97
Karl Voit :emacs: :orgmode: (@publicvoit@graz.social)
graz.socialAfter basically the whole #Microsoft #Azure cloud was hacked (see list of related sources on https://karl-voit.at/cloud/ ), the first follow-up incidents went public caused by missing containment actions:
60,000 emails were stolen from 10 #USA #StateDepartment accounts
https://www.reuters.com/world/us/chinese-hackers-stole-60000-emails-us-state-department-microsoft-hack-senate-2023-09-27/
If you didn't understand until now: basically EVERYTHING at Microsoft got hacked and Microsoft can't (or won't) get rid of the intruders. Everything authenticated by Microsoft is tainted. Even #Windows auth.
Guess what: "nobody" cares. Consulting companies will still sell Microsoft and all their legal and security compliance as a solution that makes companies and govs secure :)
Here is the thing, open-source could fix this, it has been ready for most things but… business is business.
Unfortunately things are really poised and rigged against open-source solutions and anyone who tries to push for them. The "experts" who work in consulting companies are part of this as they usually don't even know how to do things without the property solutions. Let me give you an example, once I had to work with E&Y, one of those big consulting companies, and I realized some awkward things while having conversations with both low level employees and partners / middle management, they weren't aware that there are alternatives most of the time. A manager of a digital transformation and cloud solutions team that started his career E&Y, wasn't aware that there was open-source alternatives to Google Workplace and Microsoft 365 for e-mail. I probed a TON around that and the guy, a software engineer with an university degree, didn't even know that was Postfix was and the history of email.
You've listed a lot of good reasons why open-source for business isn't used more frequently, and they're all consistent with my experience as well. Are you familiar with any consulting companies / vendors who DO advocate open-source solutions?
I've been considering starting a FOSS MSP / FOSS B2B consulting firm, but I've consistently come to the same conclusion that the tech industry and business culture here are almost innoculated against open-source. If you know any firms that DO recommend open-source solutions I'd love to check them out.
Doesn't Red Hat and the whole enterprise Linux space advocate FOSS B2B? I might be misunderstanding though
Yes, I've seen a few of those and usually their customers are smaller companies that want to cheap out on IT and/or don't consider it a priority and a cost. The irony here is that smaller companies cant fund the integration costs and development required to have useful open-source and bigger companies can but they'll simply move on to MS/other proprietary stuff because of time-to-market, corruption or because some manager thinks its safer to go with proprietary.
Now think if you after that type of costumer they'll never respect you nor pay you decently, they'll always bitch for discounts, free support and put you through all kinds of hell as everything they'll ever need is urgent and everything you propose is way too expensive or unreasonable in their little heads. <– trust me, been there :P
Kolab for email/collaboration is a good example at that https://kolabnow.com/, they're one of the major contributors of RoundCube and sell it with a bunch of other in-house developed solutions.
Anyways a few years ago I worked for a health insurance company (~200 employees, ~1 million customers) and they contracted services from a 3 guy company that had a business model similar to what you're looking for. They managed the workstations and laptops, networking and the infrastructure where the in-house software dev team deployed (OpenLDAP, Samba, Linphone/Other VOIP, Self hosted email, Jira, tons of VMs for developers, local datacenter and 3rd party datacenter).
At some point the health insurance company bought them out because they were going bankrupt and became employees as well. At the time they said it was really hard because they were unable to get more big customers like that one and the smaller ones weren't profitable (time to setup something wasn't worth it).
Nowadays the company (with those same guys and few others) runs everything on Azure + Office 365 + Jira Cloud + AWS for internally developed stuff.