> On 2024-07-22 10:23, Dan Ritter wrote: >> Rich Pieri wrote: >>> While the CrowdStrike (not to be confused with CloudFlare) fiasco >>> Friday affected millions of Windows computers, Linux is not immune to >>> such an event. I'm not familiar with CrowdStrike Falcon, but my >>> employer uses competing PaloAlto Networks' Cortex XDR. It's a similar >>> service with similar capabilities, and there are Linux endpoint >>> packages. These hook themselves into the kernel at a low level via >>> modules so they can do things like isolate individual machines when >>> they exhibit suspicious or malicious behavior. >>> >>> They also could, with the right -- or wrong -- updates, crash or hang >>> the kernel at startup. >>> >>> Recovery under such conditions would be nearly identical to the process >>> that 8.5 million Windows computers are undergoing: boot some form of >>> recovery media, mount the filesystem where the endpoint software or >>> data are installed, delete or replace the relevant files, and reboot. >> >> In fact, CrowdStrike Falcon has a Linux version; it also >> requires a kernel module; and it exhibited a similar -- but >> different crash back in March. > > I wonder if their QA department is hiring.... Dan G
Just like when George Kurtz was CTO at McAfee in April 2010 and a very similar issue happened that diabled millions of Windows XP system that also required manual repair. Soon after, McAfee went south and was bought by Intel. A year later George Kurtz started crowdstrike in 2011. Now in 2024, crowdstrike did the same thing. How long do you its going to survive after this? > > _______________________________________________ > Discuss mailing list > Discuss@driftwood.blu.org > https://driftwood.blu.org/mailman/listinfo/discuss > _______________________________________________ Discuss mailing list Discuss@driftwood.blu.org https://driftwood.blu.org/mailman/listinfo/discuss
