608
you are viewing a single comment's thread
view the rest of the comments
[-] aptgetrekt@sh.itjust.works 24 points 4 months ago

To be fair, kernel level access by third party software is kind of frowned upon in the Linux world. Ask any desktop Linux user how they feel about NVIDIA (the only third party kernel code an average Linux user will install) and their drivers randomly causing strange issues on their systems up to and including kernel panics compared to the experience on AMD where the driver is open and built into the kernel itself. For security software that needs low level visibility, there is eBPF, direct kernel level access isn't needed (though I believe CrowdStrike uses it, and thay actually did CrowdStrike Debian and Rocky Linux systems some time back).

MacOS blocked the majority of kernel extensions a few years ago as well.

Windows is the only OS where it has been designed in a way where kernel level access is the rule rather than the exception. So design flaws are at least partially at fault here.

[-] PrettyFlyForAFatGuy@feddit.uk 4 points 4 months ago* (last edited 4 months ago)

I'm so glad i got rid of my nvidia card. Having to reinstall the divers and kernel-headers every time my kernel updated was getting old.

[-] UndercoverUlrikHD@programming.dev 2 points 4 months ago

Heard from someone else (so take it with a grain of salt) that CrowdStrike and/or similar companies threatened Microsoft with an antitrust suit when Microsoft tried to force them to use an API instead of working directly with the kernel.

[-] ElectricMoose@lemmy.world 2 points 4 months ago

The opinion of Linux desktop users (or any users really) do not count in the enterprise world. Somehow, if management bought in on the Crowdstrike rootkit bandwagon, you'll see it on corporate hardware. It doesn't matter if it's a bad plan; it doesn't matter if it gives an American company a backdoor to all you infrastructure; if the CISO decides everyone gets it, everyone get it.

The only thing you can really do as a lowly employee is keep any such device away from any personal info or network as if it's infected by malware (which I would argue is exactly what it is).

this post was submitted on 22 Jul 2024
608 points (97.9% liked)

Programmer Humor

32586 readers
1092 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS