Things that piss you off that shouldn't

[limpid]

1 hour ago, Davkaus said:

FWIW, there isn't *really* a requirement to use third parties, Windows Defender tends to perform fairly well, but isn't considered "best of breed" like Cloudstrike is (or used to be). Microsoft would (and have) point out that the reason that this issue surfaced and was as catastrophic a failure is because their agreement with the EU during an anti-trust dispute compelled them to open up the kernel to allow third party security services the same access as Microsoft has.

Windows Defender might be nearly adequate for home users. It's not remotely fit for corporate use. You also need to perform device management, patch management, remote management, credential management, configuration management, remote access, device isolation, behaviour detection, application monitoring. All these should be baked in or at least as presented as API hooks. If the hooks are present they can be coded defensively to prevent incidents like what occurred.

The kernel level access is a red herring. The whole of the Linux (and therefore Android, ChromeOS) kernels are open source. The device management on ChromeOS is excellent, but is almost irrelevant in a world where you only need to secure browser sessions. Access context and Identity are the keys.

At work we have now removed all user devices from the corporate network. I'm currently counting down the days until the legacy VPN is gone (I suspect these events will help accelerate that move). Next major step will be the removal of passwords as credentials, but that'll take a few years to age out some of the suppliers.

[limpid]

1 hour ago, Davkaus said:

Perhaps part of the post-mortem of this should be why Windows doesn't have the kind of A/B upgrade/rollback mechanism for its Kernel that some alternatives such as Solaris have had for 15-20 years, I understand that Bitlocker also played its part in making the recovery far more difficult, so perhaps they deserve a bit of the blame, but certainly not the majority, IMO

Absolutely. Although I'd argue almost all users do not need anything as complicated as a Windows install to run a browser.

[bielesibub]

2 hours ago, Davkaus said:

exposes a complete lack of quality assurance that is all too typical of some organisations' "move fast and break things" mindset

"Fix forward" - yeeeeeeeee-haaaaaaaawwwwwwwww

The amount of times I was directly involved in deployments to live systems was criminal. I was the architect for the most part, not the integrator.

[Davkaus]

7 minutes ago, limpid said:

 

The kernel level access is a red herring. The whole of the Linux (and therefore Android, ChromeOS) kernels are open source. The device management on ChromeOS is excellent, but is almost irrelevant in a world where you only need to secure browser sessions. Access context and Identity are the keys.

 

Not sure it being open source makes much of a difference as Cloudstrike managed to introduce two widespread kernel panics in as many months

Given they'd been able to create a fairly similar outcome on Linux just to a far smaller number of users, is there any compelling reason to believe that if linux endpoints had the same market share as Windows has, that Cloudstrike wouldn't have shit the bed just as spectacularly? 

Quote

It's not remotely fit for corporate use. You also need to perform device management, patch management, remote management, credential management, configuration management, remote access, device isolation, behaviour detection, application monitoring

Fair point, I was only considering the more basic endpoint security. Which distros bake all of this in without third party tools? 

[chrisp65]

Sometimes the backspace key on this aftermarket keyboard just won’t work and it takes me ages to respond on VT because I can see an error but it won’t let me go back and fix it.

Extrapolating that across the planet, I can see how much of a nuisance this cloud patch thing could be for people.

 

 

 

[Seat68]

I spent Friday working for a charity (do a lot of great work for charity, dont like to talk about it) The system I would normally be working on was down, a whole day bloody wasted in some bloody charity when I could have been chilling in the garden

[limpid]

30 minutes ago, Davkaus said:

Not sure it being open source makes much of a difference as Cloudstrike managed to introduce two widespread kernel panics in as many months

Given they'd been able to create a fairly similar outcome on Linux just to a far smaller number of users, is there any compelling reason to believe that if linux endpoints had the same market share as Windows has, that Cloudstrike wouldn't have shit the bed just as spectacularly? 

That's why I said it was a red herring

31 minutes ago, Davkaus said:

Fair point, I was only considering the more basic endpoint security. Which distros bake all of this in without third party tools? 

ChromeOS.

[sidcow]

I wonder how many times before this COULD have happened but the unchecked untested software didn't contain any rogue coding. 

Would be interesting to know how often they've got away with before making this an almost inevitability. 

[lapal_fan]

I hate it when I accidentally go on tech nerds websites.

 

OH THAT'S RIGHT, I DIDN'T.  THIS IS VILLA TALK YOU GEEKY BASTARDS.

And you had the audacity to remove our lovely ladies thread.  FOR SHAME.

We deserve everything.

[limpid]

1 minute ago, lapal_fan said:

I hate it when I accidentally go on tech nerds websites.

 

OH THAT'S RIGHT, I DIDN'T.  THIS IS VILLA TALK YOU GEEKY BASTARDS.

And you had the audacity to remove our lovely ladies thread.  FOR SHAME.

We deserve everything.

You deserve a gold lion under your name. You should sort that out.

[lapal_fan]

7 minutes ago, limpid said:

You deserve a gold lion under your name. You should sort that out.

Do you accept sexual favours as bribes?

 

@Paddywhack gives a wicked ZJ.

 

Someone (WHO IS NOT ME!) told me.

Edited July 22 by lapal_fan

[limpid]

11 minutes ago, lapal_fan said:

Do you accept sexual favours as bribes?

 

@Paddywhack gives a wicked ZJ.

 

Someone (WHO IS NOT ME!) told me.

If you can cram one into the payment page, I'm sure that'll be fine.

[rodders0223]

Bought a chicken tikka pasta from the local corner shop fridge. I had one bite and can still taste that shit hours later.

[BOF]

1 minute ago, rodders0223 said:

Bought a chicken tikka pasta from the local corner shop fridge. I had one bite and can still taste that shit hours later.

That reminds me of what must be the most indecisive meal I've ever seen on a menu. A surf & turf pizza. For the person who simply can't make any decision.

[Genie]

11 hours ago, Genie said:

45 minutes till the taxi picks us up to go to the airport I see an email from Tui cancelling our flight FFS.

Delayed until at least tomorrow but told to wait for further info. Relates to the crowdstrike failure.  

Booked to go tomorrow morning, it’s now just a 6 night holiday. We could have cancelled or rebooked with an extra 10% credit on top of what we paid but happy to go with 6 nights (and a refund of 1/7 of the price) as it’s just too much hassle to rebook both our work holidays, get the dog rebooked into kennels etc.

I doubt we’ll get the compensation for flight delays as they’ll argue it’s out of their hands but I might try my luck when we get back. If so I think it would be £520 each (x4).

[colhint]

Bleeding Twitter or X. It asked to confirm my birthdate. It won't let me key it in it'll only let me flip back month by month. I'm over 65, itll take sodding ages. I only use it when someone posts something with a tweet on it.

[one_ian_taylor]

17 hours ago, rodders0223 said:

Bought a chicken tikka pasta from the local corner shop fridge. I had one bite and can still taste that shit hours later.

Yes, but how did the pasta taste?

[limpid]

1 hour ago, colhint said:

Bleeding Twitter or X. It asked to confirm my birthdate. It won't let me key it in it'll only let me flip back month by month. I'm over 65, itll take sodding ages. I only use it when someone posts something with a tweet on it.

Why would you use your real DoB? Twitter has leaked personal data even when it was owned by competent people.

[colhint]

Good point never thought of that.

[ender4]

2 hours ago, colhint said:

Bleeding Twitter or X. It asked to confirm my birthdate. It won't let me key it in it'll only let me flip back month by month. I'm over 65, itll take sodding ages. I only use it when someone posts something with a tweet on it.

Even worse, i didn't want to give my real birthday so just quickly picked at random. I seem to have selected a date which meant i'm under-age for their T&C's so they blocked my account.  I've then tried to change the DOB to something older and they want me to send them a copy of my passport or driving licence. 

Seeing i only used it to click on links embedded in VT,  i think they've just lost a viewer/clicker for life.