The new Outlook may give Microsoft access to third-party emails and logins - gHacks Tech News

Clerkle , 7 months ago

The title seems dramatic, but using the Outlook client to link a third-party account is supposed to connect to those emails with the respective credentials, right?

cybersandwich , 7 months ago

It was interesting because the article didn’t get too much into the details of it. But anything using Oauth2 like most major emails (eg Gmail) aren’t impacted by this. It sounds like only the ones with user name and password are sent. Without understanding more detail it’s kind of hard to be up-in-arms.

Kinda like youre saying, at some point any email app needs your credentials to get your emails. The app, necessarily, can read your emails.

The author of the article didn’t do a good job explaining the issue imo. How does it “normally” work versus what Microsoft is doing?

So many articles suck these days.

Clerkle , 7 months ago (edited 7 months ago)

At least the OAuth2 access is protected. That’s the detail I needed to see.

So many articles suck these days.

That’s the direct implication of the innate nature of capitalism. News publishers drive researchers and writers into mill writing which unfortunately involves reworded mimicry of the few who publish the original “investigative research” they recorded from the source. They’re doing it for money too, so they aren’t alloted enough time to fully investigate off they want to publish their name to juicy details first before those who can and will fully investigate it to publish a full exposé.

We expect news publishers to dramatize titles for the click-bait effect at their websites. But within a public forum platform (here), reposting the click-bait title into the community post effectively misleads forum readers because this space is personable and honest, so we expect an honest post title here. News publishers know this and exploit that in Reddit, but hopefully not here. Every time I see OPs copy-posting and running off, I have to suspect industry marketing efforts in effect, perhaps especially when OP is a bot.

I really don’t want to see Lemmy become polluted with news marketing as though this platform is at all open to the same abuse as that socialist dictatorship platform we left to be here.

deur , 7 months ago

People like you are funny because you forget that its not “Reddit” its the people who use Reddit. Guess what group a lot of people who use Lemmy are from? This is a different platform, but it has no unique identity outside of the lower amount of content and users.

Clerkle , 7 months ago

That’s nearsighted. Do you wear glasses? Do they give you headaches?

c0mbatbag3l , 7 months ago

Author is probably being vague because there’s no real issue, but people love being recreationally angry over this kind of thing so it gets clicks.

venoft , 7 months ago

It’s a little worse than that. Microsoft copies your password, credentials and all your emails to their server. Future emails then also go through their servers.

If you have a business this probably constitutes a data leak.

news.ycombinator.com/item?id=38212453

nicetriangle , 7 months ago

Man all the recent news on Microsoft products is just god awful. Ads in the OS, forced updates, pestering people when they close apps to explain why, this. Fuck sake idk how people put up with it.

db2 , 7 months ago

I don’t know why anyone is surprised. They literally invented EEE.

originalucifer , 7 months ago

i know how. i do it for work, and have completely airgapped my home work life... so that windows work laptop, i honestly do not give 2 shits about the policies applied to it.. its above my pay grade.

its only used for work, so if they want outlook to look at other work related 3rd party emails whatever.. why the fuck should i care. its not my laptop, its not even technically 'my' work.

c0mbatbag3l , 7 months ago

Seriously, I don’t get why people don’t understand this. Your work laptop is Windows? You’re concerned about them having access to private data?

Well buddy there’s an easy fix! DONT LOGIN TO YOUR PERSONAL SHIT ON YOUR WORK COMPUTER.

the_third , 7 months ago

We got a security reminder at work yesterday that, in case anyone should do BYOD in a pinch, to never enter our credentials on a third party service like Microsoft Software, Google Mail or whatever. Open source clients on open source OS only. So yeah, some companies care.

4am , 7 months ago

Aren’t they also migrating everyone’s AD to Azure (and SharePoint as well)?

netburnr , 7 months ago

Care to explain? Local AD is still there as is hybrid. On prem SharePoint still exists.

ryan , 7 months ago

Azure AD is now Entra ID. Please do not deadname the Microsoft cloud offering (even if we all think it chose kind of a dumb sounding new name 🤫).

And Microsoft is heavily pushing their cloud services of course, but you can still set up on-prem AD as an option as well as other on-prem services.

It's just that all their cross service interoperability stuff won't work as well if it's not all in the cloud. Like, all their stuff is designed to work together in the cloud and keep you entrenched in the ecosystem, like any company I guess, except I actually like using Teams/Office/SharePoint combo, it's executed well.

originalucifer , 7 months ago

not even kind of.

from the enterprise side, half their shit still only works if you have an 'on prem' AD server. there are a ton of their products that simply do not function if you are 'cloud only'.

they are no where near prepared to actually automigrate complex directories into azure/entra.. hell thats prolly why they changed the name, the 2 products will never have parity.

TenderfootGungi , 7 months ago

And linux is getting hood at gaming thanks to Steamdeck.

David_Eight , 7 months ago (edited 7 months ago)

"I fucks wit Steam Deck."

• Hood Linux

anon_8675309 , 7 months ago

I wonder if the same people who use Spark, etc are up in arms.

Lettuceeatlettuce , 7 months ago

So happy I’m on Protonmail :)

Clerkle , 7 months ago

Yeah, but that 500MB storage . . . needs a game plan.

circuscritic , 7 months ago (edited 7 months ago)

Then pay for it.

Do you want a free email that violates your privacy?

Or do you want a privacy focued one?

Pay them, but if you can’t afford to, that’s fine, just don’t complain about their free account constraints.

twhite , 7 months ago

Happy subscriber here (their lowest cost paid plan).

Clerkle , 7 months ago

Not a complaint but a question based on the fact. I wasn’t complaining, but you very much so did to me.

oKtosiTe , 7 months ago

Between the VPN, the email, the password manager and their cloud storage, I feel like I’m easily getting my money’s worth. The second they add snoozing to Proton Mail, I’m moving away from Gmail completely.

Lettuceeatlettuce , 7 months ago

Snoozing?

oKtosiTe , 7 months ago

I’m an inbox zero person. Other mail clients like Gmail and Outlook allow you to snooze message threads.

Snoozing means that you hide the message until a later time/date when you will be able to act on it or answer it. When you snooze a message you choose when it should reappear in your inbox.

Proton has previously stated that this is a planned feature.

Lettuceeatlettuce , 7 months ago

Oh I see, I’ve never heard of that before.

b3an , 7 months ago

Mozilla Thunderbird with Proton Bridge.

Clerkle , 7 months ago

Why bridged to Thunderbird?

twhite , 7 months ago

Proton doesn’t offer a desktop client, and Thunderbird is great.

Clerkle , 7 months ago

How does that not defeat the purpose of Proton?

twhite , 7 months ago

Because Proton Bridge still offers encryption:

https://github.com/ProtonMail/proton-bridge/blob/master/doc/encryption.md

Clerkle , 7 months ago

Looks like I’ll be learning about bridges.