Microsoft: SolarWinds Attackers Viewed Our Source Code _infosecurity-magazine.com
| posted by Brendan in : incident_response | 2 comments |
1

Microsoft: SolarWinds Attackers Viewed Our Source Code

Comments

You must log in or register to comment.

One of the very relevant tidbits in security is that Obscurity does NOT equal Security. Microsoft is stating that while their source code is proprietary they're not depending on the code itself to ensure security. This is an excellent attitude when it comes to securing your final products and goes directly to the claim by open source proponents that open source is fundamentally more secure because anyone can review the source code.

Mikhail wrote
1

"The OS maker said the hackers did not make any changes to the repositories they accessed because the compromised accounts only had permission to view the code but not alter it." MS is play down how much control the hackers had. From darknet articles, there is more info post of how much they did. Plus all the backdoors they found which MS bake into the Windows 10. Now they have everything they need to get into all Windows 10 computers without any interaction of user. Beware using MS Windows 10. It is now not safe to use.

Antoine wrote
1