[userbinator]

How is it possible that someone sends out an update affecting the behavior of kernel mode code, all at once, simultaneously, to millions and millions of systems around the whole globe at once!?

Looking at all the responses to the incident advocating for more centralised control, it almost seems like it was a deliberate provoking of the acceleration towards digital totalitarianism. "The only thing we have to fear, is fear itself."

If it's not - all an attacker would have to do is to deposit a file in %WINDIR%\System32\drivers\CrowdStrike with a name such as C-00000291.sys containing zeros - and the system becomes unbootable without manual intervention!*

An attacker who has already gained enough permissions to do that can just "delete system32" instead, or worse.

[hk1337]

> digital totalitarianism

That seems a bit dramatic. I don’t do big corporate IT but I thought a lot of corporate IT shops have the ability with Microsoft to choose what updates are pushed out to computers on their domain. If so, then something like that could have prevented it, presuming they have the ability to allow a single computer or small group to receive the update to confirm it works successfully.

[salawat]

It's not overly dramatic at all. Think about what these IT systems we build are fundamentally designed to do. An ID for everything, an event for every transaction, all of which are becoming more and more integrated under central authorities, whether intentionally or not.

I'm getting to the point where I'm not willing to implement these types of systems for anyone anymore. Not after seeing the breadth of data hoovering and consolidation being pursued.

At some point I just realized the only thing preventing these systems being used in the ways I dread is y'all being decent.

...I'm not willing to cut that check anymore. Seen too much.