Comment on To what extent, if at all, would have CrowdStrike's faulty update have been made easier to deal with with an immutable distro?
I did hear that one of their newer versions does use eBPF, but I haven’t even remotely looked into it.
nondeterministic.computer/…/112816011370924959
They do have a bpf sensor. It’s still shite, managing to periodically peg a CPU core on an idle system. They just lifted and shifted their legacy code into the bpf sensor, they don’t actually make good use of eBPF capabilities.
lemmyng@lemmy.ca 3 months ago
They do have a bpf sensor. It’s still shite, managing to periodically peg a CPU core on an idle system. They just lifted and shifted their legacy code into the bpf sensor, they don’t actually make good use of eBPF capabilities.