Justice Department Arrests Prolific Chinese State-Sponsored Contract Hacker
justice.govWhat a sham.
> Their exploitation of Microsoft Exchange Server was at the forefront of a massive campaign targeting thousands of computers worldwide
I would love to blame Microsoft here.
But really the fault lies with those responsible for the regulations regarding security and the lack of financial penalties (to incentivise the behaviour we need from Microsoft).
Microsoft is a corporation that needs to be correctly incentivised. It has no feelings, and if it is not correctly incentivised then who is to blame?
Every software engineer knows how good Microsoft security has always been, and why that is the result of ongoing incentives.
Too many people on HN try to blame engineers for everything.
We mostly seem to accept systematic failures (or we complain but lack authority or ability to fix there systems).
People are the root cause, and we have individual incentives, but we never penalise those that create the systematic failure points (only victimise some rando workers on the front-line doing a job for their government).