• abogical@lemmy.one
    link
    fedilink
    English
    arrow-up
    9
    ·
    5 months ago

    I don’t like the implied false dichotomy between opening up the kernel and better security. You can definitely have both. Otherwise it’s a good report.

  • GustavoM@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    3
    ·
    5 months ago

    Nah, I’d be completely fine if M$ went bankrupt and stopped developing Winblows altogether.

  • EnderMB@lemmy.world
    link
    fedilink
    arrow-up
    36
    arrow-down
    1
    ·
    5 months ago

    No. If everyone were on Linux and there was a breaking change introduced by a third-party there would be similar problems.

    The problem is that critical infrastructure isn’t treated like critical infrastructure. If something you rely on can go down due to a single point of failure, maybe don’t fucking use it?! Have backups, have systems that can replace those systems, have contingency! Slapping Windows on to a small machine and running some shitty Chromium app to work as a cash register is a fucking stupid idea when you consider that it is responsible for your whole income.

    The problem was never Windows. It was companies that were too cheap to have contingency, because an event like this was considered extraordinary and not worth investing in.

    • K4mpfie@feddit.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      5 months ago

      I mean this is sort of like what the new NIS2 Regulations tries to achieve. Make critical infrastructure producers and maintainers aware and force them to treat their infrastructure accordingly.

    • Nibodhika@lemmy.world
      link
      fedilink
      arrow-up
      4
      arrow-down
      2
      ·
      edit-2
      5 months ago

      Nope, that’s not how it works on Linux, even if someone introduced the most heinous breaking change people would just not update until things were fixed, in fact the update is unlikely to do that because things are tested before being pushed. If someone were using latest of everything by having something like a Gentoo system with everything building from git maybe that person would be affected and he would have to rollback to an earlier version and keep going for a total downtime of 1h tops, and that is if someone was using the most stupid way possible in production.

      The main reason why this will NEVER happen to a server running Linux is that updates are not automatic, i.e. they get triggered manually, so if there’s an issue upstream you don’t update, and if you encounter you rollback. The issue is not that Windows had a broken update, that can happen and it’s fine, the issue is when the OS forcefully installs that update and breaks your system without you doing anything.

      And yeah, I know what I’m talking about, I worked as a software architect for a large website for a few years and now I work as a software engineer for the servers of one of the largest online games.

      Edit: re-reading your post, I would like to ask you how would you build this critical infrastructure with Windows? Because independently of how you answer it you would have been affected by this.

      • EnderMB@lemmy.world
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        5 months ago

        That is a wild assumption with two key flaws

        1. Windows in many workplaces has updates locked down too, except in circumstances where critical security or vulnerability patches are pushed through.

        2. The same is true for many servers that run Linux.

        As someone that works on tier1 services for arguably the biggest tech company right now, that’s how it works in most of FAANG. Updates are gated, sure, but like with many things there’s a vetting process where some things that look super important and safe just slip through.

        In regards to your edit, I guess most cases are different from others, but if your entire business requires you to be able to use a machine 100% of the time then you should have the means to either use a different machine to continue transactions (ideally one with a known state that won’t change, or has been tested in the last few months). If you need to log transactions and process 24-48 hours later do that on something that’s locked down hard, with printed/hard backups if necessary.

        Ultimately, risk is always something you factor in. If you don’t care about 48 hours of downtime over several years, it’s not a huge concern. I’d probably argue that many companies lost more money during these days than they would have spent in both money and people-hours training them on a contingency system to use in case of downtime.

        • Nibodhika@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          5 months ago
          1. Who determines which security updates are critical? In windows case it’s ultimately Microsoft, if they say this update is critical it will get installed on your machines whether you like it or not.
          2. The update process in Linux needs to be triggered manually, so it’s a big difference. No one external to your company can say “that computer will get this new software NOW”, and that’s the point you’re missing.

          In answer to the other dit answer, if all of those machines are windows they were all affected by the update, so having secondary or tertiary machines is pointless because all of them failed at the same time when an external source decided to install new software on all your computers.

      • Fizz@lemmy.nz
        link
        fedilink
        arrow-up
        3
        ·
        5 months ago

        Windows updates don’t happen automatically in an Enterprise environment. They are tested and pushed out once the version is determined to be stable.

        • Nibodhika@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          They should be, but I remember reading a lot of people saying that even in enterprise environments Microsoft reserved the right to push security updates that bypassed those rules.

      • lud@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        The problem wasn’t with an update Microsoft pushed out. It was due to an update by crowdstrike which iirc ignored all settings for staged rollout (or there were no settings at all for that)

        It’s not like anyone outside Crowdstrike chooses to have these updates installed. It happened automatically with no way of stopping it.

        • Nibodhika@lemmy.world
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          5 months ago

          Yes, this specific problem wasn’t caused by Microsoft, but it was caused by the forced automatic update policy that crowdstrike has, which is the same behavior Windows has. So while this time it wasn’t Microsoft, next time it could be. And while you can prevent this from happening on your Linux box by choosing software that doesn’t do this, it’s impossible to prevent it on a Windows box because the OS itself does it.

          • lud@lemm.ee
            link
            fedilink
            arrow-up
            3
            ·
            5 months ago

            You absolutely can (and should) do staged rollout for windows updates.

            Source: We do that at work. We have 3 different patch groups. 1 “bleeding edge”, 1 delay by a day or two, and another one delayed by a bit more. This so so we can stop an update from rolling out to prod if dev breaks.

            • Nibodhika@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              5 months ago

              Correct me if I’m wrong, but others have told me that Microsoft reserves the right to push security upgrades that bypass any policy setup by the network administrator.

              • lud@lemm.ee
                link
                fedilink
                arrow-up
                1
                ·
                5 months ago

                Maybe, I’m not sure about that.

                It’s possible that there is a way to for example bypass a company’s WSUS server but I don’t know if there is such a way and I couldn’t find any obvious way when searching.

                Due to the source being hearsay I don’t really feel convinced and if I were you I wouldn’t spread such information further unless you found reliable sources first.

                I’m open to any information about it if anyone can find any reliable information like documentation or blog posts from MS employees.

                Still I highly doubt that is used often at all if it even exists. Only to be used in the absolute direst of times. I would also trust Microsoft much more in such a case that a third party like Crowdstrike.

      • MangoPenguin@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        5 months ago

        the issue is when the OS forcefully installs that update and breaks your system without you doing anything.

        The crowdstrike update was pushed out by their own software I thought, not the windows update system?

        Plus crowdstrike has caused similar issues with Linux systems before, so the solution is to just not use crowdstrike and similar solutions on any OS.

        The issue is not that Windows had a broken update, that can happen and it’s fine, the issue is when the OS forcefully installs that update and breaks your system without you doing anything.

        I would have thought most businesses with windows would do staged rollouts.

  • nexussapphire@lemm.ee
    link
    fedilink
    English
    arrow-up
    54
    arrow-down
    1
    ·
    5 months ago

    My household is a Microsoft free environment. There is no place for the royal we in this conversation.

    • leopold@lemmy.kde.social
      link
      fedilink
      arrow-up
      6
      ·
      5 months ago

      If it is a royal we, then you are excluded from the conversation and the amount of Microsoft in your household is irrelevant.

    • Shdwdrgn@mander.xyz
      link
      fedilink
      English
      arrow-up
      10
      ·
      5 months ago

      I can almost say the say thing, but I actually have a small Windows laptop dedicated to some software used for reprogramming the computer in my truck. I’ve never tried to run it under wine, so I might not need the laptop, but I very rarely use it anyway. Everything else in the house, from our android phones and tablets, to the entertainment system running from a raspberry pi, up to our laptops, desktops, and my stack of servers all run linux exclusively. Funny how they all run smoothly for years at a time.

      • nexussapphire@lemm.ee
        link
        fedilink
        English
        arrow-up
        11
        ·
        edit-2
        5 months ago

        Honestly, if your programming your ECU or something. I wouldn’t risk potentially bricking your car. It is a tool after all, something like how I prefer mikita over Milwaukee but I’ll use it to get the job done if needed.

        Edit: ECU software can be a little finicky. Jayztwocents built a PC for his mechanic friend and the application refused to start because it wasn’t an Intel CPU.

        • Shdwdrgn@mander.xyz
          link
          fedilink
          English
          arrow-up
          8
          ·
          5 months ago

          Yeah I think at the time it was a known issue that this software wouldn’t run properly in wine and I just never tried again in the last 14 years. I’m not worried about bricking the ECU, I actually have a spare sitting on the shelf, and even if it did get bad enough that I couldn’t fix it, I could probably take it to the dealer and have them re-flash it for me. Funny thing is, after going the rounds with their service guy trying to get the programming corrected from changing my gear ratio (I ended up giving them a VIN of another vehicle that came with those gears), they weren’t able to change the programming to my own VIN but the truck still ran. No worries, because my software CAN change the VIN, so once I got that squared away it’s been perfectly happy with all the new programming. I have to admit, there’s a satisfaction in telling the dealer THIS is how you fix the problem, and when you’re done with it I’ll fix the rest of the stuff you can’t do.

    • K4mpfie@feddit.org
      link
      fedilink
      English
      arrow-up
      5
      ·
      5 months ago

      Nervous sweating from the Audi-Bentley-Ducati-Lamborghini-Seat-Skoda-Volkswagen-Porsche-Conglomerate known as “Volkswagen AG”

      • witx@lemmy.sdf.org
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        They are still different brands with different features and price points. The fact that a faulty part was detected on Bentley doesn’t 100% mean a Seat will have the same issues

        • K4mpfie@feddit.org
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          Yes-ish However the differences are not as big as you think. While this might be true for the luxury brands the “common” brands do share parts, often quite crucial ones too. (Think headlamps, think servos) Also they started to borrow design aspects from each other. They are not identical but certain lines do look very similar on a quick glance

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      3
      ·
      5 months ago

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

      yes

  • Mio@feddit.nu
    link
    fedilink
    arrow-up
    5
    ·
    5 months ago

    Well, as long as you have prepared a backup system then you should be fine. Like dual booting into Linux

  • palarith@aussie.zone
    link
    fedilink
    English
    arrow-up
    29
    ·
    5 months ago

    Imho. We are too laissez faire about our dependence on computers.

    Currently doing disaster planning for compliance. What I really want to put in the docs is “If power or internet goes down we are just fucked. No planning needed. “

    • FalseMyrmidon@kbin.run
      link
      fedilink
      arrow-up
      8
      ·
      5 months ago

      I mean disaster planning is about finding ways to mitigate things like power or internet going down to minimize or eliminate their impact. That said, accepting the risk of downtime because alternatives are too expensive is a perfectly valid decision as long as it’s an intentional one.

      • palarith@aussie.zone
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        5 months ago

        Much, much more care should have being taken by all parties.

        Microsoft should not have given kernel access to crowdstrike. Crowdstrike should not have being able to push a killing update.

        Edit: Hindsight is 20 20

        • Yoruio@lemmy.ca
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          5 months ago

          I don’t think a OS should ever be LESS open about what a user can do. It should be on the user to do their due diligence and have high availability systems setup.

          Only reason Linux wasn’t affected as much was luck. this could just as easily have happened to Linux systems if the broken update targetted Linux.

          We (this community especially) criticize windows for not being more open like Linux, and all of a sudden we’re saying it should’ve been more like Apple?

          • palarith@aussie.zone
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 months ago

            I don’t think a OS should ever be LESS open about what a user can do.

            I feel blessed when a user can find the power on button.

            all of a sudden we’re saying it should’ve been more like Apple?

            Nope, all I am saying is care should scale with adoption.

            “With great power comes great responsibility”

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      The more nines you add the more exponential growth you see in cost. This is because you end with lots of idling hardware.

    • K4mpfie@feddit.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Also currently trying to get NIS2/27001 compliant before the October deadline hits? ^^

      • palarith@aussie.zone
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        2
        ·
        5 months ago

        We are a small medical practice. It would cost approx $15k in batteries to give us about 3 operating hours. Not economically viable.

        But do you think something like an airport would have enough diesel capacity to contiune operating in a power out?

        • GenderNeutralBro@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          Hospitals and airports typically have their own backup generators, yeah. Not entirely sure how long they’re prepared to operate off-grid.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          5
          ·
          5 months ago

          If you are taking about human lives it could be important. Many hospitals spends a significant amount to make sure there isn’t any downtime.