Readit News logoReadit News
naib0930 commented on Technical Details on Today's Outage   crowdstrike.com/blog/tech... · Posted by u/xjia
SoftTalker · 2 years ago
And yet the cleanup instructions were for the user to delete a file in that directory. That requires booting into safe mode, but if any random user is able to do that, kiss your systems goodbye, a good social engineer (or disgruntled employee) will own any desktop in your organization if he wants to.
naib0930 · 2 years ago
In my organizations any user couldn't do it, we have to manually touch every computer and enter the bit locker key. We lost in the neighborhood of 14,000 end points, every single one needs touched. My team of 10 did about 800 in 5 hours. Pulling and entering the bitlocker key was what took the longest.
naib0930 commented on CrowdStrike Update: Windows Bluescreen and Boot Loops   old.reddit.com/r/crowdstr... · Posted by u/BLKNSLVR
Reason077 · 2 years ago
> ”This is not a windows issue. This is a third party security vendor shitting in the kernel.“

Sure, but Windows shares some portion of the blame for allowing third-party security vendors to “shit in the kernel”.

Compare to macOS which has banned third-party kernel extensions on Apple Silicon. Things that once ran as kernel extensions, including CrowdStrike, now run in userspace as “system extensions”.

naib0930 · 2 years ago
Back in 2006 the Microsoft agreed to allow kernel level access for Security companies due to an EU anti trust investigation. They were being sued by anti virus companies because they were blocking kernel access in the soon to be released Vista.

https://arstechnica.com/information-technology/2006/10/7998/

n

u/naib0930

KarmaCake day7July 21, 2024View Original