825

Single point of failrule (lemmy.blahaj.zone)

submitted 7 months ago by nicknonya@lemmy.blahaj.zone to c/196@lemmy.blahaj.zone

52 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] Technus@lemmy.zip 21 points 7 months ago* (last edited 7 months ago)

Strictly speaking, it's not anti-virus software. It's not designed to prevent malicious software from running or remove it. It's just monitoring for behavior that looks malicious so it can notify the system administrator and they can take manual action.

Most of the actual proprietary value, ironically enough, is in data files like the one that broke it. Those specify the patterns of behavior that the software is looking for. The software itself just reads those files and looks at the things they tell it to. But that's where the bug was: in the code that reads the files.

[-] Hildegarde@lemmy.world 7 points 7 months ago

I wouldn't call it a bug.

Any software running in kernel mode needs to be designed very carefully, because any error will crash the entire system.

The software is risky because it needs to run in kernel mode to monitor the entire system, but it also needs to run unsigned code to be up to date with new threats as they are discovered.

The software should have been designed to verify that the files are valid, before running them. Whatever sanity checks they might have done on the files, it clearly wasn't thorough enough.

From my reading, this wasn't an unforeseeable bug, but a known risk that was not properly designed around.

[-] driving_crooner@lemmy.eco.br 2 points 7 months ago

Bet they use it to spy on workers looking for "slacker behavior".

[-] Technus@lemmy.zip 3 points 7 months ago

It's installed mainly on servers which is why it broke everything on Friday.

[-] driving_crooner@lemmy.eco.br 1 points 7 months ago

It's still run on pcs, at least is in mine.

this post was submitted on 22 Jul 2024

825 points (100.0% liked)

196

17057 readers

1071 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

Other rules

Behavior rules:

No bigotry (transphobia, racism, etc…)
No genocide denial
No support for authoritarian behaviour (incl. Tankies)
No namecalling
Accounts from lemmygrad.ml, threads.net, or hexbear.net are held to higher standards
Other things seen as cleary bad

Posting rules:

No AI generated content (DALL-E etc…)
No advertisements
No gore / violence
Mutual aid posts require verification from the mods first

NSFW: NSFW content is permitted but it must be tagged and have content warnings. Anything that doesn't adhere to this will be removed. Content warnings should be added like: [penis], [explicit description of sex]. Non-sexualized breasts of any gender are not considered inappropriate and therefore do not need to be blurred/tagged.

If you have any questions, feel free to contact us on our matrix channel or email.

Other 196's:

founded 2 years ago

MODERATORS

moss@lemmy.blahaj.zone

greembow@lemmy.blahaj.zone

moss@lemmy.world

queue@beehaw.org

funky_rodent@lemmy.blahaj.zone

PeachyMcPeachface@lemmy.blahaj.zone

threegnomes@lemmy.blahaj.zone

greembow@lemmy.world