It does not allow the option of the admin approving the permission but still requiring that the user must consent. By skipping the user consent step, that increases the risk of a "drive by" attack where an attacker tricks a signed-in user into visiting a web page that includes Javascript which invokes the application (as a single page app so there is no need to know the Client Secret), automatically authenticates via SSO, and downloads the user's files without triggering any pop-up warning.
Although it has no Refresh Token, that rogue site would have access to the files as long as the Access Token lasts (by default one hour).

You should not visit any untrusted web sites, or sites that load untrusted adverts, while signed in to Entra ID SSO.

You say: fewer people are using semicolons. Ok.

I have VI.EXE from the NT4 Resource Kit on my USB stick of essential tools. It's the most portable editor Microsoft has shipped :-)

Real encryption is what protects email content after the attackers have stolen your credentials or an access token that allowed them read your mailbox.

That wall should not have been of reinforced concrete. There should have been some engineered materials arresting system after the end of the runway.

I submitted my first Y2K fix to our products in 1989 and all of our software was fully tested by 1996. I still got lots of overtime as our Y2K team lead coming up to the deadline and even had authorization to use the corporate jet if there was any customer impacting emergency that could be solved faster on location but (as expected and planned for) nothing happened.

Paul gave me an account on that KL-10 years ago, before he created the museum. I was sad when he died and sad again now it's offline.

The solution is to encrypt the confidential data. Use S/MIME but do not use Intune for key deployment as that just defeats the purpose. Use Microsoft Information Protection (MIP) but with Double Key Encryption (DKE) so that you manage the second keys yourself.

If the bill is signed into law then from 1st July fireworks may be illegal in Tennessee. Good timing!

What could possible go wrong if we leave application design and coding to AI without enough people who could understand the result? I use compilers but I am also experienced in assembler and machine language so that I can troubleshoot, debug, and find security vulnerabilities.

The interesting bit is missing "'After that, a police officer jumped into my car and did something which seemed to keep the car still". What did they do?

Actually, the Vatican used to have shares in The London Rubber Company, the makers of Durex

There are some interesting alternative theories. For example Neil Turok (Higgs Chair of Theoretical Physics at the University of Edinburgh) argues that the Standard Model of particle physics is complete and his theory actually predicts many of the parameters.
https://youtu.be/d-hPmjjjC-I

"no version of Linux is sending data to any outside source"
Check again, e.g.
https://www.bleepingcomputer.c...

My company has been working with MSFT to pilot test these features. It enables us to offer the same security controls as we do for Windows and MacOS, so Linux laptops are now allowed on our network by security policy. I am currently using an Intune enrolled & compliant laptop with Ubuntu 22.04 LTS for my daily work with Office365, Teams etc. That was not possible last year. We block access from non-compliant laptops.