this post was submitted on 23 Jul 2024
60 points (100.0% liked)

TechTakes

1481 readers
370 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago
MODERATORS
 

Kind of sharing this because the headline is a little sensationalist and makes it sound like MS is hard right (they are, but not like this) and anti-EU.

I mean, they probably are! Especially if it means MS is barred from monopolies and vertical integration.

top 28 comments
sorted by: hot top controversial new old
[–] [email protected] 46 points 4 months ago (1 children)

If windows wasn't so shitty then nobody would need extra software to protect their systems.

[–] [email protected] 45 points 4 months ago (1 children)

Microsoft has Windows Defender, its in-house alternative to CrowdStrike, but because of the 2009 agreement made to avoid a European competition investigation, had allowed multiple security providers to install software at the kernel level.

Lmao what

[–] [email protected] 15 points 4 months ago (3 children)

I’ve always insisted that Defender is the best AntiVirus and Intrusion prevention solution for any Windows Machine.

MS has a vested interest in making sure nothing bad gets publicised about their OS. As long as the threat exists, (and barring regulatory restrictions) MS will maintain the best intrusion prevention and detection features.

The AntiVirus industry has a vested interest in scaring people into continuing to pay their subscriptions. There are even some conspiracy theories going around that some AV vendors actually pushed viruses into the wild that they could intercept but their competitors couldn’t.

Apple Computers have a reputation of not having viruses (even through they do) partially due to the Security/Obscurity myth and partially because they lock down macOS and have tightly integrated in-house virus detection. The other reason is that their user base is almost exclusively End-User Retail, which is not currently a profitable target.

[–] [email protected] 21 points 4 months ago* (last edited 4 months ago) (3 children)

i find the level of ms apologia unsettling. remember, we're only a few news cycles away from the time ms almost shipped windows with spyware and keylogger built-in

[–] [email protected] 7 points 4 months ago (1 children)

This is a unique situation because absolutely everyone involved deserves to go bankrupt and disappear into the darkness.

You have a closed-source OS that causes a vast swath of our infrastructure vulnerable to MSFT's whims and incompetence, and built on top a closed-source AV market that allows the infra to be extremely vulnerable in a second, unrelated way, plus the cross-product of them both since AV gets so tightly integrated to the kernel.

Until we can force MSFT to open-source Windows with a small military invasion of Redmond or some shit, maybe at least this will make people think twice before they install "anti"malware from an equally untransparent corpo straight into mission-critical infrastructure like a horny teenager putting his raw dog into a coconut.

[–] [email protected] 8 points 4 months ago

yup.

also: it was microsoft's business decision to make the api required for av (or, more general security subsystems) to function so low-level that it has to be delivered as a kernel driver and operate in ring0. i guess it's primarily for the performance reasons, but still, there are other technical options. someone made the executive decision there.

on the other hand, it was crowdstrike's business decision to make the bloody update parser run in ring0, and without verification that the update data is correct, nobody forced them to do it that way.

let them both burn.

[–] [email protected] -2 points 4 months ago (1 children)

Best summary;

The whole problem with Microsoft in general is that they want to be Apple. They want their own hardware & software ecosystem that they rule over with absolute power. But culturally they're not Apple, they're a child that needs 24/7 adult supervision. They can't and won't do security, their track record of handling all types of incidents is abysmal, and they're absolutely terrified of making any changes that might mildly inconvenience enterprise customers. They want all the benefits of controlling their own ecosystem, but will take on exactly zero of the responsibilities. They literally cannot be trusted to secure their own ecosystem and the EU for sure knew this.

https://infosec.exchange/@malwaretech/112837847830156923

[–] [email protected] 7 points 4 months ago

and they’re absolutely terrified of making any changes that might mildly inconvenience enterprise customers

Correction, they don't think about such changes at all. There are no other concerns than those of big-paying customers, and even then you need a bunch of big enterprise customers request something for the thing to even end up being considered for the backlog.

[–] [email protected] 14 points 4 months ago

macOS has some level of application sandboxing, Windows apps, in practice, have none. They tried it a bit years ago but immediately gave up. Antivirus has always been the dumbest solution.

[–] [email protected] 4 points 4 months ago* (last edited 4 months ago) (1 children)

As vehemently anti-Microsoft as I am (and seeing this with Apple tinted glasses), I have to agree. I believe Apple having full control over their kernel is best for users because of the same arguments you’ve made — I can’t argue that Apple should while saying Microsoft should not.

I don’t really know anything about Defender but I do believe the software vendor itself should be and is responsible. I’m very liberal and I love what the EU is doing in some areas but I think some of it (like this) is a bit over the top.

[–] [email protected] 6 points 4 months ago (1 children)

If they’d made their OS anywhere near reasonably constructed antivirus would be mostly snake oil and nobody would be in trouble. The trouble starts when antivirus software is necessary, at which point third-party antivirus software sort of has to be an option and then you’ve got this mess.

[–] [email protected] 3 points 4 months ago

Agreed 💯

[–] [email protected] 31 points 4 months ago (1 children)

I can't get over how absolutely awful everything and everyone involved is here.

The terrible Windows kernel, the awful MSFT practices, the horrible engineering decisions, and the propretiary AntiVirus market that shouldn't exist as it is an afront to everything good and beautiful in this world. People who shouldn't be trusted with a soft cushion out of concern that they'd wreck havoc, but vested with so much real power they can bring down airports, hospitals, half of the global infrastructure to a screeching halt.

We should be suing Bill Gates' parents for damages their frivolous decision to bear children caused.

[–] [email protected] 6 points 4 months ago (1 children)

I had an engineering call with crowdstrike today. They only had been running unit tests before deployment.

[–] [email protected] 4 points 4 months ago

But do they have a scheduled weekly email with a list of tests that are known to be broken and allowed to fail in CI that then has to be manually checked against the test run report before merging? LIKE MICROSOFT DOES FOR AT LEAST ONE MISSION CRITICAL SERVICE I WORKED ON?

[–] flambonkscious 21 points 4 months ago (1 children)

Are they cuddling up to clownstrike for some reason?

This is entirely clownstrikes fault! If they even remotely validated their input this would have gone very differently

[–] [email protected] 21 points 4 months ago

They just saw an opportunity to attack regulations and leaped on it.

[–] [email protected] 12 points 4 months ago (1 children)

Yes how dare they use Windows as their operating system.

[–] [email protected] 9 points 4 months ago

This was widely regarded as a bad move and made a lot of people very angry