this post was submitted on 19 Jul 2024
356 points (97.3% liked)

Microblog Memes

5740 readers
2177 users here now

A place to share screenshots of Microblog posts, whether from Mastodon, tumblr, ~~Twitter~~ X, KBin, Threads or elsewhere.

Created as an evolution of White People Twitter and other tweet-capture subreddits.

Rules:

  1. Please put at least one word relevant to the post in the post title.
  2. Be nice.
  3. No advertising, brand promotion or guerilla marketing.
  4. Posters are encouraged to link to the toot or tweet etc in the description of posts.

Related communities:

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] jlh@lemmy.jlh.name 56 points 3 months ago (4 children)

The real blame lies on the fact that Windows lets hundreds of companies like Crowdstrike ship kernel-level software to millions of computers. The fact that this incident was caused by an accidental bug is hilarious, but we're lucky that it wasn't someone pushing malicious software instead.

Windows drivers are a huge liability and I wouldn't be surprised if the next time is a state actor like Russia pushing kernel-level malware.

[–] NOT_RICK@lemmy.world 43 points 3 months ago (1 children)

I hate how many video games come with kernel level anti cheat, it’s an attractive target for hacks

[–] Broken_Monitor@lemmy.world 16 points 3 months ago (1 children)

The helldivers community fucking hates me for pointing this out. Don’t buy helldivers, or any other game packaged with such bullshit.

[–] jlh@lemmy.jlh.name 6 points 3 months ago (1 children)

Is helldivers anticheat kernel level? I play it just fine on Linux.

[–] Broken_Monitor@lemmy.world 11 points 3 months ago (1 children)

Yup. NProtect Gameguard. They got called out for it on day one, but then everyone was like “wow this game is good, so never mind!” Arrowhead CEO outright admitted to it but claimed it’s normal and necessary.

To me it’s like if some company wanted to dig through my mail whenever they wanted and defended themselves with “but we won’t do anything malicious! Its to keep you safe!” They can fuck right off with that nonsense.

but but, it's in character for the canon!!

[–] Aphelion@lemm.ee 23 points 3 months ago* (last edited 3 months ago) (3 children)

The real fuck up is that Crowdstrike Falcon can auto update through its own updater, and doesn't have any kind of control panel for management that could be used for change control. If their customers could have tested this update first, none of this would be happening.

[–] pennomi@lemmy.world 17 points 3 months ago (2 children)

Or if they were smart enough to do a phased rollout to a small percentage of users before deploying worldwide. That catches most issues quickly.

[–] jlh@lemmy.jlh.name 5 points 3 months ago (1 children)

Or if Microsoft reviewed drivers before signing them.

[–] KmlSlmk64@lemmy.world 4 points 3 months ago

I think they do (or at least I've seen it mentioned), but this wa apparently caused a by a bad configuration fil for that driver. (A 40-something kB file pf pure zeroes)

or like, tested the fucking update at all...

[–] quinkin@lemmy.world 4 points 3 months ago

Yep. A lot of customers were running n-1 or even n-2 of their falcon sensor release to mitigate risk. Doesn't count for shit though if the "deployed content" bypasses all of that.

[–] reimufumo@lemmy.ca 2 points 3 months ago* (last edited 3 months ago)

an antivirus-like software is something you want auto updates for in my opinion

[–] subignition@fedia.io 11 points 3 months ago* (last edited 3 months ago) (1 children)

Let's be real, Microsoft wouldn't do a hell of a lot better even if they had that stuff locked down. Their fuckups just tend to hit the general public a little more frequently than enterprise customers.

Edit: I wrote this before I learned about yesterday's Azure outage lol. That definitely adds to my point.

[–] dutchkimble@lemy.lol 6 points 3 months ago

Yeah this way they can Shaggy their way out of it

[–] reimufumo@lemmy.ca 2 points 3 months ago (1 children)

so you're saying you shouldn't be able to install any software with drivers? there's nothing microsoft can do about mass installing a program with elevated privileges, especially if it had actual uses like this

[–] jlh@lemmy.jlh.name 1 points 3 months ago

The average person or IT dept should not have to, no. It is very rare to install third party drivers on MacOS and Linux, and the fact that it's even needed for an antivirus is insane.