Attached: 1 image
So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.
How can you push a tool that siphons data to a third party onto a security-critical system?
What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?
#infosec #security #openai #microsoft #windowsserver #copilot
It wouldn’t have been installed at all if the OP did their job properly and had set the one config option. Microsoft doing shady things is hardly news. That’s why a good Windows sysadmin keeps and eye out for this sort of stuff.
I get that, but we can’t go around assuming stuff and blasting people over assumptions. We don’t know if someone else in his team was in charge of that, and he found out while auditing the server, that’s certainly a possibility. Then there’s the fact that his post could help someone thinking about setting up a similar server rethink this and choose to move away from Microshit altogether.
I agree that whomever is in charge should keep updated on information, issues and their potential solutions (I’d fire any sys admin not living by those rules, for sure).
Now, if he is, in fact, responsible for that, shame on him, but he’s innocent until proven guilty.
The OP is re-tooting a toot of a screenshot of a tweet. My (mild) criticism isn’t aimed at OP, nor the OP of the OP, just the original Twitter OP. No one was “blasted” but even if they were, the Twitter OP is not likely to see my comments and have a bad case of the sads from it.
It wouldn’t have been installed at all if the OP did their job properly and had set the one config option. Microsoft doing shady things is hardly news. That’s why a good Windows sysadmin keeps and eye out for this sort of stuff.
I get that, but we can’t go around assuming stuff and blasting people over assumptions. We don’t know if someone else in his team was in charge of that, and he found out while auditing the server, that’s certainly a possibility. Then there’s the fact that his post could help someone thinking about setting up a similar server rethink this and choose to move away from Microshit altogether. I agree that whomever is in charge should keep updated on information, issues and their potential solutions (I’d fire any sys admin not living by those rules, for sure). Now, if he is, in fact, responsible for that, shame on him, but he’s innocent until proven guilty.
The OP is re-tooting a toot of a screenshot of a tweet. My (mild) criticism isn’t aimed at OP, nor the OP of the OP, just the original Twitter OP. No one was “blasted” but even if they were, the Twitter OP is not likely to see my comments and have a bad case of the sads from it.
Ok, cool, I guess.