this post was submitted on 19 Jul 2024
1254 points (99.4% liked)

Programmer Humor

19589 readers
458 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] KomfortablesKissen@discuss.tchncs.de 6 points 4 months ago* (last edited 4 months ago) (13 children)

I have. They are not mine. The dead people could be.

Edit: I understand you were being sarcastic. This is a topic where I chose to ignore that.

[–] ricecake@sh.itjust.works 8 points 4 months ago (12 children)

That's totally fair. :)

I work at a different company in the same security space as cloudstrike, and we spend a lot of time considering stuff like "if this goes sideways, we need to make sure the hospitals can still get patient information".

I'm a little more generous giving the downstream entities slack for trusting that their expensive upstream security vendor isn't shipping them something entirely fucking broken.
Like, I can't even imagine the procedureal fuck up that results in a bsod getting shipped like that. Even if you have auto updates enabled for our stuff, we're still slow rolling it and making sure we see things being normal before we make it available to more customers. That's after our testing and internal deployments.

I can't put too much blame on our customers for trusting us when we spend a huge amount of energy convincing them we can be trusted to literally protect all their infrastructure and data.

[–] bleistift2@sopuli.xyz 3 points 4 months ago (5 children)

You seem knowledgable. I’m surprised that it’s even possible for a software vendor to inject code into the kernel. Why is that necessary?

[–] joshcodes@programming.dev 2 points 4 months ago

Not who you asked, but did you ever hear of Valiant and their kernel level anti cheat.

This is not a 1:1 comparison but anticheat software running in the kernel has the ability to monitor all other processes due to its permission levels. It can monitor all scheduled tasks and infer from that information.

Drivers need similar access but for different reasons, they need access to os functionality a user would absolutely never be granted. This is because they interface directly with hardware and means when drivers crash, they generally don't do it gracefully. Hence the BSOD loop and the need for booting windows without drivers (i.e. safe mode) and the deletion of the misconfiguration file.

load more comments (4 replies)
load more comments (10 replies)
load more comments (10 replies)