Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).
This community is automagically fed by an instance of Dittybopper.
The Microsoft PR and Legal department are on this, trying to spin them as the victims.
Fuck Microsoft, this is their fault. Theur monopoly and anti competitive pragroce has made it worse. They need more intervention to force open their system and allow other vendors to be able to offer viable alternatives.
We wouldn't have had such chaos is we didn't have so many companies stuck depending on a duopoly of Microsoft and Crowdstrike.
Which is bullshit. As a sysadmin i was battling with low level tcp/Ip filters and other shit since at least WinXP. And probably nt4sp3.
I've been saying that antimalware is worse or at least the same as the stuff it tries to protect against for decades. Invisible cpu cycles. Hidden disk io. Tcp filters. Maxing out your network connection trying to access every resource on your network. Assraping SNMP. Blocking network access when the license expires. (mcafee) criplling java code. (decompressing every jar known to man)
And most of this is still true. Is your pc slow or hanging without any visible reason? Chances are defender is doing some ultra secret very hush hush antimalware shit.
I always disabled everything on my own systems on my own private lan and did ferocious edge protection, log reporting and scanning everything from one node.
Then came ransomware. And the risk of running without on local nodes just became too big.
Anyway This has been an issue since forever. If anything it became less worse as of 09 because everybody got access to documentation so they finally learned what NOT to do.
Then make sure no auto updates without a sysadmins ok. Not rocket science.
The whole point to Endpoint Protection is to quickly and easily send updates to block currently exploited vulnerabilities to the systems most likely to be affected. Adding a delay for in-house QA testing (and the associated costs) doesn't make any sense.
I think it's very unrealistic to expect all sysadmins to spot uninitialized memory access in all software they don't produce. This calls for independent software testing at scale which is more elaborate than just pushing the responsibility to sysadmins.
Just use Linux, we don't have these problems 😉
I only use Windows to play games, everything else runs Linux.
Crowdstrike runs on Linux too, fyi. It’s broken it before, just not on this scale.
Yes, I'm aware, I interviewed for a job as a Linux Engineer there 😉
Just do research on the history of whatever antivirus program you're going to be using.
Crowdstrike is a really shitty company that helped cover up the DNC's rigging of the 2016 democrat primary. Why would you ever want to support them by paying for their crap?