microsoft should cancel all pentagon contracts and revoke their licenses.

Throwing rocks from the glassiest of houses

??? This is about giving chinese nationals root access to US military IT systems to save money. It's actually terrible opsec and should be a way worse scandal.

Technically backwards, those who encouraged and signed off on the deployment of Microsoft products breached security standards. If they did not ensure the contract ensured compliance with all applicable security requirements then they should not have given Microsoft a free pass to pools of money.

The same applies to virtually all fortune 1000 contracts that the Department of Defense has. Let the pain flow.

Yes, but we wouldn’t want to fly in the face of our tradition of letting Microsoft off scott free for severe governmental security breaches, would we?

Google, Amazon and several other gov contractors have been loosening their hiring guidelines since the Obama era when it was required for anyone working on gov cloud or gov anything needed to be U.S. Citizen, then it was just on U.S. soil to finally has to be monitored or reviewed by someone in U.S. which very quickly devolved to get the work done even if no one in the U.S. is awake. As you can imagine it would be easy for anyone to slip and take advantage of such wide gaps in security.

I have a weird take whenever stuff like this comes up but its in my humble opinion that world governments shouldn't rely on corporate developed software or even maybe hardware.

This is definitely hindsight is always 20/20 sort of thinking but governments should have long ago realized that trusting the likes of Intel, Microsoft, Oracle, etc. would leave them reliant on their innovations and also subject to their whims, mistakes, and more.

Basically I'm saying World governments all need their own internal OS developed and maintained internally by an official subdivision of said governments, and maybe even a separate branch developing internally utilized hardware.

Never gonna happen, and I'm sure there are issues with this solution, but its a hypothetical I think about whenever something tech related and the government comes up in the news, which is pretty much every day now.

On the other hand, have you ever seen a government authored operating system?

I work for one of the world's largest proprietary software companies.

100% agree with you

Countries should fund open source OS, browser, mobile OS. It is in their best interest.

This is about giving chinese nationals root access

Not how software development works. I don't have root access to every production system because I can submit pull requests to a Dev instance of the code.

It’s actually terrible opsec

One of the principles of FOSS is that you shouldn't need security through obscurity. Knowing how a system works won't compromise its integrity if the security protocols are sound. Having third parties participate in a project shouldn't compromise the project if the lead developers are doing proper code review and QA. A system that is predicated on being a black box to a hostile government in order to maintain security is rigged for failure.

But, more importantly, the idea that a foreign government can only obtain information on the inner workings of a system when people of that national origin work on the project is severely shortsighted. Do you genuinely believe there aren't significant numbers of domestic American developers of European ancestry who wouldn't happily sell access to a foreign government for the right price? Do you genuinely believe there aren't numbers who could be gulled into exposing the inner workings of their software inadvertently?

Nothing about Hegseth's complaint improves operational security. He's hinging his whole worldview on the notion that every other white person at Microsoft is as much of a nationalist as he pretends to be.

I'm sorry but you just straight up don't know what incident is being discussed here. Go look it up instead of talking about unrelated bullshit.

I think some billionaires are having buyer's remorse.

U.S. personnel with security clearances supervise foreign engineers, including those in China

Again, working on a codebase doesn't give you access to the production systems. Neither does being Chinese affect whether you are a reliable third party contractor.

If the workers were supervised and the supervisors were competent, there was no real security risk. Both of those are the big "Ifs" though. And that's why doing layers of outsourcing creates risks regardless of who you're outsourcing to.

Countries are not run in their best interest. They are run in the best interest of their ultra wealthy.

I’m agreeing with Pete Hegseth? WTF is happening right now?

I mean, listen to your gut instincts, which is that you're being foolish because he is a fool.

If your system demands trust, it's a bad system. If your system has a written set of rules that don't actually cover your requirements, it's a bad system. If the "tests" you imagine post-hoc aren't part of the system, you're just opportunistically trying to shift the blame.

You made a deal, set the parameters, and what... Expected the for profit company to ignore their fiduciary duty to shareholders to maximize profit? What is this, your first fucking day of capitalism, Pete?

His response to this is engineered to shift blame, and he's coming out swinging because ultimately he is to blame. It's barely more than a political catchphrase. He literally invoked "America First".

The supervisors did not have the expertise to know what the foreign workers were doing, otherwise there would not have had to be 2 workers in the first place. And the foreign workers were not just writing code - they were doing sysadmin. On DoD systems.

I don't know how to make any more clear to you but it's completely obvious to anyone that actually understands these things that this was terrible opsec, and obviously not how any reasonable person would expect a DoD contract to be managed.

The use of Azure to help with the systematic murder of a people: totally cool in Hegseth's eyes.

No, and I'm sure the various OS's that have been made by Governments have their (sometimes severe) flaws. But it is a potential solution to government reliance on corporate technologies nevertheless.

Totally agree, but at this point Microsoft is so ingrained in the US federal government that it's practically a branch of it.

Breach of trust doesn't have a price tag attached to it. Wake me up when there are any consequences.