thewayne: (Default)
What it really did was demonstrate bad IT practices, or IT shops that put entirely too much faith in their vendors (I could name a couple....)

The best practice for deploying an update is to have a computer lab that is isolated from your user/production network. Push the patch there, see what happens. Have a mix of machines in that environment. And with the proliferation of using virtual machines, it's not hard to do. You can have a mix of servers and workstations and different operating systems. THEN if everything works well there, push it out to a SUBSET of your production network.

Clearly that isn't what a lot of people did. They trust CrowStrike and just blasted it out. After all, it wasn't a code update, it was just like a virus update. What could possibly go wrong?

The problem was the update crashed the CrowdStrike driver, resulting in a blue screen of death upon reboot. And if the machine had an encrypted hard drive, it required manual intervention by IT boffins. All you had to do was delete one little bitty file, but you might not have had access to said little bitty file, particularly if said machine was encrypted.

Everything at the university yesterday seemed fine when I got in to work, no emails from main campus about subsystems being down, so that was nice. And it only affected Microsoft machines. Linux and Mac were safe.

To compound matters, Microsoft had some problems with their Azure cloud service, unrelated to the ClownStrike problem.

https://krebsonsecurity.com/2024/07/global-microsoft-meltdown-tied-to-bad-crowstrike-update/
thewayne: (Default)
Designed to lure people away from Adobe, they're also offering a very good deal on a perpetual license: apparently $165 for all three packages FOREVER.

The software is Photo, Designer, and Publisher, available for Mac, PC, and iPad. I'm not sure if it's buy once, good for all three platforms, which would be useful for me as I use all three. I don't have time to go over the article right now.

https://www.theverge.com/2024/7/8/24194281/affinity-creative-suite-six-month-free-trial-deal-announcement

https://tech.slashdot.org/story/24/07/08/2345250/affinity-tempts-adobe-users-with-6-month-free-trial-of-creative-suite
thewayne: (Default)
Apple has pushed a security update for all devices - Macs, iPhones, iPads - to fight Pegasus spyware. A flaw in said spyware, by Israeli NSO Group, led to its detection by a security research group who tipped Apple who fixed the flaw in their software.

So get updating!

https://www.reuters.com/technology/new-flaw-apple-devices-led-spyware-infection-researchers-say-2023-09-07/
thewayne: (Default)
This is excellent news. Most of Windows is written in C and C++. Those languages have memory problems. Let's use a simple example. There's a programming construct known as an array, it's sort of an indexed list. Let's say we have an array called MyList(10). It has ten elements to it, what's in them doesn't really matter. What happens when you try to reference element 11?

Usually in the C family of languages, you access the memory 'above' the tenth element and what is returned is undefined: we don't know what it will contain. Maybe it overlaps with the password cache, perhaps it has your banking account number in it.

Now, to be fair to C (personally I hate the C/C++ languages, but I firmly believe in 'to each their own'), later versions have better protection against accessing outside array boundaries and things like that which can cause information to leak.

A while back another programming language came to town, Rust. And it is designed, from the clear page, to have memory protection that will prevent access to element 11 and other buffer/memory issues. Which means that code, properly developed! (always a big problem), will theoretically be safer/more secure than C family languages.

Microsoft is now rewriting some subsystems in the Windows operating system into Rust!!!

This is excellent news. The ability to improve security is always a good thing, and this is the first step in doing it. You simply cannot rewrite the entirety of Windows in Rust in one swell foop, but you can rewrite portions of it - letting you see how it works - and progressively get the whole thing redone eventually!

This is now in an Insider edition of Windows 11, meaning it will eventually see the light of day to all users, and should be completely transparent.

In other Rust news, Linux has started rewriting SUDO into Rust. Sudo is a program that lets an account that does not have administrative permission run admin commands if they have the password for it. A fundamental rule of network security, and computer security in general, is to NEVER let your users run their local machines as administrator! Aside from the fact that it gives them far too much control to utterly screw their machine over - and I've seen it! - if your account with admin permissions gets taken over by malware, that's a leverage point to get into the entire network and subvert it!

Speaking as a system administrator, we see far too many programs that won't work if the user is not an administrator on the machine. The normal vendor solution? Make the user an admin. Usually this is caused by the bad coding practice of the developers having admin access on their computers, which really ticks me off. If a software package only runs as administrator, then it's badly written. We can usually develop some selective permissions to make such software work without giving the user admin, but it's always a PITB.

https://www.thurrott.com/windows/windows-11/282995/first-rust-code-shows-up-in-the-windows-11-kernel

May 2025

S M T W T F S
    1 23
45678910
1112 131415 1617
18 19 20 212223 24
25262728 2930 31

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jun. 7th, 2025 04:40 pm
Powered by Dreamwidth Studios