Attached: 1 image
So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.
How can you push a tool that siphons data to a third party onto a security-critical system?
What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?
#infosec #security #openai #microsoft #windowsserver #copilot
What the hell?!?!?! This is a server OS! It needs to be as light as possible and for the sake of server stability and security, admins carefully choose the installed apps. Microsoft can’t just install new applications on a whim.
People in this thread seem to be missing this point.
This is windows server, not windows 11. The consequences is not “I’ll have an annoying taskbar icon on my home computer”, this is enterprise level interference that could affect large systems and thousands of users.
Linux Mint isn’t an alternative to windows server.
Yep. I no longer have to administer Windows servers (everything I do is serverless these days) but I did for many years.
Adding anything to a server without vetting it against policies is a huge no no. Back when I was doing it, a big part of our monthly update deployment was updating the test environment first so we knew we weren’t about to break a bunch of shit for us and our customers. Not just “does this brick Windows server”, but “do our applications still function” (usually yes, but the answer was no on several occasions over shit smaller than this).
I don’t know what adding copilot does. Is it going to accidentally break some custom application by accident because it’s tied directly into the system? Is it going to report shit that I’ve already opted out of due to our data policies and possibly fuck up our audit compliance because of government regulations (defense, medical, and energy sectors have huge responsibilities in that area, just don’t ask how I know)? How does it interact with our in-house developed software?
Fuck, I dunno. That sounds like a nightmare for infrastructure and ops, several managers, government regulators, and a payday for legal.
Almost any Unix can be an alternative for Windows Server. Never understood why it was used, other than tech illiteracy of lowly tech workers who only knew MS stack.
In addition, with all Microsoft’s faults they had a hell of a small business package for years. In a lot of small businesses, the current CIO came up during those times and dictates policy.
Plus there are a lot of VARs and MSPs who push MS due to favorable terms and kickbacks. Small and medium sized businesses who outsource IT go with whatever they’re told because they don’t have the expertise, time, or desire to explore alternatives.
Plus there’s a load of self hosted software for certain industries that only works on Windows servers.
What the hell?!?!?! This is a server OS! It needs to be as light as possible and for the sake of server stability and security, admins carefully choose the installed apps. Microsoft can’t just install new applications on a whim.
This is fuged up.
People in this thread seem to be missing this point.
This is windows server, not windows 11. The consequences is not “I’ll have an annoying taskbar icon on my home computer”, this is enterprise level interference that could affect large systems and thousands of users.
Linux Mint isn’t an alternative to windows server.
You’re right ig, in that case grab Debian.
Yep. I no longer have to administer Windows servers (everything I do is serverless these days) but I did for many years.
Adding anything to a server without vetting it against policies is a huge no no. Back when I was doing it, a big part of our monthly update deployment was updating the test environment first so we knew we weren’t about to break a bunch of shit for us and our customers. Not just “does this brick Windows server”, but “do our applications still function” (usually yes, but the answer was no on several occasions over shit smaller than this).
I don’t know what adding copilot does. Is it going to accidentally break some custom application by accident because it’s tied directly into the system? Is it going to report shit that I’ve already opted out of due to our data policies and possibly fuck up our audit compliance because of government regulations (defense, medical, and energy sectors have huge responsibilities in that area, just don’t ask how I know)? How does it interact with our in-house developed software?
Fuck, I dunno. That sounds like a nightmare for infrastructure and ops, several managers, government regulators, and a payday for legal.
Almost any Unix can be an alternative for Windows Server. Never understood why it was used, other than tech illiteracy of lowly tech workers who only knew MS stack.
The usual answer to that is “active directory”. It’s not uncommon to have one windows server alongside other Linux servers because of AD.
In addition, with all Microsoft’s faults they had a hell of a small business package for years. In a lot of small businesses, the current CIO came up during those times and dictates policy.
Plus there are a lot of VARs and MSPs who push MS due to favorable terms and kickbacks. Small and medium sized businesses who outsource IT go with whatever they’re told because they don’t have the expertise, time, or desire to explore alternatives.
Plus there’s a load of self hosted software for certain industries that only works on Windows servers.
Stop resisting!!