On Thu, 1 Aug 2024 08:38:20 +0100, Robert Carnegie
<
rja.carnegie@gmail.com> wrote:
On 27/07/2024 01:30, Lynn McGuire wrote:
On 7/23/2024 11:27 AM, Paul S Person wrote:
On Tue, 23 Jul 2024 07:56:32 -0000 (UTC), Charles Packer
<mailbox@cpacker.org> wrote:
>
On Mon, 22 Jul 2024 16:01:25 -0500, Lynn McGuire wrote:
>
xkcd: CrowdStrike
https://www.xkcd.com/2961/
>
Make the best of bad times.
>
Explained at:
https://www.explainxkcd.com/wiki/index.php/2961:_CrowdStrike
>
Lynn
>
Was anybody here affected by the CrowdStrike Thing?
My nephew's wife flew to Europe that day without incident.
>
Not here. But then, I don't do that much on the Web. And I use Windows
10's security, which was not affected.
>
I saw an article where Microsoft was blaming the EU for forcing them
to allow 3rd-party access to the Kernal, which they claim is what
enabled the update to do bad things. If that is true, they may have a
point.
Microsoft wants to make future CrowdStrike outages impossible, and it
could mean big changes for security software:
https://www.windowscentral.com/software-apps/windows-11/microsoft-wants-to-make-future-crowdstrike-outages-impossible-and-it-could-mean-big-changes-for-security-software
Microsoft appears to want to shift away from security software having
kernel access on Windows 11, though the company hasnt said that outright.
Sounds like a good idea. And fix all of the other kernel holes while
they are at it.
>
Rather, Microsoft wants its kernel holes and
any antivirus capability to be legally Microsoft
property, and secret. In software that everybody
has. So that won't work. I am not saying that
Crowdstrike doesn't have work to do. In a Microsoft
word, you will have only Windows Defender, and
they'll charge.
Alternate antivirus programs existed /long/ before the EU forced
Microsoft to expose the kernal.
In fact, non-Microsoft antivirus programs existed for Windows NT 4 (at
least) /before/ Microsoft decided to write its own. Or acquire it by
buying out some hapless company, something they used to be infamous
for.
The EU's beef, essentially, was that Windows Defender had become so
competent [1] that, if it was provided with Windows, there would be no
reason to replace it, thus reducing the other vendors to the status of
buggy-whip manufacturers.
But that is an interesting dilemma: is Microsoft being monopolistic
when it pushes its own software which is not part of the OS? Or have
things simply advanced to the point that, to be credible, an OS /must/
provide security, including antivirus security?
Which is, I suppose, a form of the philosophical question: just where
/is/ the boundary between "OS" and everything else?
[1] When it first came out, the existing antivirus programs had no
trouble competing because they had many more features and
capabilitiies. And said so in their advertising [2]. This made paying
for using them make sense. But Windows Defender eventually achieved
the status of "good enough", and it made less sense to pay for
something you could get for free.
[2] Which sometimes got a bit ... wild. One asserted that it updated
its virus signature files every morning, but only when the computer
was not in use. Experience showed that it, in fact, /waited/ until the
user was heavily involved in using the computer and /then/ updated so
aggressively that everything else crawled to a halt. This experience
(software does the exact opposite of what it is supposed to do) is
not, of course, unique to antivirus programs. And, of course, Windows
10 has been known to do the same thing, from time to time (as opposed
to every single day in the case of the antivirus program).
-- "Here lies the Tuscan poet Aretino,Who evil spoke of everyone but God,Giving as his excuse, 'I never knew him.'"