
Don't flatter yourselves.
To people who give a damn about security, Microsoft are irrelevant.
Having tasted the fruit of the crowd's tree of knowledge, Microsoft has decided it likes it, and is expanding its bug bounty program to cover a broad range of online services. In this post at Technet, Redmond lists a bunch of domains that are eligible for the expanded bug bounty, including online Outlook, Office365, Sharepoint …
"Come on, just how often have you found end-users doing things in a manner thought to be unlikely/unreasonable/damn strange by the developers?"
Sarcasm?
Seriously... all the fscking time. If it isn't bullet proof an end user will put a bullet through it.
End users *ARE* unlikely/unreasonable/damn strange.
"If it isn't bullet proof an end user will put a bullet through it."
There's no such thing as bulletproof. Anything can be broken if it is deemed that the end rewards justify the time, effort and other expenditure required to do so.
Anyone who thinks that lack of security is a Microsoft-only problem is an idiot. Yes, Microsoft have made a rod for their own back with the various vulnerabilities over the years, but they were also by far and away the biggest target. But now things are shifting towards mobile devices - and surprise, surprise, it's Android, the mobile OS with the largest market share (and also the easiest to get into) that is increasingly being targeted. And doubtless, when the next big thing comes along and topples mobile, it will happen all over again there...
...their bugs and viruses have led to thousands of stories of people losing money from their accounts over the years. I have yet to read one about someone losing money directly from their account using the mobile equivalent, Android. No matter what people say Android may have malware but it doesnt lead to the horrible experiences people have had with windows by a long margin