Cybersecurity

5379 readers

159 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

111

97% of CrowdStrike systems are back online; Microsoft suggests Windows changes (arstechnica.com)

submitted 1 month ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

22 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] EmperorHenry@infosec.pub 0 points 1 month ago (3 children)

or! or!...Maybe put more restrictions on which antivirus programs will be able to register with the security center?

Like...if they have a long history of fucking up, they get theirs revoked, if they have a history of quality control failures...like crowdstrike does, they get revoked.

If they want to be able to register with the security center, they need to be audited by several different cybersecurity analysis teams that are all completely independent from each other, preferably from different countries with strong data privacy laws to prove that they're actually worth using.

For norton and mcAfee and now crowdstrike and a few others that suck, that means they're going to have to improve massively before anyone will be able to use them...for others like comodo, secureage and other whitelisting applications on par with those two, that means much more business for them.

Like it or not, the majority of the world's computers, including those of which for critical infrastructure around the world run on windows. If you're an antivirus company, trusted enough to be able to register with the security center, you better be ready to prove that you're not going to be worse than using microsoft APT or MS defender with configure defender on MAX...that's an easy bar to overcome, but many antivirus programs, like norton and McAfee and even Avast/AVG now and Avira...I think Avira is now owned by norton lifelock... insist on limboing under that bar.

If you're expecting your product to be trusted, it better be fucking trustworthy. Making an antivirus program that works and works well can literally be the difference between people living and dying. Imagine how many life-saving surgeries had to be postponed because of crowdstrike's lack of QC. imagine how many transplant organ shipments had to be postponed because of this fuckup.

And of course, scammers capitalized on the confusion, put malware links that promised to fix machines destroyed by crowdstike only to install zero-day malware instead...data-stealers, very quiet forms of malware that the vast majority of antivirus products are useless against.

TLDR...GET YOUR SHIT TOGETHER, people depend on their computers for all kinds of things now.

[–] capital@lemmy.world 9 points 1 month ago (2 children)

Nah let admins admin. It would piss me off to have chosen a product just to have Microsoft effectively veto my decision as the machine owner.

If companies are going to buy stuff that crashes, let em. Don’t ask Microsoft to hand hold.

[–] EmperorHenry@infosec.pub 2 points 1 month ago (1 children)

I honestly can't think of any other way to force shitty antivirus programs to improve. Every boomer I know uses Norton or McAfee and refuses to even hear about other options.

Kaspersky is pretty good at protecting the average user from scammers, because they blacklisted remote desktop programs in their malware database, and now that's being banned within the US.

The US government's definition of "compliant" when it comes to something like that will completely cancel out anything good that comes from using Kaspersky, so it's never going to be un-banned and also be worth using

[–] lost_faith@lemmy.ca 2 points 1 month ago

We switched from kas to bitdefender. Bit seems as good as kas as my windows is still clean, well clean as windows can be, and my (Boomer) mother takes my advice and dropped nortons decades ago. Some of my alternate sites are just absolutely infested with malware and a buddy of mine, half my age, was using nortons and was having trouble connecting to me and server hosted online games. Had him run Malware bytes, I also ran it on my system to help him use it, and he was heavily infected; Nortons: Everything is fine, carry on. He is using bit now