Comment on Microsoft points finger at the EU for not being able to lock down Windows
OfCourseNot@fedia.io 1 month agoHard to say yet, if Microsoft is responsible or not. The thing is they certified it, as a stable and tested driver. But it isn't just a driver, but an interpreter/loader that loads code at runtime and executes it. In kernel mode. If Microsoft knew this they're definitely responsible for certifying it, but maybe crowdstrike hid this behavior until it was deployed to the customers.
zewm@lemmy.world 1 month ago
It was my understanding that this wasn’t certified. Crowdstrike circumvented the signing process.
Railcar8095@lemm.ee 1 month ago
The driver was signed, the issue was with a configuration file for that’s not part of the driver.
cheddar@programming.dev 1 month ago
A configuration file shouldn’t crash the kernel. I don’t understand how this solution could pass the certification. I don’t know the criteria of course, but on the surface it sounds like Crowdstrike created a workaround, and Microsoft missed or allowed it.
Morphit@feddit.uk 1 month ago
How would you prove that no input exists that could crash a piece of code? The potential search space is enormous. Microsoft can’t prevent drivers from accepting external input, so there’s always a risk that something could trigger an undetected error in the code. Microsoft certainly ought to be fuzz testing drivers it certifies but that will only catch low hanging fruit. Unless they can see the source code, it’s hard to determine for sure that there are no memory safety bugs.
The driver developers are the ones with the source code and should have been using analysis tools to find these kinds of memory safety errors. Or they could have written it in a memory safe language like Rust.
Railcar8095@lemm.ee 1 month ago
AFAIK, blue screen doesn’t mean kernel crash. Hell, windows crashing isn’t even rare.
Certification doesn’t mean it has Microsoft seal of approval either, only that it comes from a certified and approved vendor, with some checks at best.
Config files are not part of the driver, ever. How do you think you can change the settings of you GPU without asking Microsoft?
But hey, if you are so willing to blame Microsoft for the one time it’s not their fault, may I talk to you about our Lord Savior Linux? In my office we only knew because of the memes.
mriguy@lemmy.world 1 month ago
Maybe it should be. At least part of the package that’s signed.