On Sun, Jul 21, 2024 at 2:15 AM Andy Smith <a...@strugglers.net> wrote:
>
> On Sun, Jul 21, 2024 at 10:28:28AM +0800, Bret Busby wrote:
> > Crowdstrike did not strike at Linux or BSD UNIX systems - only MS Windows
> > systems.
>
> Except that time just a few months ago when it *did* happen to
> Crowdstrike+Linux?
>
> https://news.ycombinator.com/item?id=41005936
This is alarming (to me) from the YC post:
"we push software to your machines any time we want,
whether or not it's urgent, without testing it" seems to be
core to the model...
Updates need to be tested inside an organization's lab, and then
tested with a sampling of the organization's computers. Then, an
organization is free to release the update to all machines. All of
that has to happen in two weeks to 30 days.
> Nothing in this story would be different if it was Linux deployed on
> those machines. And nothing would be different if Crowdstrike didn't
> exist, as some other equally useless vendor would be involved.
>
> There is a need to examine why companies are putting high privilege
> junk software on their machines. It's got nothing to do with Linux
> vs Windows.
Jeff
