1280
Malware As A Service
(sh.itjust.works)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 19 Jul 2024
1280 points (99.4% liked)
Programmer Humor
19207 readers
1348 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 1 year ago
MODERATORS
Maybe this is a case of hindsight being 20/20 but wouldn't they have caught this if they tried pushing the file to a test machine first?
It's not hindsight, it's common sense. It's gross negligence on CS's part 100%
Well, it is hindsight 20/20... But also, it's a lesson many people have already learned. There's a reason people use canary deployments lol. Learning from other people's failures is important. So I agree, they should've seen the possibility.
I saw one rumor where they uploaded a gibberish file for some reason. In another, there was a Windows update that shipped just before they uploaded their well-tested update. The first is easy to avoid with a checksum. The second...I'm not sure...maybe only allow the installation if the windows update versions match (checksum again) :D
Windows has beta channels for their updates
It's a sequence of problems that lead to this:
Many people say Microsoft are not at fault here, but I believe they share the blame, they are responsible when they actually certify the kernel drivers that get shipped to customers.