Hiding Microsoft's Culpability in Security Breaches and Other Major Blunders (in the United Kingdom, This May Mean You Can't Get Food)
Total Cost of Ownership (TCO) is vast
YESTERDAY I noticed technical issues in the site of the local football team, Manchester City FC. It turned out to be worse than I had imagined.
"That URL goes to a web app not a Web site," I'm told by someone who blocks JavaScript by default, and it runs "Windows Server" apparently (it says "Windows Server 2008" in March 2024 over at Netcraft).
Windows Server 2008 has been "End of Life" (EOL) for over a decade already!
The site has historically had many severe issues, which is truly an embarrassing thing to, according to UEFA, the world's number one football club. "Club coefficient" is now 146,000, or 7,000 higher than Bayern Munich at second. Money isn't the issue here; Microsoft is more expensive and the oil sheiks at U.A.E. are funneling or pumping money to Bill Gates, both needlessly and at the cost of fans' security.
They waste their money on Microsoft, probably because they have got some Microsofter/s on the payroll, working for Microsoft from inside the club (in other words, working for Microsoft on someone else's payroll).
It's even worse. "Running on Microsoft Azure behind clownflare," as I was told, it is now behind "Malicious Clowns" (I did notice many ClownFlare gatekeeping episodes, presenting me with riddles to solve instead of pages... despite me using a mainstream browser without a VPN or Tor or anything like that). Azure has long been a failure despite what the media tells (for Microsoft as a sponsor). The "results" are faked (fraud), so Microsoft has moved on from harping about "clown computing" to "AI" (Hey Hype).
So someone out there (across the road from where I type this) needs to be sacked. This is not a new problem and I wrote about it before, both in my blog and elsewhere. It is worth noting that other football clubs are not this bad (they use GNU/Linux and Free software for their sites).
"I wonder how much money they lose directly by overpaying Microsoft and clownflare," I was told, "in addition to a large number of lost ticket sales."
It's almost impossible to book anything online. When Adobe Flash was dead or about to be dead they still used Flash. Technical incompetence all over this...
For the world's top-ranked or most prestigious club this is an embarrassment. They often cannot sell all the seats, so they leave money on the table and their digital assets in Microsoft's hands. Who's responsible for this shambles and, given new reports of mass compromise (security breaches), who will be held accountable when they formally announce security breaches? Since they use Azure, and Microsoft recently admitted that Azure had been cracked (belatedly and with blame-shifting), they did in fact suffer a security breach last year. Where does the responsibility lie for this? They just lie and lie like Sainsbury's and Gregg, having outsourced to Microsoft until essential systems broke down. People were unable to order good.
Of course Microsoft boasts about those companies as "clients" (in fancy "case studies") and hides/runs away when there are blunders and technical failures. Then Microsoft prefers not to be named at all.
Microsoft "keeps its contracts confidential," an associate reminds me, "and considers them as trade secrets even with government institutions like councils and universities."
"That secrecy is another thing to get out into the air..."
It is very difficult. I spent a lot of time over the telephone with Sainsbury's last week (4 different people) and they're stonewalling, calling it an "accident".
Anyway, with Microsoft we cannot expect real accountability. We already saw how the government let them get away with an Azure-wide security breach. The media has "moved on" and governments continue (secretly) paying Microsoft for breached systems, making problems and causing frustration for people who just want food, not a pew in some football stadium. Microsoft lowers standards for systems and for security.
Why does our tax money sponsor this?
Apropos security, "Google reports a significant surge in zero-day vulnerabilities in 2023," this Microsoft-sponsored 'news' site said on Wednesday, but "unlike other articles on the topic, this one avoids calling out Windows," the associate notes. The Register said "this included 17 Windows vulnerabilities, 11 in Safari, nine affecting both iOS and Android, and eight in Chrome."
A security-centric news site said: "Despite a surge in zero-day attacks, data shows that security investments into OS and software exploit mitigations are forcing attackers to find new attack surfaces and bug patterns."
But Microsoft is merely hiding known flaws [1, 2] until they are exploited by anyone other than the NSA et al. In other words, until it is too late and damage is already being done...
In a functioning industry, those who act like this would be detained and prosecuted.
Windows TCO is a considerable toll on all of society, even when they do not call out Windows. █