Airlines relying on Windows.
Sometimes I do feel afraid.
Dude, every bit of critical infrastructure around you is running Windows XP and McAfee ePO. The shit hidden in segregated control networks would make a security researcher from 2009 cringe.
I just did a fresh install of Windows 7 this week.
Whoa! Slow down! Does the plant manager know you’re on the bleeding edge?
Don’t worry, it was 32-bit.
Where I live infrastructure is actually a bit more modern, but I have seen Windows XP, 2003, 2008 very recently too.
Can confirm. I’ve already heard from one of my team’s members from 2005.
Fucking ENS
Clearly didn’t resolve it that well considering that most of a continent is out now
Edit: world, not continent now
I am thrilled right now that our company only started relying on cloud resources a few years ago and still don’t use services like this… I hope this is a wake-up call to them, so we never use something like this. I know the execs finally realized the cloud is not cost effective, and I hope we keep it a mixed bag instead of going in fully. I have been in IT for 18 years now, and thankfully, I have never had to deal with a disaster like this. Another close call was outsourcing our IT service desk to a company, and they wanted us to put agents on our pc’s so they could do their job easier. Luckily, our network team said absolutely not. Sure enough, that same year at Christmas time, they got hit with a crypto attack, and instead of having to deal with the agents, we just shut down the tunnel, and we’re fine. A lot of their clients were not so lucky. Screw the cloud and 3rd party services… it doesn’t save what you think, and you get poor services in return a lot of the time.
Time to switch to alternatives
It isn’t a Microsoft issue in the first place. Doesn’t mean switching to alternatives isn’t a good idea, but this one isn’t on them for a change.
It’s an argument for decentralization. An argument that won’t be heeded.
Monocultures are like this, yes. The reason bananas are less tasty than they were 100 years ago.
In a way it is a Microsoft problem. Windows can’t handle live updates to the system like Linux can. Security updates mean downtime to be scheduled. So they need a program to do security, so CrowdStrike comes in to do security for these companies since Microsoft can’t protect them. And mistakes happen.
Ah so it’s a linux problem when the gpu driver causes instability, cause NVidia is making a shitty and proprietary linux driver and the market share is too small to warrant putting more effort in. Linux doesn’t have it’s own fully-featured graphics driver, so that company has to come in and provide their own since linux can’t supply it. And mistakes happen. Roughly the same logic.
That’s not linux fault. Neither is it Microsofts fault when a company selling a security product decides it has to run in kernel mode and then they don’t properly test a release and just decide to yolo it.
Yes. You’re right. All OSs have their faults. But this is one of window’s faults.
But this is a Microsoft problem mostly because all the news reports are saying it is.
Anyone in Microsoft sales or marketing is going to have a tough time for a while.
You know the kind of companies that do this nonsense on windows have the same incentives and give the same access to third party “security” tools on Linux?
Windows sucks. But the fact that it’s windows they broke is dumb luck.
Security definition updates can be installed without rebooting.
And Crowdstrike is a more advanced system compared to normal antivirus you would use at home. It’s an endpoint protection system that does more than scan for viruses.
Microsoft offers their own alternative called Microsoft Defender for Endpoint.
Both Crowdstrike and Microsoft Defender for Endpoint are available on Windows, MacOS, and Linux.
Incidentally CrowdStrike has a Linux agent and my previous company was pushing us to install it to check another box on their Cyberliability insurance form. So this could just as easy happen there too.
Alternatives😏
Security software is by and large theatre. There I said it.
Install TempleOS in your production environment I guarantee no one is writing viruses for that lol