The smartest thing Microsoft ever did

Welcome to Runtime! Today: why Microsoft's decision to make Satya Nadella CEO ten years ago this weekend changed the direction of one of America's most iconic tech companies, how Cloudflare got hacked and kept the receipts, and the quote of the week.

(Was this email forwarded to you? Sign up here to get Runtime each week.)

Something old, something new

It can be hard to remember that Microsoft was lost at sea ten years ago, profitable but directionless as companies like Apple and Google set the pace of the technology industry. It was so preoccupied with maintaining the businesses it had built that it was unable to see how new technologies and cultural shifts would upend those businesses.

Ten years after it tapped Satya Nadella to become only its third CEO in 48 years, Microsoft is the most valuable company on Planet Earth. Sunday marks the anniversary of one of the most important leadership transitions in recent tech history, one that allowed Microsoft to make a clean break with its past based on an understanding that the world does not revolve around Redmond, Wash.

Nadella was considered a "safe pick" for the CEO spot vacated after Steve Ballmer announced plans to step down in 2013, after it became clear that he didn't really understand what it took to move Microsoft forward.
The search for Ballmer's replacement was a media circus full of leaks suggesting Microsoft's leader would be a famous American businessman (pretty sure all the leaked names were dudes) from outside tech who would have impressed Wall Street.
Instead, the company tapped the consummate insider, an immigrant who moved to the U.S. to get a degree in computer science and broke into the business giving Excel demos.
But Nadella was very familiar inside enterprise tech circles at the time, given his instrumental role in leading Microsoft to embrace cloud computing through his role running Azure.

Nadella swiftly reoriented Microsoft around cloud services, dumped ill-considered strategies such as the Nokia boondoggle, and — perhaps most importantly — changed what it meant to work at Microsoft.

In a typically prescient post from 2019, the five-year anniversary of Nadella's appointment, longtime Microsoft watcher Mary Jo Foley put it this way: "The cultural changes he's implemented seem to have resonated with many (most?) Microsoft employees, and morale at Microsoft is up."
Those changes included pacifying the internal combat best summed up in that famous org chart and embracing the outside world, such as making peace with the open-source software community to such a degree that it's weird to remember how fiercely it fought against the very concept.
Longtime Microsoft executive Brett Arsenault described Nadella's impact to me this way in a 2020 profile for Protocol: "I think Steve was a brilliant, wonderful man. But the idea of having someone who could speak the language and come from the engineering environment, yet have such a culturally different view, and go change the people in the leadership team and really reorient the thinking …"
He didn't finish that thought, but the implication was clear: it was almost like joining a new company.

As he enters his second decade in the big chair, Nadella has once again upended Microsoft, and the entire industry, by betting the company on technology invented outside Microsoft's walls.

So far, its decision to invest in OpenAI's generative AI wizardry has been a game-changer, helping boost revenue during an otherwise tepid period of demand for enterprise tech services.
Other ideas, such as a wholehearted embrace of the metaverse, have fallen flat.
But if generative AI really is the platform shift its backers insist it will be, Microsoft is in far better shape heading into a tech transition than it was before Ballmer left to pursue his true passion in life.
And even if it isn't, Nadella remains the best person qualified to understand how to align Microsoft's internal strengths with the evolution of technology.

Turkey shoot

Cloudflare disclosed this week that it was hacked over the Thanksgiving holiday last year by attackers using stolen credentials from a breach at Okta last year, which allowed access to one of its Atlassian servers and "a limited amount of source code." No customer data was leaked during the intrusion.

"Unfortunately, we failed to rotate one service token and three service accounts (out of thousands) of credentials that were leaked during the Okta compromise," Cloudflare executives said in a blog post Thursday. The attackers also tried but failed to gain access to a server in a Sao Paulo, Brazil data center, and just in case, Cloudflare actually replaced the targeted hardware.

"Analyzing the wiki pages they accessed, bug database issues, and source code repositories, it appears they were looking for information about the architecture, security, and management of our global network," the company said, attributing the intrusion to "a nation-state attacker" after consulting with the U.S. government. It's not clear if any other companies were targeted after being caught up in the Okta breach, which impacted about 170 customers.

Quote of the week

"We are going to continue to have these cycles where people will build new workloads, they will optimize the workloads, and then they'll start new workloads. That period of massive optimization-only, and no new workloads (started), I think that has ended at this point." — Microsoft CEO Satya Nadella, indicating to financial analysts Tuesday that the market for cloud infrastructure services is starting to regain some momentum.

The Runtime roundup

Intel's huge chip factory project in Ohio will be delayed into "late 2026" thanks to what it said were "market challenges" and the fact that its government handouts aren't arriving as quickly as it would like.

AWS started charging customers clinging to old IPv4 addresses half a penny per address per hour, hoping that will spur companies to move to IPv6.

Thanks for reading — see you Tuesday!