Microsoft Defender ATP Coming to Linux! What Does it Mean?

they say it concerns the enterprise mostly … will Purism use it ?

how will it be available for everyone else ? classic distribution scheme ?

1 Like

However, when it notices an inconsistent behavior, it sends the data to Azure service (Microsoft’s cloud service). In here, it will have a collection of behavioral data and the anomalies.

I think many potential Purism customers would have a problem with the above quoted behaviour!

I would also be asking whether the product (Microsoft Defender ATP) will be open source on Linux. If not then I would give it a wide berth.


everyone - Azure is NOT github !!! … even though it’s M$ property …

This is aimed at Enterprise customers. The normal consumer wont be able to use it without paying MS for the privilege.

Regarding the sending of data to Azure: The data is sent to an Azure instance that the enterprise itself owns. This allows them to see threats across their corporate network. I didn’t read that and think MS has access to this information. In many fields and industry this would be illegal.

Furthermore, if what I just described above causes your FOSS hair to stand on end, then might I just point out that if you are a Librem One customer you are doing the EXACT same thing!

You can’t use Librem Mail, Tunnel, Chat, or Social without sending your data to THEIR servers.

Oh but it is in encrypted, you say? Guess what, enterprise customers expect encryption by default, and I would be VERY surprised if this data was getting sent to the instance unencrypted, and if while it was there it was unencrypted.

So honestly let’s not spread unnecessary FUD, and at the very least finish the article before quoting it.


It is always a question of trust. I do not trust M$ but trust Purism. I have to trust my provider of webspace (all-inkl) where my Nextcloud is running. I probably even have to trust my freedombox, which is running at home.

i’m not ! but that’s a good point nonetheless

1 Like

I’m thinking I’m agreeing with @2disbetter. Security is not an island. We exist together both digitally and physically. Microsoft has spent more time as a vociferous enemy of Linux than it has an ally. And there’s an undercurrent of concern that the Embrace, Extend, Extinguish methodology Microsoft employs against competition may drive some of their strategy. But as of today, outside of history, we have no proof that Microsoft is an enemy of GNU/Linux. They are a leading Linux kernel contributor, for example.


Patience, sidi, patience. Microsoft might actually be an ally. We’ll have to wait and see. I never thought I’d see the day where those words arranged in that order would emit from my fingertips. Nous verrons, nous verrons…