> Ibm was not in the punch card machine making business. It was in the data processing business, and still is.
IBM absolutely was in the punch card machine making business in that they were absolutely selling punch card machines and not data processing consulting. And no, they are not in the data processing business today. They are clearly a consulting company first with some software development bolted.
They actually pivoted twice from a mostly hardware company to a mostly software one and once again to a mostly service based one.
a) find a cooperative receiver of the spoofed packets
b) log/mirror packets on inbound packets at their border routers to determine which peer the packets are coming from
c) ask that peer to do the same thing etc.
You can speed things up if the destination address of the spoofed packets is in a /24 that you can afford to do disruptive experiments with; and you have a wide network with extensive peering. In that case, advertise that /24 at all your locations and to all your peers. When you get traffic, if it's from a single source, you may only need to work with one peer to find the true origin.
And it probably will be until Microsoft stops selling lifetime windows licenses because the biggest point of M365 is windows as a service. Even if you buy the other components like Intune and entra ID separately you're still way cheaper off with lifetime windows licenses. Which is what we do at work.
nobody supports 2fa on every mail request, that's just silly.
Even MS's MFA is nothing more than a token that gets stored locally ( aka, a password ) and which can be stolen and be used elsewhere ( like a password! ) by hackers.
I'm not following. Is there a TOS loophole around "cache mail data in Azure" that permits my paid account email data to be handled differently by Microsoft than, say, Chase bank handles my financial data stored somewhere in their cloud? And password? Are you claiming they have a pain text store of my password?
The expectation is generally that your message data in a free account is subject to being used for some internal purpose.
But we don't expect paid account message data to be used in any way. We pay for the service and the storage.
Maybe my expectations, while possibly naive, are nevertheless baseline and subject to change from new information.
No. I'm not. It's not the point what [company x] is doing with our data *internally*. I accept this is the age we live in. Besides, insurance and banks are the OGs of data and risk and have been mining our data for centuries.
What new are the "Free" products. I'm wondering about is the Moral Relativism and corruption of those developers, project managers, and leadership of "free" projects on the business class developers, project managers, and leadership.
Oh, I thought this was "new Outlook" that replaced Mail and not O365 Outlook.
The same way we had multiple Skype's and they were dramatically different. Is this not the case anymore? Is "new Outlook" the replacement for all Mail/Outlooks?
Security
Outlook Mobile temporarily stores and indexes user data (including email, attachments, calendar information, and contacts), along with login credentials,[28] in a "secure" form on Microsoft Azure servers located in the United States.[29] On Exchange accounts, these servers identify as a single Exchange ActiveSync user in order to fetch e-mail. Additionally, the app does not support mobile device management, nor allows administrators to control how third-party cloud storage services are used with the app to interact with their users. Concerns surrounding these security issues have prompted some firms, including the European Parliament, to block the app on their Exchange servers.[30][31][32] Microsoft maintains a separate, pre-existing Outlook Web Access app for Android and iOS.[32]
You might be surprised, if you're young enough, to hear that this is exactly how it worked for a very long time.
At my first corporate job, and my second one as well, all email was sent and received directly from/to each persons individual workstation. There was no concept of centralized email server.
(Let alone outsourcing it to some other company, that would have been completely unthinkable.)
It’s not even stolen accounts. There is a huge amount of cold sales email (spam) sent specifically through Google Workspace accounts. Google do absolutely nothing about it.
at least gmail.com has a dmarc policy p=none, so a failing dmarc check is not a reason to reject email. i don't think it's that common for small-scale installs to enforce dmarc policies. there are other signals to use though.
plenty of bigfreemail spam is actually sent from their network, they're an interesting target for spammers, and at least some of them put a lot of effort in preventing abuse.
