Comment on CrowdStrike Isn't the Real Problem

<- View Parent
Trainguyrom@reddthat.com ⁨3⁩ ⁨months⁩ ago

Separate persistent data and operating system partitions, ensure that every local network has small pxe servers, vpned (wireguard, etc) to a cdn with your base OS deployment images, that validate images based on CA and checksum before delivering, and give every user the ability to pxe boot and redeploy the non-data partition.

At that point why not just redirect the data partition to a network share with local caching? Seems like it would simplify this setup greatly (plus makes enabling shadow copy for all users stupid easy)

source
Sort:hotnewtop