imagladry

About

Username
imagladry
Joined
Visits
48
Last Active
Roles
member
Points
86
Badges
0
Posts
106
  • Microsoft blames European Commission for global CrowdStrike catastrophe

    M68000 said:
    This seems to be totally a QA testing issue.  Was any testing done? 

    So the answer to this is, "it's complicated". Some of this is going to be a bit simplified, but it's accurate enough.

    Software on Windows can run in two modes: kernel mode; and user mode. User mode software shouldn't ever be able to cause a BSOD.

    Security software needs to run in kernel mode. There are good reasons for this: malware often hides deep in the OS in places where user mode software can't find it. CrowdStrike Falcon works like a device drive, which allows it to reside in kernel mode and access system data structures and services.

    "Heck," you're thinking, "so can anyone write a device driver and get their software running in kernel mode?" Well, no: Windows will display a warning unless a driver has passed Microsoft's WHQL testing process. In some cases, Windows won't even allow the driver to run.

    Falcon is WHQL certified, so it *should* be pretty robust and not cause a BSOD. But there's a catch: it relies on dynamic definition files, which are deployed to update its configuration. From what I hear, Crowdstrike accidentally deployed one which contained nothing but zeros, which led to a catastrophic error. In other words, they simply deployed the wrong file. No testing will catch that -- it's a file that wasn't meant to be deployed at all.

    M68000 said:
    This seems to be totally a QA testing issue.  Was any testing done? 

    So the answer to this is, "it's complicated". Some of this is going to be a bit simplified, but it's accurate enough.

    Software on Windows can run in two modes: kernel mode; and user mode. User mode software shouldn't ever be able to cause a BSOD.

    Security software needs to run in kernel mode. There are good reasons for this: malware often hides deep in the OS in places where user mode software can't find it. CrowdStrike Falcon works like a device drive, which allows it to reside in kernel mode and access system data structures and services.

    "Heck," you're thinking, "so can anyone write a device driver and get their software running in kernel mode?" Well, no: Windows will display a warning unless a driver has passed Microsoft's WHQL testing process. In some cases, Windows won't even allow the driver to run.

    Falcon is WHQL certified, so it *should* be pretty robust and not cause a BSOD. But there's a catch: it relies on dynamic definition files, which are deployed to update its configuration. From what I hear, Crowdstrike accidentally deployed one which contained nothing but zeros, which led to a catastrophic error. In other words, they simply deployed the wrong file. No testing will catch that -- it's a file that wasn't meant to be deployed at all.
    Well written. I do take exception to one thing though.

    <blockquote>In other words, they simply deployed the wrong file. No testing will catch that -- it's a file that wasn't meant to be deployed at all. <blockquote>


    As some who has written installation packages, with any company worth their salt, the install package goes through testing, also. That would have caught the zero file. 
    ronnwilliamlondonbaconstangradarthekatwatto_cobra
  • 'Making Apple Vision Pro' video delves into precise aluminum cutting & assembly

    Feels incomplete without Ive saying al-u-lem-e-um
    bloggerblogwilliamlondonForumPostchasmwatto_cobra
  • MagSafe on the new MacBook Pro: Everything you need to know

    The benefit of being able to charge from either side was well worth it for me at the time. 

    You must have a MB or MBP. The most recent MBA have all their ports on the left side. So, a benefit I can not experience.

    williamlondonwatto_cobra
  • iPhone SE returns to Apple's clearance store for third time in January

    DAalseth said:
    This would be great if they kept size and upgraded processor. Their support will end soon and $300 might be waste of money. Having hardware upgraded phone for $500 that would be supported for next 4 years would be much better option. I was personally in the situation like that and as much as I like iPhone SE and its attractive price I will not buy it because of limited time support. I upgrade mobile phones every 4-5 years. I do not care what others do and I definitely do not have time for playing phone upgrades and hype - this only tool for me. So to keep cost efficiency and upgrade I went Android LG which offers solid functions (some quality is way better than newest iPhone's like screen and sound). Sorry Apple, but that was good run with 5S for last years. No more and absolutely nothing that exceeds $600 price mark for phone.
    This is what I tell people who say if I don't want to pay $1k+ for an iPhone XS then get an 8 or a 7. Yes I can save a few hundred but it will have a significantly shorter lifespan. Apple will stop pushing iOS updates that much sooner. I and not sure if my SE or my wife's 6 will get iOS 13 later this year. Once that happens the clock is ticking. We will be looking to update after that. It makes no sense to replace them with a 7 that will be in the same boat in a year or two. 
    The A9 chip found in the iPhone SE is pretty powerful. AR currently works with it. I also find it hard to believe that Apple would sell new phones and then eliminate them from upgrades 9 months later.
    michaelahlersMisterKitDAalsethbackstabbaconstang
  • Apple Silicon transition may hit its two-year target with 2022 Mac Pro

    mike54 said:
    After all the unlimited praise youtubers, tech sites, Apple fanboius, etc gave the M1, I just hope Apple is not taking advantage of this praise, milking as much revenue as they can from it, thereby delaying advancement. Apple does have a bad habit of releasing something great and then sitting on it past its use-by date.
    ah, they produce a new A Series chip every year. My guess is that will be the plan for the M Series, also. Is that "sitting on it past its use-by date?"
    MplsPwilliamlondonroundaboutnowwatto_cobra
  • Saudi Arabia passes law requiring USB-C charges for smartphones

    Acut down on e-waste? You know how many cables I have to throw out with the switch to USBB-C?
    baconstangdanoxwatto_cobra
  • Zuckerberg thinks Apple is making aggressive moves now to control the metaverse

    And what is Mark trying to do?
    bloggerblogwatto_cobra
  • Apple introduces iOS 16 with a revamped widget-covered lock screen, Wallet and Map changes...

    Finally, Shared photo library. That was the one thing that keep me using Photo streams. 
    watto_cobra
  • Apple culture hinders recruitment and talent retention efforts, report says

    The blanket 60-80 hrs statement is never a blanket. Living minutes away from MS, I have heard stories of work hrs of 60-100+ hrs, At the same time, I have also stories of supers kicking out their charges if it is after 5:00 PM.
    iosenthusiast
  • Apple hit with lawsuit targeting AppleCare+ refurbished devices

    Looks like I got lied to. My wife's out of warranty iPhone 5c died and was offered a "new" replacement. I asked if the phone was new? I got told yes. Not refurbished? I got told no, it is new. Sucker died in 6 months and store will not stand behind it. Lied to 3 different times.