Attached: 1 image
So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.
How can you push a tool that siphons data to a third party onto a security-critical system?
What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?
#infosec #security #openai #microsoft #windowsserver #copilot
This stuff always makes me laugh. Firstly, yes absolutely, Microsoft shouldn’t do this sort of crap. But more importantly, the person complaining about it here is shouting out for the world to hear “I don’t know how to manage Windows servers properly!”. There is one single group policy setting that stops this from happening. A single, set-and-forget GPO. Anyone managing Windows environments that isn’t aware of this, shouldn’t be managing Windows environments.
There are 5 million ways to configure windows and each have an absurd and almost by-design level of convolution. You can’t possibly expect people to know about a new GPO immediately
That is why companies will hire good sys admins who do their job and stay on top of the important group policy settings. This absolutely would not be missed by any reasonably competent IT dept.
This stuff always makes me laugh. Firstly, yes absolutely, Microsoft shouldn’t do this sort of crap. But more importantly, the person complaining about it here is shouting out for the world to hear “I don’t know how to manage Windows servers properly!”. There is one single group policy setting that stops this from happening. A single, set-and-forget GPO. Anyone managing Windows environments that isn’t aware of this, shouldn’t be managing Windows environments.
This is a ridiculous statement. Copilot should be opt-in, not opt-out and the setting is new.
Perfectly reasonable by the sysadmin to not have that already set.
There are 5 million ways to configure windows and each have an absurd and almost by-design level of convolution. You can’t possibly expect people to know about a new GPO immediately
That is why companies will hire good sys admins who do their job and stay on top of the important group policy settings. This absolutely would not be missed by any reasonably competent IT dept.