microsoft – Page 7

Microsoft president asks Trump to “push harder” against Russian hacks

china, Cybersecurity, Fancy Bear, hacking, microsoft, russia, Security, syndication / Beth Washington / November 22, 2024

Smith testified before the US Senate in September that Russia, China, and Iran had stepped up their digital efforts to interfere in global elections this year, including in the US.

However, Microsoft’s own security standards have come under fire in recent months. A damning report by the US Cyber Safety Review Board in March said its security culture was “inadequate,” pointing to a “cascade… of avoidable errors” that last year allowed Chinese hackers to access hundreds of email accounts, including those belonging to senior US government security officials, that were hosted on Microsoft’s cloud systems.

Microsoft chief executive Satya Nadella has said in response that the company would prioritize security “above all else,” including by tying staff remuneration to security.

The company is also making changes to its Windows operating system to help its customers recover more quickly from incidents such as July’s global IT outage caused by CrowdStrike’s botched security update.

Beyond cyber security, Smith said it was “a little early” to determine the precise impact of a second Trump administration on the technology industry. Any anticipated liberalization of M&A regulation in the US would have to be weighed up against continued scrutiny of dealmaking in other parts of the world, he said.

Smith also reiterated his plea for the US government to “help accelerate exports of key American digital technologies,” especially to the Middle East and Africa, after the Biden administration imposed export controls on AI chips, fearing the technology could leak to China.

“We really need now to standardize processes so that American technology can reach these other parts of the world as fast as Chinese technology,” he said.

Microsoft president asks Trump to “push harder” against Russian hacks Read More »

Microsoft and Atom Computing combine for quantum error correction demo

atom computing, Computer science, microsoft, Physics, quantum computing, quantum error correction, quantum mechanics, Science / Shannon Garcia / November 19, 2024

New work provides a good view of where the field currently stands.

The first-generation tech demo of Atom’s hardware. Things have progressed considerably since. Credit: Atom Computing

In September, Microsoft made an unusual combination of announcements. It demonstrated progress with quantum error correction, something that will be needed for the technology to move much beyond the interesting demo phase, using hardware from a quantum computing startup called Quantinuum. At the same time, however, the company also announced that it was forming a partnership with a different startup, Atom Computing, which uses a different technology to make qubits available for computations.

Given that, it was probably inevitable that the folks in Redmond, Washington, would want to show that similar error correction techniques would also work with Atom Computing’s hardware. It didn’t take long, as the two companies are releasing a draft manuscript describing their work on error correction today. The paper serves as both a good summary of where things currently stand in the world of error correction, as well as a good look at some of the distinct features of computation using neutral atoms.

Atoms and errors

While we have various technologies that provide a way of storing and manipulating bits of quantum information, none of them can be operated error-free. At present, errors make it difficult to perform even the simplest computations that are clearly beyond the capabilities of classical computers. More sophisticated algorithms would inevitably encounter an error before they could be completed, a situation that would remain true even if we could somehow improve the hardware error rates of qubits by a factor of 1,000—something we’re unlikely to ever be able to do.

The solution to this is to use what are called logical qubits, which distribute quantum information across multiple hardware qubits and allow the detection and correction of errors when they occur. Since multiple qubits get linked together to operate as a single logical unit, the hardware error rate still matters. If it’s too high, then adding more hardware qubits just means that errors will pop up faster than they can possibly be corrected.

We’re now at the point where, for a number of technologies, hardware error rates have passed the break-even point, and adding more hardware qubits can lower the error rate of a logical qubit based on them. This was demonstrated using neutral atom qubits by an academic lab at Harvard University about a year ago. The new manuscript demonstrates that it also works on a commercial machine from Atom Computing.

Neutral atoms, which can be held in place using a lattice of laser light, have a number of distinct advantages when it comes to quantum computing. Every single atom will behave identically, meaning that you don’t have to manage the device-to-device variability that’s inevitable with fabricated electronic qubits. Atoms can also be moved around, allowing any atom to be entangled with any other. This any-to-any connectivity can enable more efficient algorithms and error-correction schemes. The quantum information is typically stored in the spin of the atom’s nucleus, which is shielded from environmental influences by the cloud of electrons that surround it, making them relatively long-lived qubits.

Operations, including gates and readout, are performed using lasers. The way the physics works, the spacing of the atoms determines how the laser affects them. If two atoms are a critical distance apart, the laser can perform a single operation, called a two-qubit gate, that affects both of their states. Anywhere outside this distance, and a laser only affects each atom individually. This allows a fine control over gate operations.

That said, operations are relatively slow compared to some electronic qubits, and atoms can occasionally be lost entirely. The optical traps that hold atoms in place are also contingent upon the atom being in its ground state; if any atom ends up stuck in a different state, it will be able to drift off and be lost. This is actually somewhat useful, in that it converts an unexpected state into a clear error.

Image of a grid of dots arranged in sets of parallel vertical rows. There is a red bar across the top, and a green bar near the bottom of the grid. — Atom Computing’s system. Rows of atoms are held far enough apart so that a single laser sent across them (green bar) only operates on individual atoms. If the atoms are moved to the interaction zone (red bar), a laser can perform gates on pairs of atoms. Spaces where atoms can be held can be left empty to avoid performing unneeded operations. Credit: Reichardt, et al.

The machine used in the new demonstration hosts 256 of these neutral atoms. Atom Computing has them arranged in sets of parallel rows, with space in between to let the atoms be shuffled around. For single-qubit gates, it’s possible to shine a laser across the rows, causing every atom it touches to undergo that operation. For two-qubit gates, pairs of atoms get moved to the end of the row and moved a specific distance apart, at which point a laser will cause the gate to be performed on every pair present.

Atom’s hardware also allows a constant supply of new atoms to be brought in to replace any that are lost. It’s also possible to image the atom array in between operations to determine whether any atoms have been lost and if any are in the wrong state.

It’s only logical

As a general rule, the more hardware qubits you dedicate to each logical qubit, the more simultaneous errors you can identify. This identification can enable two ways of handling the error. In the first, you simply discard any calculation with an error and start over. In the second, you can use information about the error to try to fix it, although the repair involves additional operations that can potentially trigger a separate error.

For this work, the Microsoft/Atom team used relatively small logical qubits (meaning they used very few hardware qubits), which meant they could fit more of them within 256 total hardware qubits the machine made available. They also checked the error rate of both error detection with discard and error detection with correction.

The research team did two main demonstrations. One was placing 24 of these logical qubits into what’s called a cat state, named after Schrödinger’s hypothetical feline. This is when a quantum object simultaneously has non-zero probability of being in two mutually exclusive states. In this case, the researchers placed 24 logical qubits in an entangled cat state, the largest ensemble of this sort yet created. Separately, they implemented what’s called the Bernstein-Vazirani algorithm. The classical version of this algorithm requires individual queries to identify each bit in a string of them; the quantum version obtains the entire string with a single query, so is a notable case of something where a quantum speedup is possible.

Both of these showed a similar pattern. When done directly on the hardware, with each qubit being a single atom, there was an appreciable error rate. By detecting errors and discarding those calculations where they occurred, it was possible to significantly improve the error rate of the remaining calculations. Note that this doesn’t eliminate errors, as it’s possible for multiple errors to occur simultaneously, altering the value of the qubit without leaving an indication that can be spotted with these small logical qubits.

Discarding has its limits; as calculations become increasingly complex, involving more qubits or operations, it will inevitably mean every calculation will have an error, so you’d end up wanting to discard everything. Which is why we’ll ultimately need to correct the errors.

In these experiments, however, the process of correcting the error—taking an entirely new atom and setting it into the appropriate state—was also error-prone. So, while it could be done, it ended up having an overall error rate that was intermediate between the approach of catching and discarding errors and the rate when operations were done directly on the hardware.

In the end, the current hardware has an error rate that’s good enough that error correction actually improves the probability that a set of operations can be performed without producing an error. But not good enough that we can perform the sort of complex operations that would lead quantum computers to have an advantage in useful calculations. And that’s not just true for Atom’s hardware; similar things can be said for other error-correction demonstrations done on different machines.

There are two ways to go beyond these current limits. One is simply to improve the error rates of the hardware qubits further, as fewer total errors make it more likely that we can catch and correct them. The second is to increase the qubit counts so that we can host larger, more robust logical qubits. We’re obviously going to need to do both, and Atom’s partnership with Microsoft was formed in the hope that it will help both companies get there faster.

John is Ars Technica’s science editor. He has a Bachelor of Arts in Biochemistry from Columbia University, and a Ph.D. in Molecular and Cell Biology from the University of California, Berkeley. When physically separated from his keyboard, he tends to seek out a bicycle, or a scenic location for communing with his hiking boots.

Microsoft and Atom Computing combine for quantum error correction demo Read More »

Microsoft Flight Simulator 2024 arrives with a “full digital twin” of Earth

flight sim, flight simulator, gaming, microsoft, Microsoft flight simulator / DJ Henderson / November 19, 2024

You’re getting pretty close to the ground there, chief. But the good news is, you’re generating terrain for other players. Credit: Microsoft

AI learning was used for 2024‘s world mapping. It allowed for a (possibly hyperbolic) “4,000 times more” detail in textures and terrain meshes, Wloch told TechRadar. Players will see this mainly when they’re closer to ground, with the terrain generating detail on demand. Machine learning is run against tens of thousands of tiles of Earth terrains, and it does picture analysis to generate, say, wet gravel or nighttime grasslands during winter. Data generated from a player is streamed into other pilots’ games, Neumann told Rock Paper Shotgun.

Hot air balloons across a night sky. — Throw a little engine on that balloon and you’ve got yourself a Flydoo, a word I learned today. Credit: Microsoft

You can fly a balloon and a “Flydoo,” the latter of which is a balloon with a tiny engine. Aircraft and airports you customized or purchased are carried over from 2020 into 2024. EuroGamer has a list of every aircraft in the game, which includes a Joby VTOL air taxi.

Father figure pointing out an approaching helicopter to his child on a mountain ridge. — When will hikers learn to stick to the trails in Zoar Valley? Credit: Microsoft

A new Career Mode, with 26 different paths, adds some structure to the pre-existing challenges and rewards. You can start out as a rookie and work through up to 54 training courses. You then decide exactly what kind of ace you want to be. You can be a regional airline pilot, a global specialist in VIP helicopter rides, a cropduster, a firefighter, or some other kind. You can own a fleet and expand your business or stick to being a jockey for hire.

There are many animals with realistic behavior, ported in from Planet Zoo. Neumann previously worked at Frontier, the company behind Planet Zoo (and Elite: Dangerous). Wanting some of that old “animals doing things” energy, Neumann said he called Frontier’s CEO and said, “Can I have your animals?” Neumann told Sports Illustrated. So now sheep head inside when it’s raining, birds migrate, and elephants will finally be impressed with your low-level flybys—maybe.

Flight Simulator 2020 will continue to get support, according to a FAQ on the developer’s site. It’s a valid question of what “support” will look like after 2024 is released and if it matches up with the initial promise of “10 years of support.”

Microsoft Flight Simulator 2024 arrives with a “full digital twin” of Earth Read More »

FTC to launch investigation into Microsoft’s cloud business

antitrust, azure, microsoft, Policy, syndication / Kelly Newman / November 15, 2024

The FTC also highlighted fees charged on users transferring data out of certain cloud systems and minimum spend contracts, which offer discounts to companies in return for a set level of spending.

Microsoft has also attracted scrutiny from international regulators over similar matters. The UK’s Competition and Markets Authority is investigating Microsoft and Amazon after its fellow watchdog Ofcom found that customers complained about being “locked in” to a single provider, which offers discounts for exclusivity and charge high “egress fees” to leave.

In the EU, Microsoft has avoided a formal probe into its cloud business after agreeing to a multimillion-dollar deal with a group of rival cloud providers in July.

The FTC in 2022 sued to block Microsoft’s $75 billion acquisition of video game maker Activision Blizzard over concerns the deal would harm competitors to its Xbox consoles and cloud-gaming business. A federal court shot down an attempt by the FTC to block it, which is being appealed. A revised version of the deal in the meantime closed last year following its clearance by the UK’s CMA.

Since its inception 20 years ago, cloud infrastructure and services has grown to become one of the most lucrative business lines for Big Tech as companies outsource their data storage and computing online. More recently, this has been turbocharged by demand for processing power to train and run artificial intelligence models.

Spending on cloud services soared to $561 billion in 2023 with market researcher Gartner forecasting it will grow to $675 billion this year and $825 billion in 2025. Microsoft has about a 20 percent market share over the global cloud market, trailing leader Amazon Web Services that has 31 percent, but almost double the size of Google Cloud at 12 percent.

There is fierce rivalry between the trio and smaller providers. Last month, Microsoft accused Google of running “shadow campaigns” seeking to undermine its position with regulators by secretly bankrolling hostile lobbying groups.

Microsoft also alleged that Google tried to derail its settlement with EU cloud providers by offering them $500 million in cash and credit to reject its deal and continue pursuing litigation.

The FTC and Microsoft declined to comment.

FTC to launch investigation into Microsoft’s cloud business Read More »

Microsoft finally releases generic install ISOs for the Arm version of Windows

ARM, microsoft, Tech, Windows, Windows 11 / 9u50fv / November 14, 2024

For some PC buyers, doing a clean install of Windows right out of the box is part of the setup ritual. But for Arm-based PCs, including the Copilot+ PCs with Snapdragon X Plus and Elite chips in them, it hasn’t been possible in the same way. Microsoft (mostly) hasn’t offered generic install media that can be used to reinstall Windows on an Arm PC from scratch.

Microsoft is fixing that today—the company finally has a download page for the official Arm release of Windows 11, linked to but separate from the ISOs for the x86 versions of Windows. These are useful not just for because-I-feel-like-it clean installs, but for reinstalling Windows after you’ve upgraded your SSD and setting up Windows virtual machines on Arm-based PCs and Macs.

Previously, Microsoft did offer install media for some Windows Insider Preview Arm builds, though these are for beta versions of Windows that may or may not be feature-complete or stable. Various apps, scripts, and websites also exist to grab files from Microsoft’s servers and build “unofficial” ISOs for the Arm version of Windows, though obviously this is more complicated than just downloading a single file directly.

Microsoft finally releases generic install ISOs for the Arm version of Windows Read More »

Notepad.exe, now an actively maintained app, has gotten its inevitable AI update

AI, microsoft, notepad, paint, Prism, Tech, Windows 11, windows 11 24h2, windows insider / DJ Henderson / November 9, 2024

Among the decades-old Windows apps to get renewed attention from Microsoft during the Windows 11 era is Notepad, the basic built-in text editor that was much the same in early 2021 as it had been in the ’90 and 2000s. Since then, it has gotten a raft of updates, including a visual redesign, spellcheck and autocorrect, and window tabs.

Given Microsoft’s continuing obsession with all things AI, it’s perhaps not surprising that the app’s latest update (currently in preview for Canary and Dev Windows Insiders) is a generative AI feature called Rewrite that promises to adjust the length, tone, and phrasing of highlighted sentences or paragraphs using generative AI. Users will be offered three rewritten options based on what they’ve highlighted, and they can select the one they like best or tell the app to try again.

Rewrite appears to be based on the same technology as the Copilot assistant, since it uses cloud-side processing (rather than your local CPU, GPU, or NPU) and requires Microsoft account sign-in to work. The initial preview is available to users in the US, France, the UK, Canada, Italy, and Germany.

If you don’t care about AI or you don’t sign in with a Microsoft account, note that Microsoft is also promising substantial improvements in launch time with this version of Notepad. “Most users will see app launch times improve by more than 35 percent, with some users seeing improvements of 55 percent or more,” reads the blog post by Microsoft’s Windows apps manager Dave Grochocki.

Notepad.exe, now an actively maintained app, has gotten its inevitable AI update Read More »

Thousands of hacked TP-Link routers used in years-long account takeover attacks

Biz & IT, botnets, microsoft, password spraying, Security, tp-link / 9u50fv / November 2, 2024

Hackers working on behalf of the Chinese government are using a botnet of thousands of routers, cameras, and other Internet-connected devices to perform highly evasive password spray attacks against users of Microsoft’s Azure cloud service, the company warned Thursday.

The malicious network, made up almost entirely of TP-Link routers, was first documented in October 2023 by a researcher who named it Botnet-7777. The geographically dispersed collection of more than 16,000 compromised devices at its peak got its name because it exposes its malicious malware on port 7777.

Account compromise at scale

In July and again in August of this year, security researchers from Serbia and Team Cymru reported the botnet was still operational. All three reports said that Botnet-7777 was being used to skillfully perform password spraying, a form of attack that sends large numbers of login attempts from many different IP addresses. Because each individual device limits the login attempts, the carefully coordinated account-takeover campaign is hard to detect by the targeted service.

On Thursday, Microsoft reported that CovertNetwork-1658—the name Microsoft uses to track the botnet—is being used by multiple Chinese threat actors in an attempt to compromise targeted Azure accounts. The company said the attacks are “highly evasive” because the botnet—now estimated at about 8,000 strong on average—takes pains to conceal the malicious activity.

“Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to multiple organizations in a short amount of time,” Microsoft officials wrote. “This scale, combined with quick operational turnover of compromised credentials between CovertNetwork-1658 and Chinese threat actors, allows for the potential of account compromises across multiple sectors and geographic regions.

Some of the characteristics that make detection difficult are:

The use of compromised SOHO IP addresses
The use of a rotating set of IP addresses at any given time. The threat actors had thousands of available IP addresses at their disposal. The average uptime for a CovertNetwork-1658 node is approximately 90 days.
The low-volume password spray process; for example, monitoring for multiple failed sign-in attempts from one IP address or to one account will not detect this activity.

Thousands of hacked TP-Link routers used in years-long account takeover attacks Read More »

Microsoft delays rollout of the Windows 11 Recall feature yet again

microsoft, Tech, Windows 11, windows 11 24h2, windows recall / Mike M. / November 1, 2024

“We are committed to delivering a secure and trusted experience with Recall. To ensure we deliver on these important updates, we’re taking additional time to refine the experience before previewing it with Windows Insiders,” said Microsoft Windows Insider Senior Program Manager Brandon LeBlanc in a statement provided to The Verge.

LeBlanc didn’t offer additional details on the latest Recall delay or make any new announcements about other security precautions Microsoft is taking with the feature. The company’s September blog post detailed how data was being protected using Windows’ Virtualization-Based Security (VBS) features and Windows Hello authentication and reiterated that Recall will be opt-in by default and that it will be fully removable for Windows users who aren’t interested in using it.

When it does start to roll out, Recall will still require a Copilot+ PC, which gets some AI-related features not available to typical Windows 11 PCs. To meet the Copilot+ requirements, PCs must have at least 16GB of RAM and 256GB of storage, plus a neural processing unit (NPU) that can perform at least 40 trillion operations per second (TOPS). Users will also need their PCs to be enrolled in the Windows Insider Program; we have no idea when non-Windows Insider PCs will start getting Recall, though at this point, it seems likely it won’t be until sometime in 2025.

Microsoft delays rollout of the Windows 11 Recall feature yet again Read More »

Call of Duty: Black Ops 6 accounted for 19% of Comcast Internet traffic last week

Activision, Call of Duty, Call of Duty Black Ops 6, Comcast, Game Pass, gaming, microsoft, Satya Nadella / Mike M. / October 31, 2024

You might think that since Call of Duty: Black Ops 6 (which was released last Friday) is the 21st game in the franchise, it wouldn’t be that highly anticipated. You’d be wrong. Last week’s entry set multiple records when it launched.

Specifically, Microsoft CEO Satya Nadella said the game set new records for Game Pass subscribers, particularly for a first-day game launch. That’s, of course, to be expected—Call of Duty was a major reason why Microsoft acquired Activision, the longtime publisher of the series.

It gets a little zanier, though. The Internet service provider Comcast says Black Ops 6 was directly responsible for 19 percent of its overall traffic the week of the launch, according to a report in The Verge.

That’s partly due to the game’s popularity, but it can also be attributed to its huge file size. A full install of Black Ops 6 can take up to just over 100GB, depending on your platform—and possibly as much as 300GB if you also install game modes tied to the previous entries in the series, like the immensely popular battle royale Warzone. That will wreak havoc on users’ data caps; Comcast imposes a 1.2TB monthly cap in many states.

Call of Duty: Black Ops 6 accounted for 19% of Comcast Internet traffic last week Read More »

Microsoft reports big profits amid massive AI investments

Activision, AI, azure, earnings, microsoft, Tech / DJ Henderson / October 30, 2024

Microsoft reported quarterly earnings that impressed investors and showed how resilient the company is even as it spends heavily on AI.

Some investors have been uneasy about the company’s aggressive spending on AI, while others have demanded it. During this quarter, Microsoft reported that it spent $20 billion on capital expenditures, nearly double what it had spent during the same quarter last year.

However, the company satisfied both groups of investors, as it revealed it has still been doing well in the short term amid those long-term investments. The fiscal quarter, which covered July through September, saw overall sales rise 16 percent year over year to $65.6 billion. Despite all that AI spending, profits were up 11 percent, too.

The growth was largely driven by Azure and cloud services, which saw a 33 percent increase in revenue. The company attributed 12 percent of that to AI-related products and services.

Meanwhile, Microsoft’s gaming division continued to challenge long-standing assumptions that hardware is king, with Xbox content and services posting 61 percent increased year-over-year revenue despite a 29 percent drop in hardware sales.

Microsoft has famously been inching away from the classic strategy of keeping software and services exclusive to its hardware, launching first-party games like Sea of Thieves not just on PC but on the competing PlayStation 5 console from Sony. Compared to the Xbox, the PlayStation is dominant in sales and install base for this generation.

But don’t make the mistake of assuming that a 61 percent jump in content and services revenue is solely because Microsoft’s Game Pass subscription service is taking off. The company attributed 53 points of that to the recent $69 billion Activision acquisition.

Microsoft reports big profits amid massive AI investments Read More »

GitHub Copilot moves beyond OpenAI models to support Claude 3.5, Gemini

AI, Anthropic, Claude 3.5 Sonnet, coding, developer, Gemini 1.5 Pro, GitHub, GitHub Copilot, Google, GPT o1-mini, GPT o1-preview, GPT-4o, microsoft, openai, Programming, Tech, VS Code / Beth Washington / October 29, 2024

The large language model-based coding assistant GitHub Copilot will switch from using exclusively OpenAI’s GPT models to a multi-model approach over the coming weeks, GitHub CEO Thomas Dohmke announced in a post on GitHub’s blog.

First, Anthropic’s Claude 3.5 Sonnet will roll out to Copilot Chat’s web and VS Code interfaces over the next few weeks. Google’s Gemini 1.5 Pro will come a bit later.

Additionally, GitHub will soon add support for a wider range of OpenAI models, including GPT o1-preview and o1-mini, which are intended to be stronger at advanced reasoning than GPT-4, which Copilot has used until now. Developers will be able to switch between the models (even mid-conversation) to tailor the model to fit their needs—and organizations will be able to choose which models will be usable by team members.

The new approach makes sense for users, as certain models are better at certain languages or types of tasks.

“There is no one model to rule every scenario,” wrote Dohmke. “It is clear the next phase of AI code generation will not only be defined by multi-model functionality, but by multi-model choice.”

It starts with the web-based and VS Code Copilot Chat interfaces, but it won’t stop there. “From Copilot Workspace to multi-file editing to code review, security autofix, and the CLI, we will bring multi-model choice across many of GitHub Copilot’s surface areas and functions soon,” Dohmke wrote.

There are a handful of additional changes coming to GitHub Copilot, too, including extensions, the ability to manipulate multiple files at once from a chat with VS Code, and a preview of Xcode support.

GitHub Spark promises natural language app development

In addition to the Copilot changes, GitHub announced Spark, a natural language tool for developing apps. Non-coders will be able to use a series of natural language prompts to create simple apps, while coders will be able to tweak more precisely as they go. In either use case, you’ll be able to take a conversational approach, requesting changes and iterating as you go, and comparing different iterations.

GitHub Copilot moves beyond OpenAI models to support Claude 3.5, Gemini Read More »

TSA silent on CrowdStrike’s claim Delta skipped required security update

Crowdstrike, crowdstrike falcon, Cybersecurity, Delta, DOT, global it outage, it outage, microsoft, Policy, TSA / DJ Henderson / October 29, 2024

We’re all trying to find the guy who did this

CrowdStrike and Delta’s legal battle has begun. Will Microsoft be sued next?

Travelers sit with their luggage on the check-in floor of the Delta Air Lines terminal at Los Angeles International Airport (LAX) on July 23, 2024 in Los Angeles, California. Credit: Mario Tama / Staff | Getty Images News

Delta and CrowdStrike have locked legal horns, threatening to drag out the aftermath of the worst IT outage in history for months or possibly years.

Each refuses to be blamed for Delta’s substantial losses following a global IT outage caused by CrowdStrike suddenly pushing a flawed security update despite Delta and many other customers turning off auto-updates.

CrowdStrike has since given customers more control over updates and made other commitments to ensure an outage of that scale will never happen again, but Delta isn’t satisfied. The airline has accused CrowdStrike of willfully causing losses by knowingly deceiving customers by failing to disclose an unauthorized door into their operating systems that enabled the outage.

In a court filing last Friday, Delta alleged that CrowdStrike should be on the hook for the airline’s more than $500 million in losses—partly because CrowdStrike has admitted that it should have done more testing and staggered deployments to catch the bug before a wide-scale rollout that disrupted businesses worldwide.

“As a result of CrowdStrike’s failure to use a staged deployment and without rollback capabilities, the Faulty Update caused widespread and catastrophic damage to millions of computers, including Delta’s systems, crashing Delta’s workstations, servers, and redundancy systems,” Delta’s complaint said.

Delta has further alleged that CrowdStrike postured as a certified best-in-class security provider who “never cuts corners” while secretly designing its software to bypass Microsoft security certifications in order to make changes at the core of Delta’s computing systems without Delta’s knowledge.

“Delta would have never agreed to such a dangerous process had CrowdStrike disclosed it,” Delta’s complaint said.

In testimony to Congress, CrowdStrike executive Adam Meyers suggested that the faulty update did follow standard protocols. He explained that “CrowdStrike’s software code is certified by Microsoft” and that it’s “updated less frequently,” and “new configurations are sent with rapid occurrence to protect against threats as they evolve,” not to bypass security checks, as Delta alleged.

But by misleading customers about these security practices, Delta alleged, CrowdStrike put “profit ahead of protection and software stability.” As Delta sees it, CrowdStrike built in the unauthorized door so that it could claim to resolve security issues more quickly than competitors. And if a court agrees that CrowdStrike’s alleged failure to follow standard industry best practices does constitute, at the very least, “gross negligence,” Delta could win.

“While we aimed to reach a business resolution that puts customers first, Delta has chosen a different path,” CrowdStrike’s spokesperson told Ars. “Delta’s claims are based on disproven misinformation, demonstrate a lack of understanding of how modern cybersecurity works, and reflect a desperate attempt to shift blame for its slow recovery away from its failure to modernize its antiquated IT infrastructure. We have filed for a declaratory judgment to make it clear that CrowdStrike did not cause the harm that Delta claims and they repeatedly refused assistance from both CrowdStrike and Microsoft. Any claims of gross negligence and willful misconduct have no basis in fact.”

CrowdStrike sues to expose Delta’s IT flaws

In its court filing, however, CrowdStrike said there’s much more to the story than that. It has accused Delta of failing to follow laws, including best practices established by the Transportation Security Administration (TSA).

While many CrowdStrike customers got systems back up and running within a day of the outage, Delta’s issues stretched painfully for five days, disrupting travel for a million customers. According to CrowdStrike, the prolonged delay at Delta was not due to CrowdStrike failing to provide adequate assistance but allegedly to Delta’s own negligence to comply with TSA requirements designed to ensure that no major airline ever experiences prolonged system outages.

“Despite the immediate response from CrowdStrike, it was Delta’s own response and IT infrastructure that caused delays in Delta’s ability to resume normal operation, resulting in a longer recovery period than other major airlines,” CrowdStrike’s complaint said.

In March 2023, the TSA added a cybersecurity emergency amendment to its cybersecurity programs. The amendment required airlines like Delta to develop “policies and controls to ensure that operational technology systems can continue to safely operate in the event that an information technology system has been compromised,” CrowdStrike’s complaint said.

Complying with the amendment ensured that airlines could “timely” respond to any exploitation of their cybersecurity or operating systems, CrowdStrike explained.

CrowdStrike realized that Delta was allegedly non-compliant with the TSA requirement and other laws when its “efforts to help remediate the issues revealed” alleged “technological shortcomings and failures to follow security best practices, including outdated IT systems, issues in Delta’s active directory environment, and thousands of compromised passwords.”

TSA declined Ars’ request to comment on whether it has any checks in place to ensure compliance with the emergency amendment.

While TSA has made no indication so far that it intends to investigate CrowdStrike’s claims, the Department of Transportation (DOT) is currently investigating Delta’s seemingly inferior customer service during the outage. That probe could lead to monetary fines, potentially further expanding Delta’s losses.

In a statement, DOT Secretary Pete Buttigieg said, “We have made clear to Delta that they must take care of their passengers and honor their customer service commitments. This is not just the right thing to do, it’s the law, and our department will leverage the full extent of our investigative and enforcement power to ensure the rights of Delta’s passengers are upheld.”

On X (formerly Twitter), Buttigieg said that the probe was sparked after DOT received hundreds of complaints about Delta’s response. A few days later, Buttigieg confirmed that the probe would “ensure the airline is following the law and taking care of its passengers during continued widespread disruptions.” But DOT declined Ars’ request to comment on whether DOT was investigating Delta’s alleged non-compliance with TSA security requirements, only noting that “TSA is not part of DOT.”

Will Microsoft be sued next?

Delta has been threatening legal action over the CrowdStrike outage since August, when Delta confirmed in an SEC filing that the outage caused “approximately 7,000 flight cancellations over five days.” At that time, Delta CEO Ed Bastian announced, “We are pursuing legal claims against CrowdStrike and Microsoft to recover damages caused by the outage, which total at least $500 million.”

But Delta’s lawsuit Friday notably does not name Microsoft as a defendant.

Ars could not immediately reach Delta’s lawyer, David Boies, to confirm if another lawsuit may be coming or if that legal threat to Microsoft was dropped.

It could be that Microsoft dissuaded Delta from filing a complaint. Immediately in August, Microsoft bucked Delta’s claims that the tech giant was in any way liable for Delta’s losses, The Register reported. In a letter to Boies, Microsoft lawyer Mark Cheffo wrote that Microsoft “empathizes” with Delta, but Delta’s public comments blaming Microsoft for the outage are “incomplete, false, misleading, and damaging to Microsoft and its reputation.”

“The truth is very different from the false picture you and Delta have sought to paint,” Cheffo wrote, noting that Microsoft did not cause the outage and Delta repeatedly turned down Microsoft’s offers to help restore its systems. That includes one instance where a Delta employee allegedly responded to a Microsoft inquiry three days after the outage by saying that Delta was “all good.” Additionally, a message from Microsoft CEO Satya Nadella to Delta’s Bastian allegedly went unanswered.

Cheffo alleged that Delta was cagey about accepting Microsoft’s help because “the IT system it was most having trouble restoring—its crew-tracking and scheduling system—was being serviced by other technology providers, such as IBM, because it runs on those providers’ systems, and not Microsoft Windows or Azure.”

According to Cheffo, Microsoft was “surprised” when Delta threatened to sue since the issues seemed to be with Delta’s IT infrastructure, not Microsoft’s services.

“Microsoft continues to investigate the circumstances surrounding the CrowdStrike incident to understand why other airlines were able to fully restore business operations so much faster than Delta, including American Airlines and United Airlines,” Cheffo wrote. “Our preliminary review suggests that Delta, unlike its competitors, apparently has not modernized its IT infrastructure, either for the benefit of its customers or for its pilots and flight attendants.”

At that time, Cheffo told Boies that Microsoft planned to “vigorously defend” against any litigation. Additionally, Microsoft’s lawyer demanded that Delta preserve documents, including ones showing “the extent to which non-Microsoft systems or software, including systems provided and/or designed by IBM, Oracle, Amazon Web Services, Kyndryl or others, and systems using other operating systems, such as Linux, contributed to the interruption of Delta’s business operations between July 19 and July 24.”

It seems possible that Cheffo’s letter spooked Delta out of naming Microsoft as a defendant in the lawsuit over the outage, potentially to avoid a well-resourced opponent or to save public face if Microsoft’s proposed discovery threatened to further expose Delta’s allegedly flawed IT infrastructure.

Microsoft declined Ars’ request to comment.

CrowdStrike says TOS severely limits damages

CrowdStrike appears to be echoing Microsoft’s defense tactics, arguing that Delta struggled to recover due to its own IT failures.

According to CrowdStrike, even if Delta’s breach of contract claims are valid, CrowdStrike’s terms of service severely limit damages. At most, CrowdStrike’s terms stipulate, damages owed to Delta may be “two times the value of the fees paid to service provider for the relevant subscription services subscription term,” which is likely substantially less than $500 million.

And Delta wants much more than lost revenue returned. Beyond the $500 million in losses, the airline has asked a Georgia court to calculate punitive damages and recoup Delta for future revenue losses as its reputation took a hit due to public backlash from Delta’s lackluster response to the outage.

“CrowdStrike must ‘own’ the disaster it created,” Delta’s complaint said, alleging that “CrowdStrike failed to exercise the slight diligence or care of the degree that persons of common sense, however inattentive they may be, would use under the same or similar circumstances.”

CrowdStrike is hoping a US district court jury will agree that Delta was the one that dropped the ball the most as the world scrambled to recover from the outage. The cybersecurity company has asked the jury to declare that any potential damages are limited by CrowdStrike’s subscriber terms and that “CrowdStrike was not grossly negligent and did not commit willful misconduct in any way.”

This story was updated to include CrowdStrike’s statement.

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

TSA silent on CrowdStrike’s claim Delta skipped required security update Read More »