You are viewing a single thread.
View all comments
-23 points

So why is this considered a crowdstrike issue and not a Microsoft fuckup?

permalink
report
reply
64 points

Windows: exists

Crowdstrike: stabs

You: why would Microsoft stab themselves?

permalink
report
parent
reply
23 points

To be fair, kernel level access by third party software is kind of frowned upon in the Linux world. Ask any desktop Linux user how they feel about NVIDIA (the only third party kernel code an average Linux user will install) and their drivers randomly causing strange issues on their systems up to and including kernel panics compared to the experience on AMD where the driver is open and built into the kernel itself. For security software that needs low level visibility, there is eBPF, direct kernel level access isn’t needed (though I believe CrowdStrike uses it, and thay actually did CrowdStrike Debian and Rocky Linux systems some time back).

MacOS blocked the majority of kernel extensions a few years ago as well.

Windows is the only OS where it has been designed in a way where kernel level access is the rule rather than the exception. So design flaws are at least partially at fault here.

permalink
report
parent
reply
4 points
*

I’m so glad i got rid of my nvidia card. Having to reinstall the divers and kernel-headers every time my kernel updated was getting old.

permalink
report
parent
reply
2 points

Heard from someone else (so take it with a grain of salt) that CrowdStrike and/or similar companies threatened Microsoft with an antitrust suit when Microsoft tried to force them to use an API instead of working directly with the kernel.

permalink
report
parent
reply
2 points

The opinion of Linux desktop users (or any users really) do not count in the enterprise world. Somehow, if management bought in on the Crowdstrike rootkit bandwagon, you’ll see it on corporate hardware. It doesn’t matter if it’s a bad plan; it doesn’t matter if it gives an American company a backdoor to all you infrastructure; if the CISO decides everyone gets it, everyone get it.

The only thing you can really do as a lowly employee is keep any such device away from any personal info or network as if it’s infected by malware (which I would argue is exactly what it is).

permalink
report
parent
reply
19 points

Windows: exists

Crowdstrike: exists

Windows: open belly, right here!

Crowdstrike: stabs

Crowdstrike released bad code into prod without giving it some hours of testing in local machines or whatever. Incredible fuckup, inimaginable. But, let’s not take blame out of Microsoft, if a driver is faulty the system should be resilient enough no to crap the bed on login. At least enough for IT to be able to remotely access the system and fix it. The manual work the IT world has had to do because it’s lost remote access to workstations is insane.

permalink
report
parent
reply
2 points

Nelson Muntz: Stop striking yourself!

permalink
report
parent
reply
24 points

Basically, crowdstrike wrote bad code that run as a driver, windows doesn’t like bad code in their drivers. Kernel level code is generally expected to run properly. crowdstrike’s kernel level code was really bad. Embarrassingly bad.

If the host creates a playlist and everyone can add their favorite song to the playlist, the host won’t be blamed if you add “erika”. People rightfully think you are an ignorant weirdo or a bad person, not the host.

permalink
report
parent
reply
-2 points

OTOH, if you build a playlist manager for playlists everyone can add to, you make sure nothing anyone adds will break it…

permalink
report
parent
reply
6 points

Except that the playlists are super complex and there is no way to make sure. Like building an engine and having to make sure that no 3rd party accessory will break it. Like the parented “sand injector”.

permalink
report
parent
reply
6 points

They were legally not allowed to as part of an agreement to not be s monopoly and allow competition.

permalink
report
parent
reply
5 points

Well do you want to have Microsoft approving EVERY driver for windows? Rip 3rd party open source drivers for retro hardware

permalink
report
parent
reply
19 points

Can you explain why you think this is a Microsoft issue?

permalink
report
parent
reply
0 points

Doesn’t Microsoft allow crowdstrike to make updates? Being such a critical part of the OS it’s up to Microsoft to ensure their procedures are robust and being followed.

permalink
report
parent
reply
1 point
*

How do you implement that? How is it feasible that Microsoft tests all the third party drivers?

Don’t get me wrong I believe Microsoft is partly to blame for this problem as well but for making it so hard for system admins to go around the system and solve things (as compared to Linux where you can do anything). I think sys admins would have solved this much faster if they were using Linux systems

I was just probing your argument because I guessed it was the typical nonsense of Microsoft bad, Linux good, without a good explanation

permalink
report
parent
reply
10 points

Same thing would happen on Linux if someone wrote a bad kernel module and integrated it into the OS. In fact, Crowdstrike did have a similar problem a few months ago on Linux.

I’m no fan of Microsoft, but this isn’t their fault.

permalink
report
parent
reply
4 points

An OS should not have to require a 3rd party driver for security.

Microsoft should be writing that driver as an OS component. Drivers should be restricted for taking to hardware.

permalink
report
parent
reply
3 points

I thought only people who subscribed to CrowdStrike’s services had that driver installed.

permalink
report
parent
reply
1 point
Deleted by creator
permalink
report
parent
reply

Programmer Humor

!programmerhumor@lemmy.ml

Create post

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

  • Posts must be relevant to programming, programmers, or computer science.
  • No NSFW content.
  • Jokes must be in good taste. No hate speech, bigotry, etc.

Community stats

  • 5.2K

    Monthly active users

  • 878

    Posts

  • 8.8K

    Comments

Community moderators