciate the former employee for speaking out.

    • Refurbished Refurbisher@lemmy.sdf.org
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      edit-2
      5 months ago

      To be fair, they’ve handled security excellently on their Xbox consoles. 360 still hasn’t had a software exploit after the King Kong exploit was patched (and even then, it needed a DVD drive that could play burned discs), and it was only recently that an Xbox One and Series kernel exploit was found, and that’s limited to the SystemOS VM.

      Basically, shove everything in virtual machines and it’ll probably be fine. QubesOS does a very similar thing on the desktop side. If no running programs can access the host OS, then it’s very unlikely that code execution on the host OS can occur, save for the very rare hypervisor escape exploits.

      On Windows, macOS, and most Linux distros, everything runs on the host OS.