ramble81

Each person will now be free to maintain their own private army.

The chicken is involved, but the pig is committed.

I first dealt with them at least 10+ years ago and at the time they had no ability to do staged roll outs or targeted roll outs. We got updates when they said we did, no choice or control. We had to resort to updating our firewall to restrict the download endpoint and only open it in groups to do a phased update.

And cheaper ones are being kneecapped by the government because they want to keep supporting the incumbents

That sounds like a lawyers dream… “can’t provide it if it doesn’t exist” … now granted, if they got a subpoena they’d have to save it going forward, but before then, if their not bound by something that forces data retention, the less random data laying around the better.

Incidentally CrowdStrike has a Linux agent and my previous company was pushing us to install it to check another box on their Cyberliability insurance form. So this could just as easy happen there too.

More like CrashStrike

We had a bad CrowdStrike update years ago where their network scanning portion couldn’t handle a load of DNS queries on start up. When asked how we could switch to manual updates we were told that wasn’t possible. So we had to black hole the update endpoint via our firewall, which luckily was separate from their telemetry endpoint. When we were ready to update, we’d have FW rules allowing groups to update in batches. They since changed that but a lot of companies just hand control over to them. They have both a file system and network shim so it can basically intercept **everything **

Sock(ets)

Which number 2 blows my mind as they constantly vote for things which benefit those well “above their station” because they think they’ll be there someday.