It's more like if someone tried to delete/hack your account but you send a confirmation email to protect such a thing, and Microsoft clicked on the accept & delete account button in that email. So you deleted the user's account.
Do you know what users like less than inconvenient security? It's when "security" deletes all of their important data.
Again, still have to draw the line of what's acceptable somewhere. All I'm saying is you don't have to ruin your software because someone else is an idiot. Don't punish everyone because it makes the problem somebody else's to fix... That's what Microsoft is doing here, and it's obviously bad.
> It's more like if someone tried to delete/hack your account but you send a confirmation email to protect such a thing, and Microsoft clicked on the accept & delete account button in that email. So you deleted the user's account.
And then the user says "why did you delete my account?" and you say "well I chose not to support outlook but I didn't tell you that at the start" and the user says "that's stupid, everyone uses outlook" and leaves a bad review
It is not my job to tell Microsoft to correct their behavior and follow standards.
There are standards for a reason [1] and if you break them, no matter how good your intentions you are in the wrong because you've changed the expected behavior. Full stop.
The Internet works because everyone has agreed to follow standards. If Google woke up one day and decided that every IP address that ended in an odd number would receive a captcha every time they searched people would understandably get pissed off. Well ISPs have thousands of IP addresses so for the convenience of the user it's the ISPs that need to assign their users IP addresses ending in an even number so that they can search without captchas, right? No!
Same thing here. Just because Microsoft and Google benefit from economies of scale and have many users does not give them a pass to break standards whenever they see fit. There is a reason why we have RFCs and mailing lists to have these sorts of discussions.
I'm not arguing that it's good that MS is doing something insane, I'm arguing that you can't take the moral high ground and act as if they're not doing that insane thing.
There may be standards for the internet but people do not implement them correctly or consistently and the internet works because everyone adds workarounds for everyone else until things basically kinda work out.
> and Microsoft clicked on the accept & delete account button
If that happened, could one plausibly make a legal case that Microsoft is "hacking" the sites/users by stealing sensitive security info and making unauthorized actions?
Do you know what users like less than inconvenient security? It's when "security" deletes all of their important data.
Again, still have to draw the line of what's acceptable somewhere. All I'm saying is you don't have to ruin your software because someone else is an idiot. Don't punish everyone because it makes the problem somebody else's to fix... That's what Microsoft is doing here, and it's obviously bad.