I think people are missing the point here. The biggest problem was not that the update was bricking the machines, that could’ve happened to Linux/macOS/BSD etc. The problem is that the solution to the problem is to MANUALLY access the machine, get into safe mode and type some commands. This is insane.
And you should be able to EASILY disable automatic updates for apps like that on Windows Server.
I dunno, I’d say them deploying an update that bricked machines at the scale they did shows they didn’t test it very well at smaller scales. They could have even still used their users as beta testers, just needed to do a subset of them first.
Nobody but the most hardcore AMD enthusiasts used Bulldozer. The 2010s was a tough decade for AMD, to say the least. It wasn’t until AM5 came out that I finally switched back to Team Red. Got too used to LGA sockets.
Bruh, I’ve used Linux for over 10 years. I run Arch on my laptop and have a homelab powered by Proxmox, Debian, and OPNSense. I don’t run any AV in my lab but do follow other security practices.
At work it’s a different story. Products like CrowdStrike also collect logs, scan for vulnerabilities, provide graphing and dashboarding capabilities, provide integrations into ticketing platforms for investigation and remediation by security teams, and more. AV is often required because Windows users can upload infected files to Linux-run SMB shares. Products like CrowdStrike often satisfy requirements set by cybersecurity insurance.
This is not simping, this is not Linux vs Windows. You just clearly have no experience in the enterprise Linux space and business security requirements.
I don’t need to argue about windows vs Linux. You’re overcomplicating and misinterpreting my point and it’s no longer worth it to me because you clearly are prioritizing defense
Edit: let’s see if we can get to 100 downvotes here. I mean this shit is just so offensive right?
I’ve found it funny how many people think they need to defend windows by saying " this could’ve happened to Linux too!!"
Okay, sure. Yeah you’re right about Linux being just as insecure as windows too 😉
I think people are missing the point here. The biggest problem was not that the update was bricking the machines, that could’ve happened to Linux/macOS/BSD etc. The problem is that the solution to the problem is to MANUALLY access the machine, get into safe mode and type some commands. This is insane. And you should be able to EASILY disable automatic updates for apps like that on Windows Server.
I dunno, I’d say them deploying an update that bricked machines at the scale they did shows they didn’t test it very well at smaller scales. They could have even still used their users as beta testers, just needed to do a subset of them first.
Crowdstrike exists for Linux. Are their reports their update affected Linux servers? I have not read that anywhere.
Yeah but 14th Gen Intel CPUs are still failing regardless of your OS.
Proudly an AMD user for 25 years now :)
Even bulldozer?
Nobody but the most hardcore AMD enthusiasts used Bulldozer. The 2010s was a tough decade for AMD, to say the least. It wasn’t until AM5 came out that I finally switched back to Team Red. Got too used to LGA sockets.
I still don’t know why they thought sticking with PGA was a good idea… The amount of processors that were ripped out of their sockets is insane
not familiar. Their processors tend to last me ~5 years so it’s not like I bought every model available
Something similar did happen on Linux clients with CrowdStrike installed not too long ago lol
Sounds a bit like its a bad idea to install CrowdStrike regardless of the system 🙃
checkbox compliance – companies are required to have something in place that checks the box so they can pass the audit
lol yeah that’s a glowing review.
“Oh, we can fuck other shit up too!”
Anything to defend windows
Noone needs to defend Windows. We need to defend the truth. And the truth is that this was not a Windows issue. It’s a Crowdstrike issue.
Windows being an insecure shit show is no one else’s fault though. Not sure why that draws an argument. It’s well known
True. But nothing to do with this incident. That’s the point.
Everything to do with it. You don’t buy expensive software to protect your shitty OS unless it’s a shitty OS
To those many Linux users who took a look at their circumstances and said “I definitely need antivirus software!”
CrowdStrike does more than anti-virus and yes enterprise Linux installations need a lot of security controls that average Linux users don’t need.
Ok fine simps, Linux is exactly as shitty as windows this was totally only a coincidence
Bruh, I’ve used Linux for over 10 years. I run Arch on my laptop and have a homelab powered by Proxmox, Debian, and OPNSense. I don’t run any AV in my lab but do follow other security practices.
At work it’s a different story. Products like CrowdStrike also collect logs, scan for vulnerabilities, provide graphing and dashboarding capabilities, provide integrations into ticketing platforms for investigation and remediation by security teams, and more. AV is often required because Windows users can upload infected files to Linux-run SMB shares. Products like CrowdStrike often satisfy requirements set by cybersecurity insurance.
This is not simping, this is not Linux vs Windows. You just clearly have no experience in the enterprise Linux space and business security requirements.
I don’t need to argue about windows vs Linux. You’re overcomplicating and misinterpreting my point and it’s no longer worth it to me because you clearly are prioritizing defense
Edit: let’s see if we can get to 100 downvotes here. I mean this shit is just so offensive right?