161
        you are viewing a single comment's thread
view the rest of the comments
    
  
  
    view the rest of the comments
        this post was submitted on 20 Jul 2024
        
  
      
  
      161 points (100.0% liked)
      Asklemmy
    50995 readers
  
      
      812 users here now
  
      A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
        founded 6 years ago
      
  
  
      MODERATORS
      
  
    
Drivers usually run in kernel space, where a crash can bring the whole system down. This is not exclusive to Windows
Yes but only in Windows land do you see jillions of (proprietary) drivers made by 3rd parties. Many of which self-update.
This isn't a driver. It's anti-malware. Nobody on Linux puts such software in kernel space (as far as I'm aware). Root service? maybe, but that's still a user-space process.
It is a driver though, it runs at kernel level and intercepts system calls for logging, analysis, and potential blocking if malware type patterns are detected in the system calls.
Falcon Sensor is also being distributed for RHEL and Debian, and it caused issues there too.
https://www.neowin.net/news/crowdstrike-broke-debian-and-rocky-linux-months-ago-but-no-one-noticed/