this post was submitted on 20 Jul 2024
160 points (98.8% liked)
Asklemmy
43897 readers
1039 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- [email protected]: a community for finding communities
~Icon~ ~by~ ~@Double_[email protected]~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Probably it runs with privileges of the OS level, what applications should not do. The second problem is monoculture. To run the same software of a single company an all machines is easy, but...
Is it a kernel module or what? Why did it BSOD the whole system?
Effectively. Kernel level driver intercepting system calls for logging, analysis, and potential blocking.
It literally has to run at that level to do it's job.
'He's out of line but he's right'. I mean, is a bit ironic to give this level of permission to a program that is too malware-like to protect yourself from exactly that. We're talking about hospitals, airports and airlines, government agencies... many critical systems, so much information's security rely on a (foreign for most of the world) private company.
Companies wouldn't mind having an OS level code run on their PCs if its meant to help secure their computers. A malware infecting their computers could result in way more damages after all.
I'm not so sure what is worse. I wish we wouldn't reimplement statist practices in computers, as it often not goes well in our physical world, and invent more resources into OS/network security, compartmentalization and privilege separation. But yeah, the reality is it's easier to put a god-like "trusted" agent in a system. Well, the police need have guns, read all private chats, place security cameras with face recognition everywhere... to do their jobs. Otherwise terrorist attacks or whatever could result in way more damages after all. The same story every time.
Are you seriously equating security software running on business systems with state violence / surveillance on people? Those two things are not even remotely comparable, starting with business systems not being people that have rights
The equation by the user is bs.
But these companies do hold people's data, and it's a catch 22 situation: in order to protect that, they rely on an invasive system. Providers like Crowdstrike have high-level access to critical infrastructure and critical information. Is the a good thing? Maybe yes, maybe no.