Their stock price will suffer but they can waive license fees for a year or so for every endpoint affected (~$50).
They better pin this on a rogue employee, but even then, force pushing updates shouldn't be in their capability at all! They must guarantee removal of that capability.
Lawsuits should be interesting. They offer(ed?) $1 mil breach insurance to their customers, so if they were to pay only that much per customer this might be compensation north of $10B. But to be honest, wouldn't surprise me if they can pay up without going bankrupt.
The sad situation is, as twitter people were pointing out, IT teams will use this to push back against more agents for a long time to come. But in reality, these agents are very important.
Crowdstrike Falcon alone is probably the single biggest security improvement any company can make and there is hardly any competition. This could have been any security vendor, the impact is so widespread because of how widely used they are, but there is a reason why they are so widely used to begin with.
Oh and just fyi, the mitigation won't leave you unprotected, when you boot normal, the userspace exe's will replace it with a fixed version.
Yes, it offers very real protection. Crowdstrike in particular is the best in the market, speaking from experience and having worked with their competitor's products as well and responded to real world compromises.
"Obvious" is a concept that only makes sense when there is significant shared context. When it is applied to the idea that is directly in dispute, it is about as compelling an argument as "because I said so"
Perhaps that seems obvious to you. I don't view it as obvious that anyone's individual health decisions should ever be made and enforced by the state. It is obvious to me that trying to "regulate" these choices through a prohibition framework is not only ineffective, but does massive harm. However, since we're arguing about that very question, I don't feel it sufficient to merely say "it's obvious" and leave it at that.
The Volstead act didn't save us from the evils of alcohol, but it did put a lot of people in jail, strengthen organized crime, and create a reactionary push for more draconian police powers. The difference now is that the Controlled Substances Act and its international equivalents are backed by more technologically powerful governments, and cover more substances. Even in the early 20th century, prohibition policies created powerful criminal cartels and draconian police states. The controlled substances act has created both in spades, and the downstream consequences are so vast that they have arguably defined the society we live in, with its mass-incarceration, constant surveillance, and at least in the US, an incredibly punishing, byzantine, and costly healthcare system
I’m not going to comment on the second part because I don’t live in the US and I have no idea what the situation is in your corner of the world on that front.
As for the first part, you said you don’t agree about the state having a say in your health but the original problem was related to selling all sorts of drugs openly.
Do we both agree that at some point some limitation has to be put in place otherwise some people would just abuse such a system? Or do you think we should just let people do whatever and then the role of a society is to help those who end up abusing those drugs?
Because it’s happening already, people are already abusing all sorts of drugs even with some restrictions in place.
And mind you, I’m not arguing for criminalization. I’m just arguing for adding at least some regulation like requiring a prescription. I see that as a good middle ground.
But maybe it’s just me being raised here that makes me see things differently than you, that’s always a possibility.
I don't think there's any productive place to put restrictions on what drugs adults are allowed to buy of their own volition. It's not the government's job to make sure I'm making the best decisions for my health, and by and large it doesn't in any other context. I really do think people should talk to their doctor and get their expert advice on what drugs to use, when to use them, and what to look out for. I think a lot of the time a doctor should say "No, you really ought to avoid that drug. Here's why". Creating a situation where this has legal weight and can wind you up in jail, no matter how you frame it (Like what's the penalty for getting a drug without a prescription?) is doing harm.
Even without the jailtime, if we assume some people need certain drugs, and they just can't afford to talk to a doctor, or can't get an appointment for 6 months, and at best can hope to go through a process of needing to circumlocute to avoid seeming "drug-seeking" while trying to ask advice about a particular drug and get legal permission to buy it, that restriction is harming those people. I don't think a doctor telling you not to try a drug should mean you can't make that decision for yourself. I don't think more people taking adderall should trigger an investigation into doctors that decides that too many of them gave their patients that clearly wanted adderall the permission they needed to buy it. This pits doctors against their patients inherently
We absolutely should use the government to regulate sellers of drugs. We should crack down significantly on false advertising, doctors being paid to push drugs, and poor quality control practices within manufacturing operations. This is something we do inadequately under the current regime. We absolutely can't do it for black market operations. People who want drugs that are illegal currently don't have an option they can really trust to the level of things government health agencies vet. Creating demand for black market drugs by locking people out of regulated ones causes any effort the government makes regulating the sales/manufacturing side of drugs to be useless for those people
If we aren't regulated then anti-drug laws shouldn't exist. A government made up of it's people cannot regulate it's people by virtue of having a superior self control or wisdom. How can there be liberty without this?
Those are private properties or privileged activities. Eating poison, in your private home being regulated means your home is not truly yours and you have no liberty.
I’m not sure about the others in this discussion but I’m certainly not saying you shouldn’t be able to eat poison at home.
I’m saying as a society we should want to try avoid selling poison freely if we know a non negligible number of people would, in fact, eat it at home and die as a result.
And again, I’m not arguing for criminalizing the people who do get poison and eat it. I’m not arguing for criminalizing anyone actually. I’m arguing for sensible checks in place. Which is what we’re already doing with things like drivers licenses and medical prescriptions.
So long as those people are adults who are functional (can care for themselves), it isn't society's business to protect them from self-harm. Your sensible checks are violations of liberty. A person's right and authority over themselves being infringed is a loss of liberty. Society gets involved when their actions affect non-consenting members of society.
Yes and the point you’re trying to make is? That as a society we allow some things that might be risky and not others? Isn’t that obvious? We try to find a balance. Or are you suggesting that since we allow people to drive cars we should also give people easy access to all drugs?
Since you missed it, the vast majority of people can regulate their behaviour just fine and we deal with people who don’t without banning activities except for special medical exceptions.
The vast majority of people grew up in a society with regulations.
You telling me you’d be happy to let people drive a car without a drivers license? How about a plane? Should we just trust people to not drive if they’re not capable?
Nonsense. Humans do fine at regulating themselves the vast overwhelming majority of the time, and edge cases worth intervening on generally involve more than one human
Again, “humans do fine” it’s in the context of societies with already regulations in place. Do you have an example of a society with no regulations where humans do indeed “do fine”?
For many substances we consider "obviously" illegal now, yes. Most famously, Coca-Cola used to use cocaine instead of the caffeine it currently has. Even for the "prescription-only" enforcement level, this used to be the purview of the FDA and the people subject to enforcement were the ones operating pharmacies, not their customers, or people who got stuff through side channels. Maybe cops still used the excuse of drug intoxication to deal with people more harshly, but they couldn't stop and search someone merely on the suspicion that they had contraband
Drug enforcement should work like industry regulation and consumer protections, not operate on individuals as criminal penalties
C is enjoyable to write with although if others rely on your code, safety should have a higher priority.
The one thing I could never enjoy in C after getting used to languages like php and python is string handling. It isn't just dangerous but very tedious, complex and lacking elegance. Lack of a native string type and string operators really sucks.
I like being able to do "hello "+"world".
Another pro the author didn't mention is how my crapy code from 10yrs ago still works today. Can't say that about rust, go, python or most modern languages. It really sucks how "planned obsolecence" has crept it's way into programming languages.
Cut me a break. In Go and Rust it's still easy to compile old code, and these languages have very strong backwards compatibility guarantees. You might need to compile it with a flag enabled, but it is going to compile and work.
Having the ability to improve on past language design mistakes over the years by deprecating old ways in favor of new ones is nice, and the burden of migration is generally minimal (or can be done automatically).
If they stuck to binary libraries that would have been nice but since you have to build deps locally and match up the right versions, go and rust programs have been a constant headache for me similar to python. The version from debian repos never seems to be good enough, I have to install it from upstream and maintain it.
Not if you use any libraries. The whole venv/pyenv/pipx stuff of python needs to implemented for other languages too. Every program needing it's own virtual environment and tooling for every build.
10 years ago was 2014. What python code are you talking about? Deprecated, sure, and some things have been taken out of the standard distribution because nobody would maintain it(or there were reasons to not maintain it.) 2->3 conversion was 16 years ago.
While I still do run into 2.7 code, even for 3 dependencies are the problem. You always use a library of some kind and that library could use a new python feature. You could pin it but then other scripts that need the new version break. And that is if you could even easily find the module and version. Just this week I helped someone troubleshoot a bug they've been trying to fix for weeks/months and it was just a matter of the library code being too new for 3.6. It's an ever growing planned mess.
People look at this and think "dumb politicians" but that's not the right conclusion. The security teams responsible for protecting them are to blame, yes, even for poor password choices and drarkweb leaks.
Politicians don’t have electronic security teams. In a political campaign office, a politician will be very lucky to have one volunteer who understands computer security who is then responsible for herding a dozen staff and a couple hundred volunteers who don’t understand why they should care about security.
