Asklemmy

43790 readers

875 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

160

What makes CrowdStrike so ubiquous that their error created such catastrophe? (sh.itjust.works)

submitted 3 months ago by [email protected] to c/[email protected]

47 comments fedilink hide all child comments

all 50 comments

sorted by: hot top controversial new old

[–] [email protected] 11 points 3 months ago

https://youtu.be/4yDm6xNeYas?si=0VzBxIuPEHC4SMaa

This fireship video is a good, short explanation.

[–] [email protected] 39 points 3 months ago

It’s not so much that it’s ubiquitous so much as the customers that DID use it were very large and their going down was very noticeable.

[–] [email protected] 12 points 3 months ago (3 children)

When an operating system allows a single misbehaving program to take down the whole computer and leave it unbootable. I thought we left that behind with Windows 95.

[–] [email protected] 18 points 3 months ago (2 children)

Drivers usually run in kernel space, where a crash can bring the whole system down. This is not exclusive to Windows

[–] [email protected] -3 points 3 months ago (2 children)

This isn't a driver. It's anti-malware. Nobody on Linux puts such software in kernel space (as far as I'm aware). Root service? maybe, but that's still a user-space process.

[–] [email protected] 1 points 3 months ago

Nobody on Linux puts such software in kernel space

Falcon Sensor is also being distributed for RHEL and Debian, and it caused issues there too.

https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

[–] [email protected] 6 points 3 months ago* (last edited 3 months ago)

It is a driver though, it runs at kernel level and intercepts system calls for logging, analysis, and potential blocking if malware type patterns are detected in the system calls.

[–] [email protected] 10 points 3 months ago

Yes but only in Windows land do you see jillions of (proprietary) drivers made by 3rd parties. Many of which self-update.

[–] [email protected] 2 points 3 months ago (1 children)

That has been a thing forever. I doubt it will ever go away.

[–] [email protected] 45 points 3 months ago (1 children)

A lot of companies install it for compliance checkboxing.

[–] [email protected] 5 points 3 months ago

Apart from fjordbasa's caveat RE "ubiquity" above, this is probably the most succinct answer 😐

[–] [email protected] -4 points 3 months ago (2 children)

BTW, if Windows had been an immutable OS the case would not have been so dire.

[–] [email protected] 16 points 3 months ago (1 children)

If my grandmother had wheels, she would have been a bike.

[–] [email protected] 2 points 3 months ago

It's a different recipe!