Attached: 1 image
So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.
How can you push a tool that siphons data to a third party onto a security-critical system?
What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?
#infosec #security #openai #microsoft #windowsserver #copilot
People in this thread seem to be missing this point.
This is windows server, not windows 11. The consequences is not “I’ll have an annoying taskbar icon on my home computer”, this is enterprise level interference that could affect large systems and thousands of users.
Linux Mint isn’t an alternative to windows server.
Yep. I no longer have to administer Windows servers (everything I do is serverless these days) but I did for many years.
Adding anything to a server without vetting it against policies is a huge no no. Back when I was doing it, a big part of our monthly update deployment was updating the test environment first so we knew we weren’t about to break a bunch of shit for us and our customers. Not just “does this brick Windows server”, but “do our applications still function” (usually yes, but the answer was no on several occasions over shit smaller than this).
I don’t know what adding copilot does. Is it going to accidentally break some custom application by accident because it’s tied directly into the system? Is it going to report shit that I’ve already opted out of due to our data policies and possibly fuck up our audit compliance because of government regulations (defense, medical, and energy sectors have huge responsibilities in that area, just don’t ask how I know)? How does it interact with our in-house developed software?
Fuck, I dunno. That sounds like a nightmare for infrastructure and ops, several managers, government regulators, and a payday for legal.
For sure, if you need paid support (which if you aren’t a tech giant, a fledgling startup, or a system with no need for uptime metrics, you probally do) the you have:
SUSE Linux Enterprise Server (aka SLES and only still Libre option in this category unfortunately)
Red Hat Enterprise Linux (RHEL)
Ubuntu are
if don’t need paid support then Debian, OpenSuse, Rocky, or Fedora are all good picks.
Almost any Unix can be an alternative for Windows Server. Never understood why it was used, other than tech illiteracy of lowly tech workers who only knew MS stack.
In addition, with all Microsoft’s faults they had a hell of a small business package for years. In a lot of small businesses, the current CIO came up during those times and dictates policy.
Plus there are a lot of VARs and MSPs who push MS due to favorable terms and kickbacks. Small and medium sized businesses who outsource IT go with whatever they’re told because they don’t have the expertise, time, or desire to explore alternatives.
Plus there’s a load of self hosted software for certain industries that only works on Windows servers.
People in this thread seem to be missing this point.
This is windows server, not windows 11. The consequences is not “I’ll have an annoying taskbar icon on my home computer”, this is enterprise level interference that could affect large systems and thousands of users.
Linux Mint isn’t an alternative to windows server.
You’re right ig, in that case grab Debian.
I only SysAdmin on raspbian thank you very much.
Yeah but Fedora and Debian sure as shit are.
For enterprise servers surely you mean Red Hat
Yep. I no longer have to administer Windows servers (everything I do is serverless these days) but I did for many years.
Adding anything to a server without vetting it against policies is a huge no no. Back when I was doing it, a big part of our monthly update deployment was updating the test environment first so we knew we weren’t about to break a bunch of shit for us and our customers. Not just “does this brick Windows server”, but “do our applications still function” (usually yes, but the answer was no on several occasions over shit smaller than this).
I don’t know what adding copilot does. Is it going to accidentally break some custom application by accident because it’s tied directly into the system? Is it going to report shit that I’ve already opted out of due to our data policies and possibly fuck up our audit compliance because of government regulations (defense, medical, and energy sectors have huge responsibilities in that area, just don’t ask how I know)? How does it interact with our in-house developed software?
Fuck, I dunno. That sounds like a nightmare for infrastructure and ops, several managers, government regulators, and a payday for legal.
The thought of administering windows server is vomitous.
How else would you manage microsoft AD?
There’s alternatives out there, unless you have specific contract obligations.
Maybe, but it’s still widely used and someone has to do it.
For sure, if you need paid support (which if you aren’t a tech giant, a fledgling startup, or a system with no need for uptime metrics, you probally do) the you have:
if don’t need paid support then Debian, OpenSuse, Rocky, or Fedora are all good picks.
You could install Rocky and be done
Freebsd letsgo
Almost any Unix can be an alternative for Windows Server. Never understood why it was used, other than tech illiteracy of lowly tech workers who only knew MS stack.
The usual answer to that is “active directory”. It’s not uncommon to have one windows server alongside other Linux servers because of AD.
In addition, with all Microsoft’s faults they had a hell of a small business package for years. In a lot of small businesses, the current CIO came up during those times and dictates policy.
Plus there are a lot of VARs and MSPs who push MS due to favorable terms and kickbacks. Small and medium sized businesses who outsource IT go with whatever they’re told because they don’t have the expertise, time, or desire to explore alternatives.
Plus there’s a load of self hosted software for certain industries that only works on Windows servers.