140
this post was submitted on 20 May 2025
140 points (97.9% liked)
Sysadmin
9183 readers
209 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There was an additional auto update function that wasn't disclosed. Delta had disabled the auto update because, like many large companies, they prefer to deploy changes incrementally so that an issue doesn't blow-up all their systems at once.
So...
Yes. Which is why they contend disabling it makes it unauthorized.
That's not how that works. CS didn't have at the time, an option to disable channel file updates. It's how their edr works. Delta's mssp or secops group, %100 knew this as it's in CS own documentation. They really don't have a foot to stand on here, but CS will pay it to make it go away.
Yes, that's the crux of the accusation. Given the large number of people who seemed to be under the impression that selecting a staggered release cadence would protect them from a faulty update, it's not unreasonable to think that people were caught off guard by a second autoupdate system that they couldn't configure that could also tank their system.
Before this, you could throttle the rollout for channel files. You could knock it down to 1 a minute if you wanted.
Channel files were not something that CS admins didn't know about.