top | item 45649573

(no title)

I have never been a big enterprise integrator, and I thought exactly like this.

Then in 2024 the CrowdStrike BSOD screw up happened, and I was surprised to learn that no, not everything is airgapped. Apparently, businesses are okay with untrusted, unvetted, self-updating pieces of code that run in kernel mode.

discuss

u_sama|4 months ago

From my experience in Europe, this comes to being the least bad choice amongst a large series of bad choices. They install CrowdStrike in legacy devices running in critical industries like manufacturing because a lot of devices are legacy (think Windows 2000 and XP in 2025) which cannot be changed because either the company is bankrupt, the machine change would cost millions or the company is strapped for cash and/or labor to actually update all of the necessary (and not supported) industrial computers.

This + corporate shit policies from departents disconnected from the needs on the terrain.