Crowdstrike could have deployed the same broken code in their Linux or macOS agents. Nothing much for Windows to do if a kernel driver is segfaulting (when disabling it could be dangerous for users.)
So the question is why we need CrowdStrike software in the first place? Why our systems are not secure enough that companies feel the need to install additional security software? Obviously demand for secure operating system is there. CrowdStrike company valued at $80B, so lots of money for Microsoft and other operating software vendors to grab.
I do understand that main driver behind CrowdStrike installations is compliance checkbox. It still keeps the question, unless we assume pure corruption. But I've heard opinion from security experts, that this software really improves Windows security.
macOS and Linux do not have nearly as much a need for ridiculous endpoint security tools like this to begin with.
The world running on Windows is a monumental waste of resources and a huge security threat. This will happen over and over again.
The fact that even dummy little terminals that are strictly responsible for showing flight arrivals and departures was impacted by this is hysterical. Why was that not an android or chromeos device with an immutable filesystem, A/B blue green update strategies etc.
serious question, does anyone really think Linux antivirals are good or necessary, particularly if they are active measure kernel things and not just passive scanners?
I have only seen people use them when windows it departments suddenly have to pretend to be cloud savvy, or when enterprisey infosec teams are looking for more vendors to bloat up their budgets. If it’s written in contracts, it’s not the customers demanding av on ephemeral cloud servers, it’s the home team bloating costs so they can cut them later for a raise and applause.
Aaaand whenever it goes that way, antivirals affect performance and stability with random problems, always hurting more than they help
Nine times out of ten it’s not even for security it’s for checking some kind of auditing compliance box. We’re perpetuating this nightmare quagmire of shit and no one understand how it works.
vbezhenar|1 year ago
I do understand that main driver behind CrowdStrike installations is compliance checkbox. It still keeps the question, unless we assume pure corruption. But I've heard opinion from security experts, that this software really improves Windows security.
unknown|1 year ago
[deleted]
whalesalad|1 year ago
The world running on Windows is a monumental waste of resources and a huge security threat. This will happen over and over again.
The fact that even dummy little terminals that are strictly responsible for showing flight arrivals and departures was impacted by this is hysterical. Why was that not an android or chromeos device with an immutable filesystem, A/B blue green update strategies etc.
hypeatei|1 year ago
Exactly. It seems like we're deploying very capable and complex devices for a simple task which is showing a couple pages of text in a table format.
photonthug|1 year ago
I have only seen people use them when windows it departments suddenly have to pretend to be cloud savvy, or when enterprisey infosec teams are looking for more vendors to bloat up their budgets. If it’s written in contracts, it’s not the customers demanding av on ephemeral cloud servers, it’s the home team bloating costs so they can cut them later for a raise and applause.
Aaaand whenever it goes that way, antivirals affect performance and stability with random problems, always hurting more than they help
whalesalad|1 year ago