If anything happen to Linux today, like what happened to Windows, most of the internet would be dead.
If anything happen to Linux today, like what happened to Windows, most of the internet would be dead.
And keep in mind, the falcon sensor exists for Linux. All those big companies largely use it.
Essentially we just got lucky that their buggy patch only affected the windows version of the sensor in a showstopping way. Could have been all major OS.
I don't think the Linux culture is very similar to the windows culture. At least for me personally, I wouldn't use crowdstrike and let them install whatever they want into my environment.
Maybe it's just me.
It's not your machine, your choice of distro, or your choice of specific packages to use or not use. It's a work tool you get handed as part of a job. So whether CrowdStrike runs on it or not is not your decision and you aren't allowed (and usually not capable) to change that.
That's an entirely different situation from one where you get a PC to do with as you please and set up yourself, or a private machine.
Plus we're mostly talking endpoint devices for non-technical users with many of these difficult-to-fix devices as techs have to drive out to them. The users expect a tool, and they get a tool. A Linux would be customized and utterly locked down, and part of that would be the endpoint protection software.
Essentially no one has crowdstrike on their personal machines. Not Windows users, Mac users, or Linux users. So it's corporate/large organization culture that matters. And they absolutely use it.
Welcome to the world of big retailers! They would rather run Linux with crowdstrike than make their own system.
This mastodon user claims otherwise:
That's only true if you run falcon-sensor in ebpf and not kmod mode.
Yep I know
The issuw didn't affect Linux and macOS systems with Crowdstrike Falcon installed, though, only Windows systems.
On Windows, booting into Safe Mode and removing
C:\Windows\System32\Drivers het bestand C-00000291*.systemporarily solves the BSOD issue, as well.
Then the internet would blame it all on Linux.
However, the recovery process would be much faster. The Linux kernel would try to load the kernel module and if it fails it would skip it.
Don't forget that ftp.cdrom.com , the biggest server on the Internet at it's peak, was running on FreeBSD.
This already happens any time the domain name servers go down: https://techcrunch.com/2022/06/20/cloudflare-outage-knocks-popular-services-offline/
2038 is the next big thing to hit older *nix based OS. It will be Y2K all over again.
Maybe on my 32-bit ARM server with ancient kernel it will. Any 64-bit machine is immune.
...unless it's running software that uses signed 32-bit timestamps, or stores data using that format.
The point about the "millennium bug" was that it was a category of problems that required (hundreds of) thousands of fixes. It didn't matter if your OS was immune, because the OS isn't where the value is.
Probably not. Most Linux admins know their systems and are able to navigate out of the situation with ease. But also most people don't use any corporate off-the-shelf software, because there are better options that are freely available.
Furthermore a Linux installation is dedicated and slim for one single purpose. The flexibility creates diversity.
Are you implying that Windows server admins don't know their shit?
I've scene some supposedly 20 year veterans who don't know the architecture of AD
Not to say that is all of them but I've scene some who really can't do anything outside of click some buttons.
I think the shower thought is centered around IF a ubiquitous bug that required physical access to the machine to resolve occurred simultaneously across all Linux machines.
If you couldn't remotely resolve the issues, regardless of your competence, simply the WALK to each machine and hooking up a KVM to each one would take a long time.
Connect to your hypervisor remotely, pray it uses something like bhyve/FreeBSD
There won't be such case is my argument. No one patches a system "for fun" and automatically there except they really set it up like that. It would be only one kind of a case in one company.
Furthermore, you cannot compare Linux systems. A modem firmware with busybox is not the same as a Debian PC desktop. It works differently and has only the kernel in common. And in both cases they aren't patched at the same time. They are not even the same version, hell not even the same platform.
E.a. nothing will ever break like this. If it does, it will be one single case of a single IT department.
This combination of arrogance and complacency sort of thinking is how it does happen on Linux one day.
Linux also isn't as popular on the desktop or end user devices
Doubtful. By far, most servers responsible for Internet traffic are not running crowdstrike software.
This incident was a bunch of fortune 500 companies caught with their pants down.
If all of the parts of the internet that the average person finds useful goes down, then it matters little that technically "the internet" is not down. If it can't be useful then it is as good as "down".
The end is nigh, I tell you!