WTF ... IS WTF!?
We are a collective of people who believe in freedom of speech, the rights of individuals, and free pancakes! We share our lives, struggles, frustrations, successes, joys, and prescribe to our own special brand of humor and insanity. If you are looking for a great place to hang out, make new friends, find new nemeses, and just be yourself, WTF.com is your new home.

Microsoft offers $100,000 to hack its custom Linux OS

BlastemSkyHigh

The Original Fuck You Bomb
Premium
71
52
43
Microsoft is offering hackers up to $100,000 if they can break the security of the company’s custom Linux OS. The software giant built a compact and custom version of Linux last year for its Azure Sphere OS, which is designed to run on specialized chips for its Internet of Things (IoT) platform. The OS is purpose-built for this platform, ensuring basic services and apps run isolated in a sandbox for security purposes.

Microsoft now wants hackers to test the security of the Azure Sphere OS, paying up to $100,000 if the Pluton security subsystem or Secure World sandbox is breached. The bug bounty program is part of a three-month research challenge that runs from June 1st until August 31st. “We will award up to $100,000 bounty for specific scenarios in the Azure Sphere Security Research Challenge during the program period,” explains Sylvie Liu, a security program manager at Microsoft’s Security Response Center.
Microsoft wants a group of security researchers to join the challenge

The challenge is focused on the Azure Sphere OS itself, and not the underlying cloud portion that’s already eligible for Azure bounty program awards. Microsoft is specifically looking for a group of security researchers to try and break its Linux OS security. Physical attacks are out of scope, but researchers can apply to be part of the challenge here.
Azure Sphere was announced at last year’s Build developer conference, and it’s still relatively new. Businesses like Starbucks are rolling out Azure Sphere to secure its store equipment, which feeds back data points on the type of beans, coffee temperature, and water quality for every shot of espresso.
Microsoft CEO Satya Nadella sees IoT devices as a key area for the company, describing its cloud business as the biggest hardware business at Microsoft earlier this year. Nadella is chasing the billions of IoT devices that analysts predict will be in use over the next decade. Azure Sphere is a key part of the mission to help secure and manage these devices, and part of Microsoft’s increased push to win a world beyond Windows that’s increasingly moving to cloud computing.

====================================================================================
This got me to thinking,

Microsoft & Linux, with a supposedly ( not for long ) unhackable system....
Did Thanos really snap his fingers, but got distracted right before the snap, are we in the right freaking universe??
..i mean wtf...
 

BlastemSkyHigh

The Original Fuck You Bomb
Premium
71
52
43
Thing that really baffles me is the usage of the term Linux,
Linux is Open Source,
FREE and that is the reason I love my Linux Distros..

and the reason I dislike Microsoft, nothings free from that assclown, even his vaccines
 

BlastemSkyHigh

The Original Fuck You Bomb
Premium
71
52
43
True, but thats what Dual-Boot is for,
and I can find a Hacked windows OS anywhere with or without bugs init.
 

CoprophagousCop

Social Distancing Warrior
Premium
2,472
2,324
357
This sounds like Microsoft has two goals here: 1. Get more people to buy their products. 2. Get people to do quality assurance on their products but only pay them if they are the first to find a bug.

Personally I think hooking all these devices directly to the internet is dumb. If I had a business, I would only connect what absolutely needs to be connected to the internet. Everything else can be attached to a private, local network. The best security is keeping things offline.
 

MaxPower

Stay safe and fuck off
Staff
17,243
7,829
637
Microsoft does this on a regular basis. Every time they come out with a new version of Windows they pay bug bounties. In 2019 alone they paid out over $4 million to "independent vulnerability and penetration consultants" . ;)
 

Dark Fader

[]D [] []V[] []D
2,312
3,427
357
Where are my Microsoft reparations?

If you combine the hours I've spent installing ...
SP3
Turning OFF Automatic Updates ...
Turning ON Automatic Updates !
Waiting 3 hours to DL my Automatic Updates
Staring at my Blue Screen of DETH
Rolling back to a previous install of WinXP
Updating SP2 to SP3
oh wait, where's my C++?
Why am I installing various versions of c++?
Defragging my HD
Format fs=ntfs
Install SP3 (AGAIN)

... I could have developed my own OS.
 
  • 1Like
Reactions: BlastemSkyHigh

BeautifulSniper

Lovely and deadly
747
442
86
Where are my Microsoft reparations?

If you combine the hours I've spent installing ...
SP3
Turning OFF Automatic Updates ...
Turning ON Automatic Updates !
Waiting 3 hours to DL my Automatic Updates
Staring at my Blue Screen of DETH
Rolling back to a previous install of WinXP
Updating SP2 to SP3
oh wait, where's my C++?
Why am I installing various versions of c++?
Defragging my HD
Format fs=ntfs
Install SP3 (AGAIN)

... I could have developed my own OS.
Still using Windows XP?
 

CoprophagousCop

Social Distancing Warrior
Premium
2,472
2,324
357
I still have a PC with Windows XP which I use occasionally because I cannot get my compiler to work on Windows 8.1.
I never installed any service packs because I have never, to this day, connected it to the internet.
As for the PC I am using right now, turning off automatic updates was one of the first things I did with it. The updates are probably mainly for Windows Defender, which I do not need because I have a much better way to avoid viruses. They seriously make things more complicated and difficult than they need to be.
 

CoprophagousCop

Social Distancing Warrior
Premium
2,472
2,324
357
What's that?
I use software that automatically restores my hard drive every time I reboot. If I get a virus, rebooting my computer gets rid of the virus. The downside is that I need to store my documents on an external drive which is usually disconnected.

Now,, if only operating systems were written in such a way to keep mutable data separate from the application files, the application files could be put on a separate hard drive with a physical switch to make it read-only.

Also, web browsers could easily be written so that it would be impossible to get a virus directly. One would have to launch an executable file from outside of the web browser for the virus to run.

Alas, the software industry treats viruses as something that can be dealt with later. Rather than design a proactive environment that is immune to viruses, the focus is to react to viruses with so-called anti-virus software. With ever new viruses being written, this keeps a revenue stream flowing for subscription based anti-virus software companies.
 

BeautifulSniper

Lovely and deadly
747
442
86
the focus is to react to viruses with so-called anti-virus software. With ever new viruses being written, this keeps a revenue stream flowing for subscription based anti-virus software companies.
There are plenty of free anti virus programs out there. Windows Defender kicks ass.