this post was submitted on 19 Jul 2024
1118 points (96.9% liked)

linuxmemes

21428 readers
601 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] possiblylinux127@lemmy.zip 22 points 4 months ago (2 children)

    I'm pretty sure Windows is plenty secure. It isn't private or usercentric but of on a security perspective it isn't bad.

    Linux has plenty of security problems just like any OS

    [–] bamboo@lemmy.blahaj.zone 26 points 4 months ago (1 children)

    Defending Windows in a linux memes community.

    That's a bold move cotton, let's see how that works out for 'em

    [–] FiniteBanjo@lemmy.today 6 points 4 months ago (1 children)

    TBH regardless of windows security, this was clearly the fault of a lack of compatibility. Whether CrowdStrike was made in a way that caused the problem or if the Windows update wasn't properly screened or tested for this kind of failure, I'm sure we'll be hearing a lot about very soon, but the jury is out on which one is at fault.

    [–] PainInTheAES@lemmy.world 11 points 4 months ago (1 children)

    Nah, CS sent out a virus definition update that included a driver file that was fucked and caused a boot loop. Because it was a virus definition it bypassed staging rules set by customers. It's 100% on CS unless we want to talk about how Windows architectural choices on how it handles loading improperly formatted kernel level drivers. CS also caused issues on Linux not too long ago.

    [–] FiniteBanjo@lemmy.today 1 points 4 months ago* (last edited 4 months ago)

    Why can't we talk about improperly formatted kernel level drivers? MS is notorious for "oops" accidentally rolling drivers back 8 or more years, and now it's become a problem.

    And correct me if I'm wrong but the CS update came before the windows update which caused the problems.

    EDIT: I am a bit off the mark

    On 19 July at 04:09 UTC, CrowdStrike distributed a driver update for its Falcon software for Windows PCs and servers. An update to a configuration file that was responsible for screening named pipes, Channel File 291, caused a logic error with the Windows sensor client, causing affected machines to enter the blue screen of death with the stop code PAGE_FAULT_IN_NONPAGED_AREA, indicating an error caused by a page fault.

    [–] cqst@lemmy.blahaj.zone 12 points 4 months ago* (last edited 4 months ago) (1 children)

    I’m pretty sure Windows is plenty secure.

    Haha sure. Windows NT MIGHT be considered 'secure' from an architectural standpoint but literally of this falls apart when you tape all the Microsoft Dark Patterns on it that ruin the security. Its a joke, and that's the entire problem.

    Think: Microsoft Accounts, now the "secure" Windows NT Local User Authentication is effectively backdoored by MS and makes you vulnerable to phishing attacks. Windows Update: Constantly pushing dark patterns and 'features' that it discourages people from updating so then guess what, people don't update! The fact that Windows so easily allows Crowdstrike to make system level changes like this without trying a whiny fit is also apart of it. Think about the fact how easily Microsoft allows stuff like Valorant anti-cheat and Crowdstrike, which are effectively rootkits, to be installed with one UAC prompt. In reality this issue is not really Microsoft's fault directly, but in a bunch of indirect ways they encourage this and allow it to happen, and we have seen time and time again, Microsoft DOES NOT CARE ABOUT SECURITY.

    If anything this "Crowdstrike" software showcases the endemic problem in software security and how our system is failing and continuing to fail us. Its an anti-virus, but we already HAVE Windows Defender. These corporations should not be using some random 3rd party Antivirus, I doubt it even does much good, its just cargo-culting "oh, this is industry standard, so we have to use it." This is the kind of thinking/approach that Microsoft encourages.

    [–] possiblylinux127@lemmy.zip 3 points 4 months ago

    Well an organization shouldn't be giving end users admin. That's a recipe for disaster. From an updates perspective you can tightly control which update is applied and when.

    Microsoft makes some crappy decisions but they do know who there big customers are.