this post was submitted on 19 Jul 2024
1129 points (96.8% liked)

linuxmemes

20880 readers
8 users here now

I use Arch btw


Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 145 points 4 months ago (4 children)

the good news is that it does make windows more secure. you cant hack something that has crashed.

[–] [email protected] 44 points 4 months ago (5 children)

Remember guys, it took about a decade for Solar Winds to discover somebody had root access to everybody that used their software, another decade for somebody outside Solar Winds to discover it and tell everybody, and half a decade with nobody claiming to have solved the issue up to now.

So when you believe that your computer with an EDS is safe just because you can't use it, think again.

load more comments (5 replies)
[–] [email protected] 25 points 4 months ago

The most secure computer is the one not running any software. That's why I recommend Crowdstrike.

[–] [email protected] 21 points 4 months ago (2 children)

Reminds me of a local cyber security firm, which declares war on a group of hackers. The CEO went on television to "double dog dare" the hackers to hack their servers and claim their firewalls are impenetrable.

Well you can guess the results, within 48 hours, their servers went down one after another. And when shit about to hit the fan, they literally turned off all of their servers for days. They hired a 3rd party IT firm to patch their security, then the CEO declared victory in a local newspaper.

[–] [email protected] 13 points 4 months ago (2 children)

Similar thing happened to the idiot CEO of Lifelock that used to advertise his actual social security number everywhere.

[–] JackbyDev 9 points 4 months ago

I used to work at Equifax. LifeLock was the subject of many corporate trainings.

load more comments (1 replies)
load more comments (1 replies)
[–] [email protected] 104 points 4 months ago (1 children)

The fact that random companies like Crowdstrike have kernel drivers in millions of computers they they ship remotely is a security risk in and of itself. We're lucky crowdstrike just shipped a bug that crashes computers, other companies could have shipped a lot worse.

[–] [email protected] 47 points 4 months ago (1 children)

other companies could have shipped a lot worse.

other ~~companies~~ governments could have shipped a lot worse.

FTFY

[–] MajorHavoc 22 points 4 months ago* (last edited 4 months ago) (7 children)

other ~~companies~~ governments ~~could have~~ may have already shipped a lot worse.

FTFY (high five!)

[–] [email protected] 7 points 4 months ago

I'd swap may out for probably TBH.

load more comments (6 replies)
[–] [email protected] 71 points 4 months ago (3 children)

I'd laugh if this wasn't affecting me directly.

[–] [email protected] 26 points 4 months ago

I can laugh either for or at you, if you want.

I'll pour one out for the frontliners.

load more comments (2 replies)
[–] [email protected] 41 points 4 months ago (1 children)

The problem is the blind trust of these "vendors"

Decentralize control

[–] [email protected] 15 points 4 months ago (1 children)

Centralize control in house.

[–] [email protected] 10 points 4 months ago

Compared to the status quo, that's much more decentralized.

[–] [email protected] 41 points 4 months ago (4 children)

I really don't want to be the guy responsible for this fuck up

[–] [email protected] 37 points 4 months ago (4 children)

For a company this big it would also have to have gotten past a code review and QA team, right? ... right? ...

[–] [email protected] 18 points 4 months ago

Of course, of course. This is how these things are always done.

[–] [email protected] 11 points 4 months ago

I like how they kept on pushing the update for hours

[–] [email protected] 10 points 4 months ago* (last edited 4 months ago) (2 children)

And who pushes out production updates on a Friday!

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 19 points 4 months ago (2 children)

Yeah, something this big is absolutely not one engineer's fault. Even if that engineer maliciously pushed an update, it's not their fault


it was a complete failure of the organization, and one person having the ability to wreck havoc like this is the failure.

And I actually have some amount of hope that, in this case, it is being recognized as such.

load more comments (2 replies)
[–] [email protected] 12 points 4 months ago (2 children)

This is an industry wide issue. This is just the first symptom.

load more comments (2 replies)
load more comments (1 replies)
[–] [email protected] 40 points 4 months ago (1 children)

Also: don't trust your employees to boot into safe mode.
Trust a 3rd party to freely install system level files at any time.

I knew how to fix the computers at work today in the morning, but we couldn't get through to the help desk to get the bit locker codes for each computer until near the end of the day.

[–] [email protected] 14 points 4 months ago* (last edited 4 months ago) (2 children)

Also: don’t trust your employees to boot into safe mode. Trust a 3rd party to freely install system level files at any time.

Exactly. This is exactly the problem, and unless people wisen up the software security problem is only going to get worse. Companies and Governments need to rethink how they approach security entirely. This is a preview of what is to come, its only going to get worse and more damaging from here, and none of the vendors care.

load more comments (2 replies)
[–] [email protected] 28 points 4 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 24 points 4 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 22 points 4 months ago (2 children)

I'm pretty sure Windows is plenty secure. It isn't private or usercentric but of on a security perspective it isn't bad.

Linux has plenty of security problems just like any OS

[–] [email protected] 26 points 4 months ago (3 children)

Defending Windows in a linux memes community.

That's a bold move cotton, let's see how that works out for 'em

load more comments (3 replies)
[–] [email protected] 12 points 4 months ago* (last edited 4 months ago) (1 children)

I’m pretty sure Windows is plenty secure.

Haha sure. Windows NT MIGHT be considered 'secure' from an architectural standpoint but literally of this falls apart when you tape all the Microsoft Dark Patterns on it that ruin the security. Its a joke, and that's the entire problem.

Think: Microsoft Accounts, now the "secure" Windows NT Local User Authentication is effectively backdoored by MS and makes you vulnerable to phishing attacks. Windows Update: Constantly pushing dark patterns and 'features' that it discourages people from updating so then guess what, people don't update! The fact that Windows so easily allows Crowdstrike to make system level changes like this without trying a whiny fit is also apart of it. Think about the fact how easily Microsoft allows stuff like Valorant anti-cheat and Crowdstrike, which are effectively rootkits, to be installed with one UAC prompt. In reality this issue is not really Microsoft's fault directly, but in a bunch of indirect ways they encourage this and allow it to happen, and we have seen time and time again, Microsoft DOES NOT CARE ABOUT SECURITY.

If anything this "Crowdstrike" software showcases the endemic problem in software security and how our system is failing and continuing to fail us. Its an anti-virus, but we already HAVE Windows Defender. These corporations should not be using some random 3rd party Antivirus, I doubt it even does much good, its just cargo-culting "oh, this is industry standard, so we have to use it." This is the kind of thinking/approach that Microsoft encourages.

load more comments (1 replies)
[–] [email protected] 21 points 4 months ago

Ha guess why I'm on lemmy right now.

[–] abrahambelch 21 points 4 months ago* (last edited 4 months ago)

Sometimes you have to learn the hard way...

[–] [email protected] 21 points 4 months ago

They stop breaches if nothing's turned on. Roll safe (mode)

[–] [email protected] 13 points 4 months ago

Shit Happens

Unfortunately, heads are going to roll, and it’ll probably be the little guy who gets the blame.

[–] [email protected] 11 points 4 months ago (26 children)

I'm actually curious to know, how is Linux inherently more secure than windows?

[–] [email protected] 25 points 4 months ago* (last edited 4 months ago)

Few things, in rough order:

  • Smaller = less attack surface. You can strip a Linux OS down to only what is needed.

  • Open source, so it's can be peered review. There are Unix distros like OpenBSD, that share lot of user space component options, where auditing is a big thing. The whole sunlight and oxygen stops things festering as much. As abosed to things locked in a box in another box down in a cellar.

  • Open source transparency forces corporates to be better. We can see what they are and aren't doing.

  • Diversity. The is no "Linux", it's a ecosystem of Linux distros all built and configured differently, using different components. Think of Linux as just a type of base board in a sea of Unix Lego bits. There are plenty of big deployments on BSD bases that share a lot with some Linux deployments.

  • Unix security is simplier than Windows security, so easer to not mess up.

[–] [email protected] 13 points 4 months ago (4 children)

In general it is. Opensource software has less bugs that proprietary. And even those bugs can be mitigated with hardening.

load more comments (4 replies)
[–] [email protected] 12 points 4 months ago

Sort of an aside, but I am seeing Microsoft more as a hostile entity that I need to protect myself from.

[–] [email protected] 10 points 4 months ago

Its not and everyone who says it does is full of shit. The reason linux doesnt need av is that av is secretly overrated

load more comments (22 replies)
[–] [email protected] 7 points 4 months ago (1 children)

MS’s built-in security platform is top tier also. Some companies like alternative products.

[–] [email protected] 10 points 4 months ago* (last edited 4 months ago) (8 children)

There is nothing Microsoft I would consider "top tier" when it comes to security.

Defender does a great job for many AV tasks. Crowdstrike does more, and protection isn't tied to windows updates.

This isn't a situation where companies just chose not to use the free item, the free item has other costs (management overhead) and is missing some features.

The best answer, of course, is to not use windows for anything that needs to be secure.

Edit: For those who think I'm wrong, cool. I'm not but you are welcome to disagree.

There is a difference between the free defender and paid for defender. If you're a home user, check out defenderui.com to get (many, not all) features that are normally limited to intune/gpo.

A full and proper deployed defender stack is very good, but in terms of management.... The approach to different os's is practically cobbled together, the webui is horrific, and it lacks some basic functionality. A problem to manage a system like this is a problem to deploy a system like this.

If you're on the free Defender level, you are not getting anywhere near the same features as falcon, there is absolutely zero question about that.

load more comments (8 replies)
load more comments
view more: next ›