this post was submitted on 23 Jul 2024
61 points (100.0% liked)
TechTakes
1435 readers
120 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
yup.
also: it was microsoft's business decision to make the api required for av (or, more general security subsystems) to function so low-level that it has to be delivered as a kernel driver and operate in ring0. i guess it's primarily for the performance reasons, but still, there are other technical options. someone made the executive decision there.
on the other hand, it was crowdstrike's business decision to make the bloody update parser run in ring0, and without verification that the update data is correct, nobody forced them to do it that way.
let them both burn.