Let's cut the bullshit and spell out a few things. The IT security industry is about as trustworthy as the food supplement and vitamin industry, but somehow they escaped the same reputation. Their products are overwhelmingly based on flawed ideas, and the quality of their software is exceptionally bad. And while not everyone will agree with the harshness of my words, I'll say this: Essentially everyone in IT security who knows anything in principle knows this.
Conversation
Notices
-
Embed this notice
hanno (hanno@mastodon.social)'s status on Friday, 19-Jul-2024 21:23:30 JST 
hanno
-
Embed this notice
Jake Hildreth (acorn) :blacker_heart_outline: (horse@infosec.exchange)'s status on Saturday, 20-Jul-2024 03:19:43 JST 
Jake Hildreth (acorn) :blacker_heart_outline:
@MarvinFreeman @Ash_Crow @HugeGameArtGD @szbalint @hanno It’s not packaged with or pushed by MS; it’s just the best EDR.
-
Embed this notice
Ash_Crow (ash_crow@mastodon.social)'s status on Saturday, 20-Jul-2024 03:19:44 JST 
Ash_Crow
@HugeGameArtGD @szbalint @hanno it's still caused by a third party software. Had they broken their Linux updater instead of the Windows one, we would get kernel error screens.
-
Embed this notice
MarvinFreeman (marvinfreeman@mastodon.online)'s status on Saturday, 20-Jul-2024 03:19:44 JST 
MarvinFreeman
@Ash_Crow @HugeGameArtGD @szbalint @hanno Serious question: Why is #cloudstrike deployed almost everywhere with windows? Is it pushed by MS? Or recommended? Or packaged with MS products?
-
Embed this notice
LinuxUserGD (hugegameartgd@mastodon.gamedev.place)'s status on Saturday, 20-Jul-2024 03:19:45 JST 
LinuxUserGD
@szbalint @hanno Seems to be technically right because the BSOD is a Microsoft Windows outage
-
Embed this notice
Bálint Szilakszi (szbalint@x0r.be)'s status on Saturday, 20-Jul-2024 03:19:46 JST 
Bálint Szilakszi
@hanno not if major news orgs don’t even get the company name right:
-
Embed this notice
hanno (hanno@mastodon.social)'s status on Saturday, 20-Jul-2024 03:19:47 JST
hanno
Honestly, if we could get that one basic message out, that if their IT security is based on more complexity, not less, that they're doing it wrong, maybe we could start putting crap companies like crowdstrike or citrix out of business.
-
Embed this notice
hanno (hanno@mastodon.social)'s status on Saturday, 20-Jul-2024 03:19:47 JST
hanno
I'm mentioning citrix specifically because it really boggles my mind how they can be still in business. In case you don't remember, there were countless gov entities, hospitals, and what not, hacked in 2020, due to a really epic fuckup by citrix. It was a flaw they knew about, and hadn't provided a fix, only an unreliable workaround that sometimes didn't work.
-
Embed this notice
hanno (hanno@mastodon.social)'s status on Saturday, 20-Jul-2024 03:19:47 JST
hanno
Actually, the value of Citrix rose after that: https://www.marketscreener.com/quote/stock/CITRIX-SYSTEMS-INC-4863/ These things have no consequences for these companies, it's a completely broken market. I'm reading news that crowdstrike's value dropped, I have doubts that this will be permanent.
-
Embed this notice
hanno (hanno@mastodon.social)'s status on Saturday, 20-Jul-2024 03:19:48 JST
hanno
Their products are flawed not just because they're badly implemented - which they are - but because they are based on a stupid idea. The idea that you improve your IT security by adding more complexity. Doing the opposite is the right approach. But you can't sell that as a product. (You can still sell it, but it's not something you just plug into your network and get security magically.)
Blaise Pabón - controlpl4n3 repeated this.
-
Embed this notice
All GNU social JP content and data are available under the