This article on CNN reports on testimony by the president of Microsoft to the US House Homeland Security Committee, in which he "accepts responsibility for each and every one" of the cybersecurity failures that were listed in a recent US government-backed report.

The report by the US Cyber Safety Review Board "found that Microsoft committed a 'cascade' of 'avoidable errors' that allowed Chinese hackers to breach the tech giant’s network and later the email accounts of senior US officials last year, including the secretary of commerce."

This is only what I have been writing for some time now: that MS has a poor commitment to cybersecurity, and are incompetent and slow at fixing security issues.

Governments already have an abysmal track record of keeping secrets, including those of their citizens and allies; they certainly don't need corporations making things even worse by opening governments' cyber-doors to hackers.

For me, an apology and commitment to improve is not going to suffice; ask me again when Microsoft have actually improved.

The US government is probably the largest paying customer for Microsoft products, so I am sure that MS does care; the question is, whether can they improve, and if so, how quickly and comprehensively.

Some local governments are already changing their systems over to Linux and Libre Office, so MS has only a limited window of opportunity to improve.