Basically, crowdstrike wrote bad code that run as a driver, windows doesn’t like bad code in their drivers. Kernel level code is generally expected to run properly. crowdstrike’s kernel level code was really bad. Embarrassingly bad.
If the host creates a playlist and everyone can add their favorite song to the playlist, the host won’t be blamed if you add “erika”. People rightfully think you are an ignorant weirdo or a bad person, not the host.
Except that the playlists are super complex and there is no way to make sure. Like building an engine and having to make sure that no 3rd party accessory will break it. Like the parented “sand injector”.
The problem with CrowdStrike’s solution is that they got csagent.sys driver signed by WHQL, and the driver will download p-code from the internet and execute it. This allows them to push out changes without waiting for Microsoft approval.
The biggest problem occurs when you don’t sanitize your inputs and someone accidentally uploads a blank file padded with zeroes. The driver dereferences a null value, and crashes your system. Hard.
I don’t want to argue with you and I admit that my phrasing wasn’t ideal but I assumed that it was obvious that i was talking about everything that would be executed on the machine. Apparently it wasn’t.
Crowdstrike released bad code into prod without giving it some hours of testing in local machines or whatever. Incredible fuckup, inimaginable. But, let’s not take blame out of Microsoft, if a driver is faulty the system should be resilient enough no to crap the bed on login. At least enough for IT to be able to remotely access the system and fix it. The manual work the IT world has had to do because it’s lost remote access to workstations is insane.
To be fair, kernel level access by third party software is kind of frowned upon in the Linux world. Ask any desktop Linux user how they feel about NVIDIA (the only third party kernel code an average Linux user will install) and their drivers randomly causing strange issues on their systems up to and including kernel panics compared to the experience on AMD where the driver is open and built into the kernel itself. For security software that needs low level visibility, there is eBPF, direct kernel level access isn’t needed (though I believe CrowdStrike uses it, and thay actually did CrowdStrike Debian and Rocky Linux systems some time back).
MacOS blocked the majority of kernel extensions a few years ago as well.
Windows is the only OS where it has been designed in a way where kernel level access is the rule rather than the exception. So design flaws are at least partially at fault here.
Heard from someone else (so take it with a grain of salt) that CrowdStrike and/or similar companies threatened Microsoft with an antitrust suit when Microsoft tried to force them to use an API instead of working directly with the kernel.
The opinion of Linux desktop users (or any users really) do not count in the enterprise world. Somehow, if management bought in on the Crowdstrike rootkit bandwagon, you’ll see it on corporate hardware. It doesn’t matter if it’s a bad plan; it doesn’t matter if it gives an American company a backdoor to all you infrastructure; if the CISO decides everyone gets it, everyone get it.
The only thing you can really do as a lowly employee is keep any such device away from any personal info or network as if it’s infected by malware (which I would argue is exactly what it is).
Same thing would happen on Linux if someone wrote a bad kernel module and integrated it into the OS. In fact, Crowdstrike did have a similar problem a few months ago on Linux.
I’m no fan of Microsoft, but this isn’t their fault.
That is true. The issue is that because there are so many permission escalation issues in windows, that many anti malware products must run as kernel drivers.
Doesn’t Microsoft allow crowdstrike to make updates? Being such a critical part of the OS it’s up to Microsoft to ensure their procedures are robust and being followed.
How do you implement that? How is it feasible that Microsoft tests all the third party drivers?
Don’t get me wrong I believe Microsoft is partly to blame for this problem as well but for making it so hard for system admins to go around the system and solve things (as compared to Linux where you can do anything). I think sys admins would have solved this much faster if they were using Linux systems
I was just probing your argument because I guessed it was the typical nonsense of Microsoft bad, Linux good, without a good explanation
I think if it’s going on every windows computer windows should have a process in place to prevent what happened from happening. Windows are for profit, they have the money to do it right but they got greedy. A staggered rollout would have prevented most of it and is a very simple thing to require. Also if it’s going on every windows computer or most I wouldn’t consider that a third party anymore even if that’s how they keep liabilities at arms length
It’s not, its just popular. Its not windows job to police what software you choose to run on it.
However Windows does actually have an optional certification program called WHQL for kernal level drivers. Getting this certification lets updates get posted via windows’ internal updater. It checks the driver calls apis correctly and doesn’t misbehave with interrupt handling among other tests. Crowdstrike driver did pass this, and in fact there was no bug with the driver, the bug was with the configuration file. The configuration file updates about once an hour (and it really needs to do that), and does so outside the windows update process, making windows powerless to control its rollout. whql certification takes a few days to run and configuration files aren’t really in scope.
No matter how hot a woman is someone somewhere is tired of her shit.
Option 2. Don’t have kids break up with her. Be happy about it, thank God it is finally over. Then think back on how great the sex was and miss her for the rest of your life.
No matter how hot a woman is someone somewhere is tired of her shit.
This is 100% true. Not only that, but the more hot a woman is, the less she’s had to develop a loving personality and skills. I’ve gotten to the point that I won’t even consider dating anything above a 7 anymore. Those are just traps. I’d like a nice 6-7 with some hobbies, quirks, and skills pls. She would be my 10.
Totally next to the linux guy. In fact, I was in such a situation on the train before. I was just there working and the person sitting next to me noticed I had a linux desktop (in fact, GNU/Linux, btw). They were curious and vaguely interested in switching to linux for a while, so we had a nice conversation about this.
I would not bring this up myself, but it’s cool that this happens sometimes (i.e., once in a few decades of life so far)
Totally next to the linux guy. In fact, what you’re refering to as Linux is GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX. Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called Linux, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.
Thank you. In that sense I find OP’s question misleading: Option 1 should be “guy who really likes to talk about the GNU system, developed by the GNU Project”
This is the good interaction, I had the bad version:
Long ago in highschool I was interested in Linux but was thrown off it by the “Tech” group of kids who, even though we went to the same nerdy Star Trek club, told me I would be able to understand it.
I get that hurt people, hurt others; but duck those guys from 20 years in the future.
I’m getting back into interest for Linux cause I just got a Steam Deck and I’m curious as to what else I can do with a full desktop.
Good luck! The way I see it: Linux has its issues, but so do Windows and Mac OS (and others). The cool thing with Linux though is that for many problems you can create/find some form of error logs, google them, and someone online will help you. In most cases they have solved that problem already.
Windows problems often feel like black magic: Something doesn’t work, but all you can do is knock on your laptop, turn it off and on again, and pray. Unless you’re lucky and find a shady program online that you can download and install, hoping the programmers mean well.
With Mac OS, you can often solve problems by throwing money at them. But sometimes that doesn’t work and then you can’t do anything about them and just have to accept the one way to use your computer correctly.
So in that sense I don’t think Linux is “harder”. There are problems of course, but you learn to think differently about them and are often able to solve them.
Someone correct me if I’m wrong, but a garlic plant grows some form of a “seed” head, that will have miniature round bulbs in it if they aren’t clipped off that, it’s my understanding, when they are planted they’ll grow like this in the first year and into a normal garlic bulb year two. I’ve never experimented enough to know if I’m correct, but if my info is correct I’d guess either one of those got mixed in by mistake, or if your planting in the same spot as the year prior one might’ve just fallen off.
Haha yeah sorry that’s a bad pic. The scape is the curly thing that grows off the top of the plant in the spring, and then and flowers. If you’re growing garlic, you’d normally cut the scape so that the plant puts more energy into the bulb instead of the flower. Here’s a pic of the whole thing: https://programming.dev/pictrs/image/c691f28f-cea1-486c-88ce-df385e0be817.jpeg
lemmy.world
Newest