this post was submitted on 22 Jul 2024
597 points (97.9% liked)

Programmer Humor

32410 readers
308 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 64 points 3 months ago (3 children)

Windows: exists

Crowdstrike: stabs

You: why would Microsoft stab themselves?

[–] aptgetrekt 23 points 3 months ago (3 children)

To be fair, kernel level access by third party software is kind of frowned upon in the Linux world. Ask any desktop Linux user how they feel about NVIDIA (the only third party kernel code an average Linux user will install) and their drivers randomly causing strange issues on their systems up to and including kernel panics compared to the experience on AMD where the driver is open and built into the kernel itself. For security software that needs low level visibility, there is eBPF, direct kernel level access isn't needed (though I believe CrowdStrike uses it, and thay actually did CrowdStrike Debian and Rocky Linux systems some time back).

MacOS blocked the majority of kernel extensions a few years ago as well.

Windows is the only OS where it has been designed in a way where kernel level access is the rule rather than the exception. So design flaws are at least partially at fault here.

[–] [email protected] 4 points 3 months ago* (last edited 3 months ago)

I'm so glad i got rid of my nvidia card. Having to reinstall the divers and kernel-headers every time my kernel updated was getting old.

[–] [email protected] 2 points 3 months ago

Heard from someone else (so take it with a grain of salt) that CrowdStrike and/or similar companies threatened Microsoft with an antitrust suit when Microsoft tried to force them to use an API instead of working directly with the kernel.

[–] [email protected] 2 points 3 months ago

The opinion of Linux desktop users (or any users really) do not count in the enterprise world. Somehow, if management bought in on the Crowdstrike rootkit bandwagon, you'll see it on corporate hardware. It doesn't matter if it's a bad plan; it doesn't matter if it gives an American company a backdoor to all you infrastructure; if the CISO decides everyone gets it, everyone get it.

The only thing you can really do as a lowly employee is keep any such device away from any personal info or network as if it's infected by malware (which I would argue is exactly what it is).

[–] [email protected] 19 points 3 months ago

Windows: exists

Crowdstrike: exists

Windows: open belly, right here!

Crowdstrike: stabs

Crowdstrike released bad code into prod without giving it some hours of testing in local machines or whatever. Incredible fuckup, inimaginable. But, let's not take blame out of Microsoft, if a driver is faulty the system should be resilient enough no to crap the bed on login. At least enough for IT to be able to remotely access the system and fix it. The manual work the IT world has had to do because it's lost remote access to workstations is insane.

[–] [email protected] 2 points 3 months ago

Nelson Muntz: Stop striking yourself!