Path: ...!feeds.phibee-telecom.net!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Rich <rich@example.invalid>
Newsgroups: comp.os.linux.misc
Subject: Re: Crowdstrike fiasco
Date: Sat, 20 Jul 2024 17:57:06 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 62
Message-ID: <v7gtpi$3kqj0$1@dont-email.me>
References: <v7dbfl$2u3ri$1@dont-email.me> <14650d94-4742-6c3f-9c73-33e7468106c5@example.net> <v7gevu$p388$1@matrix.hispagatos.org> <v7gn63$3jnfn$2@dont-email.me>
Injection-Date: Sat, 20 Jul 2024 19:57:06 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="511db2ee6276b0691c01b97fb601d506";
	logging-data="3828320"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19is8UzBP+s8XXHG0G8hoef"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:jZ2rY3maVtN1QKpo7mmjVf9bvfM=
Bytes: 3898

The Natural Philosopher <tnp@invalid.invalid> wrote:
> On 20/07/2024 14:44, rek2 hispagatos wrote:
>> On 2024-07-19, D <nospam@example.net> wrote:
>>>
>>>
>>> On Fri, 19 Jul 2024, Woozy Song wrote:
>>>
>>>> Curiously, when I made a post to Reddit linux group, it got deleted
>>>> immediately. I thought they would be gloating that Windows got shafted.
>>>>
>>>
>>> I'm gloating! I repeatedly tell a potential customer to change from
>>> windows, and I think so far they asked me for an offer and an opinion 3
>>> times (they had 3 security incidents), and yet they have never purchased
>>> my services and they keep running into these problems. I'm gloating so
>>> much. Sadly I don't think they will ever switch from their beloved
>>> Microsoft though.
>>>
>>> I do use them often as an example of what happens if you have a crappy
>>> IT-manager so I do derive benefits from their incompetence though! =)
>>>
>> 
>> 
>> +1 I hope this serves as a lesson.
> 
> No, it wont.
> 
> You dont understan middle management in a company.
> The IT managers career is best served by spending shitloads of money 
> with a company like crowdstrike which offers impressive legal guarantees 
> in its contracts.
> Not by implementing a policy with some 'nerdy operating system' that his 
> boss doesn't know how to use. And developing an IT department to service 
> and support it.

You can tell those who have never worked with/in/near a large corporate 
bureaucracy or govt bureaucracy IT department.  Those who have never 
seen behind the curtain believe this will result in some kind of 
change.

Those who have (and it does appear you have) recognize crowdstrike for 
what it really is (hint, it is not for "securing" the endpoint systems 
-- that is, at best, a secondary outcome).  Crowdstrike's real purpose 
is to provide the IT bureaucracy with "risk insurance" (i.e., 
Crowdstrike is really an "insurance plan", even if not presented that 
way) such that the IT folk can check a checkbox on their quarterly 
security audit forms that indicates they have "security scanning 
software" installed.  It additionally provides those same IT 
bureaucracy folks with a CYA such that if they happen to be 
hacked/exploited, they can CYA and shift blame to Crowdstrike and away 
from themselves.

Any "security" Crowdstrike provides is secondary to this main purpose, 
that of being an "insurance plan" onto which the IT bureaucracy members 
can shift blame should some hack occur.

So in the end, because the next quarters audit's checkboxes will still 
require "security scanning software" be installed, when next quarter 
arrives, and those forms get filled out again, Crowdstrike will still 
be installed, so those IT folks can check the "blame shifting checkbox" 
on the audit form and magically become "secure" for another quarter.