Comment on Windows 3.1 saves the day during CrowdStrike outage — Southwest Airlines scrapes by with archaic OS
btaf45@lemmy.world 3 months ago
Everything we know about this is that it was a disaster waiting to happen. Why the heck aren’t the airlines using Linux instead of Windows for critical stuff? How about something like…Chrome OS? Then you don’t need CrowdStrike because your OS is already secure because of the built in VMs and because it is Linux. Pay google for support and no updates unless there is something critical.
The disaster likely happened because Crowdstrike didn’t do any phased rollouts or testing, which would have picked up a glitch like these before it could brick countless millions of systems. Blaming Microsoft for what is most likely gross negligence from a major cybersecurity firm is downright disingenuous.
Also, recommending an overglorified web browser baked into an OS which can only run web and Android applications to run critical infrastructure is downright laughable.
blaming Microsoft
I’m not blaming Microsoft. I am blaming companies for using Microsoft for critical systems.
Also, recommending an overglorified web browser baked into an OS which can only run web and Android applications to run critical infrastructure is downright laughable,
You not understanding that ChromeOS is a highly secure Linux computer is that can run any Linux program is downright laughable ignorance.
ESPECIALLY when Google are known for their downright nonexistent customer support.
Their software is way too widely used to provide you with free customer support. Microsoft is no different.
areyouevenreal@lemm.ee 3 months ago
Mainly people are down voting you because Linux had also been affected by Crowdstrike before. Only a few months ago at that. There aren’t any more defenses in Linux systems against this kind of problem than there are in Windows ones. This isn’t even strictly speaking a security issue either. It’s more like a bug in critical software that just happens to be security related. It’s a bit like when that Grub update broke some people’s arch setups.
btaf45@lemmy.world 3 months ago
It’s not that Linux can’t have security problems. I still remember the very first internet virus in 1987 that traveled thru Unix machines. But Windows is the worst OS for critical systems precisely because it is the most common OS. Anything is better than windows. Also, Chrome OS in particular has VMs instead of other VMs. It really is designed to be much more secure than Windows.
areyouevenreal@lemm.ee 3 months ago
Not really. Linux is used for critical servers everywhere. No reason to update it less often.
This isn’t a hacking attempt. It’s not a security breach. None of the “Windows is more common” stuff is actually valid in this case. The fact it’s not actually true is even more funny. When it comes to servers and smartphones, and the total number of devices in general, Linux outnumbers Windows. Linux isn’t actually niche in the slightest, only purists running Arch or Ubuntu think that because they ignore any Linux they don’t like, like Android.
You also don’t understand anything about ChromeOS security either. They don’t use VMs for system security. Early Chromebooks actually had virtualization disabled! Sandboxing and virtualization aren’t the same thing. The reason it’s secure is largely because it can’t do anything, it uses an a/b root system, and it has secure boot by default. It’s not that fancy anymore.
Chrome the web browser also has sandboxing on Windows, and modern Windows uses secure boot. Edge and Chrome have the same foundation btw. What it’s missing is the immutable a/b root system, and the fact Windows allows running arbitrary executables when ChromeOS doesn’t. There are actually tools for making Windows immutable, and with group policy or things like S mode you can restrict who can run what executables. Meaning with the right settings it’s almost as secure as ChromeOS. Even more funny Windows actually does use virtualization based security. So you have that backwards too.
Stop talking about shit you don’t understand and learn about it instead.
btaf45@lemmy.world 3 months ago
No but it is the result of trying to stop hacking attempts.
They do. A major reason they use them is to make ChromeOS way more secure than windows.
It’s fragmented. There is no single version
Stop being a jackass and learn to communicate in civilized fashion.
Companies don’t run windows in S mode and every OS has group security.
When I learned that companies are actually letting Cloudstrike download the equivalent of KERNAL MODE code into their critical systems I was dumbfounded. Who could have possibly thought that was a good idea? This was absolutely a disaster that was just waiting to happen.