But it also allowed Apple to ignore third party firewalls for their own communications with Apple.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Microsoft Blames European Commission for Major Worldwide Outage
- Thread starter MacRumors
- Start date
- Sort by reaction score
Kexts are now disapproved of, but I don't think they've have been entirely disabled on MacOS 13 and later: https://support.apple.com/en-ca/guide/deployment/depa5fb8376f/web
Perhaps it was all a plan: get hired by crowdstrike. Short the stock. Mess up an update. Cover the short.
So who wants to bet that the way the EU responds to this is to fine Microsoft for "malicious compliance" and to force Apple to also comply? Bunch of idiots run that place.
The EU didn't get that specific. The EU basically said you use an API to write software you have to give that access to others. So if the only way you can make MS Excel run fast on your OS is to use APIs that were undocumented, you have to document those APIs and let others use them. They didn't get into kernels, endpoint security API, etc. Just document the APIs for others if your software uses them.
The difference between Apple and MS in this area is that Apple created new API before restricting access to the kernel. Over 5 years ago Apple developed the EndpointSecurity framework as one of several types of "system extensions" so that 3rd party security vendors could accomplish their goals without writing kernel extensions. MS kept with the simpler model of using kernel extensions/drivers/etc for their own products which meant that 3rd parties could too.
Tornado strikes US town. American corps: "Thanks EU!"
One good thing about gen ai is hopefully it will stop companies from trying to squeeze out every single bit of incremental revenue that can and focus on the big prize of winning at ai. Even a certain fruit company.
Windows 12 should then be a rock solid platform for ai with all the legacy stuff finally stripped away and no cheap promotions in the start menu etc.
Unfortunately that’s not likely to happen, as Microsoft has very little good taste and corporates still want to run some dot.net application that was last maintained in 2008.
That makes a lot of sense. It's just crazy how it caused so much distress for such a small percentage of users.
The real issue here is lack of testing by CrowdStrike, whose CEO was the CTO of McAfee the last time a similar thing happened:
This is the 2nd time CrowdStrike CEO George Kurtz has been at the center of a global tech failure
CrowdStrike CEO George Kurtz was the CTO of McAfee in 2010 when another security update caused millions of computers to crash around the world.www.businessinsider.com
From Microsoft risk analysis standpoint this shouldn’t even have been allowed in the first place. Having a third party company whose code you don’t have QA over being able brick your entire OS is incredibly dangerous in terms of liability and reputation.
It’s the equivalent of a food factory not having any processes in place to check ingredients of suppliers. Yes 99.9% of the time it’s fine but it just takes one unlikely accidental rat poison contamination to bring down your whole operation.
The answer is Microsoft shouldn’t be giving kernel access period. If this was the case already, the EU wouldn’t event have a leg to stand on.
Kernel developers of coures have access to the kernel. However, we're not talking kernel developers but rather add-on and additional products.
So if MS can only make Excel fast on Windows by using a special API then that API has to be documented for everyone else as well.
Likewise, if MS can only make a antivirus/security suite by adding kernel drivers/extensions/etc then they have to let others do the same.
Actually it's EU's meddling that might have saved Apple and gave us the competition we have today. Had MS been able to continue their "aggressive tactics" they could have squeezed Apple out of the market before they even got a chance to develop the iPhone, etc. What would Apple have looked like in the 2000s with no Microsoft Office, access to SMB shares, integration to NT domains? What if they had blocked Apple from making a proper iTunes for Windows (i.e. no seamless access to iPods and later iPhones) would those devices have taken off? If MS continued with the tight integration and bundling of IE in Windows, would other browsers have taken off? Would the net be dominated by IE-specific websites that were always glitchy when accessed from a non-MS system?
Then why do they go sticking their nose where it doesn't belong and force these companies to open up the most crucial parts of their products' operating systems to more vulnerabilities in addition to the many threats that already exist? At the very least they seem to be ignorant to even the basics of cybersecurity, like we're talking the simplest stuff here that I learned in the first half of the first semester as a comp sci university student. If lawmakers are so ineptly dense they can't take a little time to learn about the basics of what goes into securing the most crucial components of the world economy and human communication these days, then what the hell business do they have being in those roles???
My question then is - in light of this recent event, would you be in favour of Microsoft closing off kernel-level access to their OS to everyone else but themselves, and is there any EU legislation that would specifically prevent Microsoft from doing so?
What we are seeing now is the unintended consequences of a piece of legislation that was made 2 decades ago. It's easy to cheer the immediate benefits of opening up a market like the iOS App Store (eg: so and so app is now available!). Not so easy to predict the long term ramifications of what might happen in the future.
Oh no. Are you back on the heroin again Microsoft? **** that's painful to see. We get it. You show up on time for CIO meetings and you look plenty put together when you do. You say everything is great. But now you're hurting people around you and blaming it on them. We know, you can "quit anytime". Heroin just gives you that extra edge and it's not an "addiction". We trusted you when you "quit" with the release of Windows 10 but ---- fool me twice shame on me. You're on your own now bud. I wish you well.
Apple hasn’t been forced to allow kernel level access in iOS or iPadOS so…..no? It’s only a thing because Microsoft allow themselves to access it
Yeah that’s how I read it.
At the root of it, it seems to be Microsoft being lazy and not fully modernising windows and still allowing av and anti malware programs to run at kernel level, including its own solutions (hence why it has to allow 3rd party solutions to run).
And also because corporates still want to run old code - and they pay Microsoft a lot of money for licenses - then it feels a good reason to them for things not to make significant changes to windows.
Changes which would make it far safer - but probably break a load of applications that run with ageing code.
I say - buy a Mac. And if you can’t afford a Mac and want your computer to ‘just work’ get a Chromebook (but don’t forget to read those google privacy policies).
And if you’re technical with not much cash to spare, get Linux on your laptop.
And my proposal is to make it so only Microsoft has privileged access to their own kernel, making them responsible (and the only company capable of) managing the security of windows devices around the world.