[hannasm]

Do these customers of crowd strike even have a say in these updates going out or do they all just bend over and let crowd strike have full RCE on every machine in their enterprise.

I sure hope the certificate authorities and other crypto folks get to keep that stuff off their systems at least.

[Centigonal]

I don't know if there's a way to outsource ongoing endpoint security to a third party like Crowdstrike without giving them RCE (and ring 0 too) on all endpoints to be secured. Having Crowdstrike automate that part is kind of the point of their product.

[raincole]

In our lifetime we'll see an auto update to self-driving cars that kills millions.

Well it's likely we don't see that because we might be one of the millions.

[Kwpolska]

Auto-updates of “content” (what it thinks is malware) are mandatory and bypass the option to delay updates: https://twitter.com/patrickwardle/status/1814367918425079934