| Deutsch English Français Italiano |
|
<v7ji5j$6i10$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!3.eu.feeder.erje.net!feeder.erje.net!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: "Craig A. Berry" <craigberry@nospam.mac.com> Newsgroups: comp.os.vms Subject: Re: A meditation on the Antithesis of the VMS Ethos Date: Sun, 21 Jul 2024 12:57:06 -0500 Organization: A noiseless patient Spider Lines: 38 Message-ID: <v7ji5j$6i10$1@dont-email.me> References: <rjlp9jlpbrokm8bpi915s43pidb52s7m9c@4ax.com> <v7j0fo$3k1u$1@dont-email.me> <v7j3na$3u0v$3@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Sun, 21 Jul 2024 19:57:07 +0200 (CEST) Injection-Info: dont-email.me; posting-host="49c3acf7e6ef5b546f63729e899b8122"; logging-data="215072"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19uuPjRf+TP4ZlbGzixAE//0gVhSfbyovQ=" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:E8T270+Vl+w2z+MEaodL3H0iEqY= In-Reply-To: <v7j3na$3u0v$3@dont-email.me> Content-Language: en-US Bytes: 2610 On 7/21/24 8:50 AM, Arne Vajhøj wrote: > On 7/21/2024 8:55 AM, Craig A. Berry wrote: >> On 7/21/24 4:41 AM, Subcommandante XDelta wrote: >> >> It was not a kernel driver. It was a bad configuration file that >> normally gets updated several times a day: >> >> https://www.crowdstrike.com/blog/falcon-update-for-windows-hosts-technical-details/ > > So not a driver. > > But I will not blame anyone for assuming that a .SYS file under > C:\Windows\System32\drivers was a driver. It was a reasonable guess, but the OP claimed that Microsoft's kernel driver approval process was somehow involved, which doesn't seem to be the case. On the other hand, a kernel driver that can reconfigure itself multiple times a day from data obtained over the network may avoid some kinds of problems, but clearly it can cause others. >> CrowdStrike thought updating the entire world in an instant was a good >> idea. While no one wants to sit there vulnerable to a known threat for >> any length of time, I suspect that idea will get revisited. > > I have already seen speculation that IT security will decrease because > patch deployment speed will slow down. If you update too slowly, you are vulnerable. If you update everything immediately all at once world-wide, you risk catastrophic failure. There is no free lunch. > Arne > > PS: I don't like the product! Since Friday you probably have a lot of company :-).