Comment on To what extent, if at all, would have CrowdStrike's faulty update have been made easier to deal with with an immutable distro?

lemmyng@lemmy.ca ⁨3⁩ ⁨months⁩ ago

If the sensor was using eBPF (as any modern sensor on Linux should) then the faulty update would have made the sensor crash, but the system would still be stable. But CrowdStrike has a long history of using stupid forms of integration, so I wouldn’t put it past them to also load a kernel module that fucks things up unless it’s blacklisted in the bootloader. Fortunately that kind of recovery is, if not routine, at least well documented and standardized.

source
Sort:hotnewtop