the good news is that it does make windows more secure. you cant hack something that has crashed.
Remember guys, it took about a decade for Solar Winds to discover somebody had root access to everybody that used their software, another decade for somebody outside Solar Winds to discover it and tell everybody, and half a decade with nobody claiming to have solved the issue up to now.
So when you believe that your computer with an EDS is safe just because you can't use it, think again.
The most secure computer is the one not running any software. That's why I recommend Crowdstrike.
The fact that random companies like Crowdstrike have kernel drivers in millions of computers they they ship remotely is a security risk in and of itself. We're lucky crowdstrike just shipped a bug that crashes computers, other companies could have shipped a lot worse.
other companies could have shipped a lot worse.
other ~~companies~~ governments could have shipped a lot worse.
FTFY
other ~~companies~~ governments ~~could have~~ may have already shipped a lot worse.
FTFY (high five!)
I'd swap may out for probably TBH.
I really don't want to be the guy responsible for this fuck up
For a company this big it would also have to have gotten past a code review and QA team, right? ... right? ...
Of course, of course. This is how these things are always done.
I like how they kept on pushing the update for hours
Yeah, something this big is absolutely not one engineer's fault. Even if that engineer maliciously pushed an update, it's not their fault
it was a complete failure of the organization, and one person having the ability to wreck havoc like this is the failure.
And I actually have some amount of hope that, in this case, it is being recognized as such.
This is an industry wide issue. This is just the first symptom.
Yeah and that means they won't nail some poor schmuck to the wall over this?
The problem is the blind trust of these "vendors"
Decentralize control
Centralize control in house.
Compared to the status quo, that's much more decentralized.
Also: don't trust your employees to boot into safe mode.
Trust a 3rd party to freely install system level files at any time.
I knew how to fix the computers at work today in the morning, but we couldn't get through to the help desk to get the bit locker codes for each computer until near the end of the day.
I'm pretty sure Windows is plenty secure. It isn't private or usercentric but of on a security perspective it isn't bad.
Linux has plenty of security problems just like any OS
Defending Windows in a linux memes community.
That's a bold move cotton, let's see how that works out for 'em
They stop breaches if nothing's turned on. Roll safe (mode)
Sometimes you have to learn the hard way...
Ha guess why I'm on lemmy right now.
Unfortunately, heads are going to roll, and it’ll probably be the little guy who gets the blame.
I'm actually curious to know, how is Linux inherently more secure than windows?
Few things, in rough order:
Smaller = less attack surface. You can strip a Linux OS down to only what is needed.
Open source, so it's can be peered review. There are Unix distros like OpenBSD, that share lot of user space component options, where auditing is a big thing. The whole sunlight and oxygen stops things festering as much. As abosed to things locked in a box in another box down in a cellar.
Open source transparency forces corporates to be better. We can see what they are and aren't doing.
Diversity. The is no "Linux", it's a ecosystem of Linux distros all built and configured differently, using different components. Think of Linux as just a type of base board in a sea of Unix Lego bits. There are plenty of big deployments on BSD bases that share a lot with some Linux deployments.
Unix security is simplier than Windows security, so easer to not mess up.
Its not and everyone who says it does is full of shit. The reason linux doesnt need av is that av is secretly overrated
In general it is. Opensource software has less bugs that proprietary. And even those bugs can be mitigated with hardening.
It's not, in fact out of the box Linux is SIGNIFICANTLY more insecure than windows.
The thing is, hackers and hack tool makers target the largest market segment to gain the most conversions.
Apple users used to gush about how virus proof they were until they hit decent market share, and then they got plenty of malware.
Same thing with Linux but the real difference is you need a few decades of linux experience to fix anything in a timely manner.
Linux is SIGNIFICANTLY more insecure than windows.
Absolutely not true. I assume you don't have a source for this? Besides your butt...?
UPDATE:: They did not have a source.
Sort of an aside, but I am seeing Microsoft more as a hostile entity that I need to protect myself from.
In addition to what others have said, there's the move towards containerized applications on Linux via flatpaks, immutable distributions, and snapshots/rollbacks. There are also distributions like Debian with a delayed package release schedule for added stability and security. Its my understanding that you could have an exceptionally secure, effectively trustless, Linux system beyond what is possible on Mac or Windows.
It isn't.
However security software for Linux usually doesn't operate in kernel level usually. And it doesn't brick your bios.
That being said because of how Linux works it is much more possible to safe a bricked Linux machine than a Windows machine.
MS’s built-in security platform is top tier also. Some companies like alternative products.
There is nothing Microsoft I would consider "top tier" when it comes to security.
Defender does a great job for many AV tasks. Crowdstrike does more, and protection isn't tied to windows updates.
This isn't a situation where companies just chose not to use the free item, the free item has other costs (management overhead) and is missing some features.
The best answer, of course, is to not use windows for anything that needs to be secure.
Edit: For those who think I'm wrong, cool. I'm not but you are welcome to disagree.
There is a difference between the free defender and paid for defender. If you're a home user, check out defenderui.com to get (many, not all) features that are normally limited to intune/gpo.
A full and proper deployed defender stack is very good, but in terms of management.... The approach to different os's is practically cobbled together, the webui is horrific, and it lacks some basic functionality. A problem to manage a system like this is a problem to deploy a system like this.
If you're on the free Defender level, you are not getting anywhere near the same features as falcon, there is absolutely zero question about that.
Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
sudo in Windows.Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.