this post was submitted on 20 Jul 2024
156 points (98.1% liked)

Asklemmy

43729 readers
1333 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
156
What makes CrowdStrike so ubiquous that their error created such catastrophe? (sh.itjust.works)
submitted 3 months ago by [email protected] to c/[email protected]
52 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 11 points 3 months ago (3 children)

When an operating system allows a single misbehaving program to take down the whole computer and leave it unbootable. I thought we left that behind with Windows 95.

[โ€“] [email protected] 18 points 3 months ago (2 children)

Drivers usually run in kernel space, where a crash can bring the whole system down. This is not exclusive to Windows

[โ€“] [email protected] 10 points 3 months ago

Yes but only in Windows land do you see jillions of (proprietary) drivers made by 3rd parties. Many of which self-update.

[โ€“] [email protected] -3 points 3 months ago (2 children)

This isn't a driver. It's anti-malware. Nobody on Linux puts such software in kernel space (as far as I'm aware). Root service? maybe, but that's still a user-space process.

[โ€“] [email protected] 6 points 3 months ago* (last edited 3 months ago)

It is a driver though, it runs at kernel level and intercepts system calls for logging, analysis, and potential blocking if malware type patterns are detected in the system calls.

[โ€“] [email protected] 1 points 3 months ago

Nobody on Linux puts such software in kernel space

Falcon Sensor is also being distributed for RHEL and Debian, and it caused issues there too.

https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/

[โ€“] [email protected] 2 points 3 months ago (1 children)

That has been a thing forever. I doubt it will ever go away.