cross-posted from: https://awful.systems/post/1965658
Kind of sharing this because the headline is a little sensationalist and makes it sound like MS is hard right (they are, but not like this) and anti-EU.
I mean, they probably are! Especially if it means MS is barred from monopolies and vertical integration.
All that EU mandates is equal access to system features by the competitors.
What Microsoft is saying is that they would never fuck up like Crowdstrike did. That’s bullshit - they are human too and need security enforced at an architectural level. The other thing that Microsoft is saying is that they could not prevent this. That’s also bullshit because others did.
Windows and Linux allow third party apps to run at kernel / driver level and consequences of that are on those operating systems. It wasn’t even the first time this happened. Crowdstrike was responsible for similar issue on Linux earlier this year and it was also caused by a kernel module crash.
Apple doesn’t allow kernel / driver level access for apps and replaced those with API few years ago. It’s no coincidence Crowdstrike didn’t manage to break MacOS so far. There’s nothing stopping Microsoft from implementing something similar.
Obviously Crowdstrike is at fault here but so is Microsoft.
This whole story is just PR bullshit and spin by Microsoft.
They’re trying to draw attention away from the major problem: that they are a monopoly and with Crowdstrike they’re forming a duopoly for their customerbase which has caused great over reliance and vulnerability in global systems and services.
Microsoft are trying to preempt the solution to this problem - opening up access further for competitors so companies have viable choices for cloud based platforms and services if they use Microsoft windows.
The problem was not that Microsoft has to give access so competitors are able to develop security products. Its that anti-competitive behaviour has caused homogenous systems for big companies allowing a point failure that has caused massive financial damage.
MacOS is not really relevant in this - this is about cloud services and platforms so Microsoft, Amazon and Google.
MacOS is relevant to this specific issue. It’s an example of an OS that mitigated risk in a way that would be compliant with EU requirements Microsoft is blaming this on.