Microsoft said it lost weeks of security logs for its customers' cloud products

If you use Azure in any realistic production environments, then it's on you. Even with $100k in free credits, they couldn't convince me to use it for more than a month. It is expensive, the interface is highly user unfriendly and most important of all, their products don't at all seem reliable for production workloads because of stuff like this. Sorry Microsoft, I think you can do much better.

I was laughing recently when at some place they started to install MS software on all Linux machines to integrate them into Azure. At that point you should just stop and think for a while about it. Didn’t you go for Linux because you wanted to have a reliable system?

The MS security software (for better or worse), is better than any open-source linux solution, and can follow attackers as they move laterally through the network, instead of linux servers being a big black hole were adversaries can do as they please.

All security software from any vendor is going to have issues, and often you just have to go with whatever the company is running for the whole environment and not compromising security because of some jokes from the 90s

The joke from the 90s is the fact that people still use MS products and think they aren't compromising security. MS have had disastrous outcome after disastrous outcome with an uncountable amount of security holes. There's been an astronomical toll on the economy from their crappy software with no end in sight.

However: Micro$oft deserves _massive_ credit for biting the bullet and systematically improving their security posture post like IE7.

*nix started from a better _initial_ posture as it was multi-user, permissioned, and network-aware from the start (vs. corporate MS-DOS => single user => GUI => networked), but MS really doubled down on systematic improvements that Linux is only now going through.

See the recent CUPS fiasco, C-code from 1999 running as root, and the "stuck in the mud" mentality that Linux has because there isn't the appetite for consistent investment and wholesale overhauls.

It has to do with "activation energy" and "local maxima". Linux feels like it's reached the local maxima, and it's a pretty tall peak to start from, so we can't get over the hump to make a step-change or drop back to a hypothetical "POSIX 0.5" so we can pivot to a "POSIX 2.0" (eg: take the loss for a decade or so in reduced functionality to end up on a more sane "other side" with better security principles and systematic depreciation of inefficient or insecure API-types).

There was a LWN article which talked about "permissions should be managed at the mount level, not the file level", and honestly that makes so much more sense, but it "loses" POSIX, and no one person is willing to "break linux" to admit to that mistake. Tons of other examples (eg: file race conditions, unprivileged by default, more protections on /usr than /home, etc)