Hacker News new | ask | show | jobs
by arccy 693 days ago
there's an eBPF mode for linux which is safe(r)

so windows can still be blamed for not providing a relatively safe way of doing this.
2 comments
vbezhenar 692 days ago
https://access.redhat.com/solutions/7068083

Kernel panic observed after booting 5.14.0-427.13.1.el9_4.x86_64 by falcon-sensor process.

eBPF program causes kernel panic on kernels 5.14.0-410+ .

Apparently not safe enough for CrowdStrike.

link
noisem4ker 693 days ago
Windows supports eBPF too.
link