Right. I thought the "big guys" know better and they have some processes to vet ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		AndriyKunitsyn on July 19, 2024 \| parent \| context \| favorite \| on: CrowdStrike Update: Windows Bluescreen and Boot Lo... Right. I thought the "big guys" know better and they have some processes to vet Crowdstrike updates. Maybe even if they don't get its source code, they at least have a separate server that manages the updates, like Microsoft's WSUS. But no, they are okay with a black box that calls home and they give it kernel access to their machines. What?

teeheelol on July 19, 2024 [–]

We do that. CS literally entirely pushed this over our staging system and straight into production.

grishka on July 19, 2024 | [–]

Why did they have the technical means to do so?

teeheelol on July 19, 2024 | | [–]

Because our security guys are fuckwits.

(I am operations management and fought against this product and approach for months)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact