You are viewing a single thread.
View all comments
158 points

Personally, I don’t see the issue. Microsoft shouldn’t be responsible for when a third party creates a buggy kernel module.

And when you, as a company, decide to effectively install a low-level rootkit on all your machines in hopes that it will protect you against whatever, you accept the potential side effects. Last week, those side effects occurred.

permalink
report
reply
70 points

Hard to say yet, if Microsoft is responsible or not. The thing is they certified it, as a stable and tested driver. But it isn’t just a driver, but an interpreter/loader that loads code at runtime and executes it. In kernel mode. If Microsoft knew this they’re definitely responsible for certifying it, but maybe crowdstrike hid this behavior until it was deployed to the customers.

permalink
report
parent
reply
25 points

It was my understanding that this wasn’t certified. Crowdstrike circumvented the signing process.

permalink
report
parent
reply
43 points

The driver was signed, the issue was with a configuration file for that’s not part of the driver.

permalink
report
parent
reply
-30 points

MS gives them access, so they’re responsible.

https://www.youtube.com/watch?v=wAzEJxOo1ts

permalink
report
parent
reply
53 points

I disagree. As someone else in this thread said: if you compile a buggy Linux driver that crashes the system, it’s still the fault of the driver.

permalink
report
parent
reply
4 points

Linux does not certify drivers though. Microsoft does.

permalink
report
parent
reply
-14 points

I’m not exempting Crowdstrike and I’m not sure the comparison holds: linux is a kernel, mot a corporation.

Try Ubuntu or RedHat, would they be liable?

permalink
report
parent
reply
-6 points

I bet you love your locked down iPhone too

permalink
report
parent
reply
11 points

Why would I buy an Apple product?

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 17K

    Monthly active users

  • 12K

    Posts

  • 555K

    Comments