Conversation

Notices

Ji Fu (fu@hostux.social)'s status on Tuesday, 30-May-2023 23:54:15 JST Ji Fu

Microsoft can’t steal source code from private GitHub repositories, even if they wanted.
This is similar to ‘moon hoax’: It is easier to actually go to the moon than faking it (nearly impossible) and keeping it a secret (impossible). https://www.quora.com/Can-Microsoft-steal-source-code-from-private-GitHub-repositories/answer/Baris-Saydag
In conversation Tuesday, 30-May-2023 23:54:15 JST from hostux.social permalink
Attachments
1. Can Microsoft steal source code from private GitHub repositories?
  
  Answer by Baris Saydag, former Software Security Development Manager at Microsoft (2004-2017)
- Disinformation Purveyor :verified_think: (thatguyoverthere@shitposter.club)'s status on Tuesday, 30-May-2023 23:54:14 JST Disinformation Purveyor :verified_think:
  in reply to
  
  @Fu > Microsoft-caliber developers
  
  :smirk:
  
  In conversation Tuesday, 30-May-2023 23:54:14 JST permalink
- Disinformation Purveyor :verified_think: (thatguyoverthere@shitposter.club)'s status on Tuesday, 30-May-2023 23:55:26 JST Disinformation Purveyor :verified_think:
  in reply to
  - Disinformation Purveyor :verified_think:
  @Fu > Microsoft has cutting-edge security teams and high standards of business conduct
  
  That's why they published the private keys for github right?
  
  In conversation Tuesday, 30-May-2023 23:55:26 JST permalink
- Disinformation Purveyor :verified_think: (thatguyoverthere@shitposter.club)'s status on Tuesday, 30-May-2023 23:59:35 JST Disinformation Purveyor :verified_think:
  in reply to
  - Disinformation Purveyor :verified_think:
  @Fu This guy drank the koolaide for sure. I don't know if they *will* steal code, but they certainly *could* at least steal ideas even if they couldn't just drop existing private projects right into their own work. And considering microsoft's roots it is definitely not beneath them.
  
  In conversation Tuesday, 30-May-2023 23:59:35 JST permalink
- Jeff Cliff (jeffcliff@shitposter.club)'s status on Wednesday, 31-May-2023 02:12:19 JST Jeff Cliff
  in reply to
  
  stopped reading at
  
  > Microsoft is a principled company, that also wants to stay out of legal trouble and public backlash
  
  In conversation Wednesday, 31-May-2023 02:12:19 JST permalink
  
  Machismo likes this.
- hyolobrika@berserker.town's status on Wednesday, 31-May-2023 02:18:29 JST Hyolobrika
  in reply to
  - Disinformation Purveyor :verified_think:
  @thatguyoverthere
  What I'm concerned about is this paragraph:
  >Funny thing is, Microsoft doesn’t need to spend $7B to buy GitHub to access others’ private information, including source code. Visual Studio, Office, Windows is used on literally hundreds of millions of enterprise and government computers. Like that’s not enough, world’s biggest enterprises and governments, including foreign governments, trust Microsoft with Azure, Microsoft’s cloud platform. So, Microsoft already has access to anything they can possibly want. Neither the corporation nor the people in it will ever betray that trust in a conspiracy like this.
  As users, we rely on the software (and hardware) we use being able to be audited for backdoors; even proprietary software (see https://seirdy.one/posts/2022/02/02/floss-security/ ).
  Is that not actually the case? Worrying if so.
  Maybe this guy is subtly letting slip that there is a backdoor in those pieces of software that no one has caught yet.
  @Fu
  In conversation Wednesday, 31-May-2023 02:18:29 JST permalink
  Attachments
  1. The right thing for the wrong reasons: FLOSS doesn't imply security
    
    from Rohan Kumar
    
    While source code is critical for user autonomy, it isn't required to evaluate software security or understand run-time behavior.
  Disinformation Purveyor :verified_think: likes this.

Public

Notices

Feeds